sigstore / gitsign
Keyless Git signing using Sigstore
☆945Updated this week
Related projects ⓘ
Alternatives and complementary repositories for gitsign
- Software Supply Chain Transparency Log☆900Updated this week
- Sigstore OIDC PKI☆656Updated this week
- Build OCI images from APK packages directly without Dockerfile☆1,206Updated this week
- Main package repository for production Wolfi images☆824Updated this week
- A security layer for Git repositories☆465Updated this week
- An anonymous & ephemeral Docker image registry☆529Updated last month
- Public Chainguard Images☆547Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆416Updated this week
- Common go library shared across sigstore services and clients☆449Updated this week
- build APKs from source code☆428Updated this week
- Language-agnostic SLSA provenance generation for Github Actions☆432Updated this week
- A tool for securing CI/CD workflows with version pinning.☆773Updated 3 months ago
- Verify provenance from SLSA compliant builders☆230Updated 3 weeks ago
- Reference implementation of OpenPubkey☆655Updated 2 months ago
- diff for Docker and OCI container images☆313Updated this week
- A CLI tool to sign and verify artifacts☆351Updated this week
- A Declarative Dependency Management tool☆578Updated this week
- Inspect certificate authorities in container images☆228Updated 6 months ago
- OCI registry client - managing content like artifacts, images, packages☆1,499Updated this week
- Regal is a linter and language server for Rego, bringing your policy development experience to the next level!☆261Updated this week
- Supply Chain Security in Tekton Pipelines☆248Updated this week
- Code signing and transparency for containers and binaries☆4,516Updated this week
- A utility to generate SPDX-compliant Bill of Materials manifests☆344Updated last week
- A simple application deployment framework built on Kubernetes☆1,132Updated 8 months ago
- in-toto Attestation Framework☆249Updated this week
- Automated changelog tool for preparing releases with lots of customization options☆696Updated last week
- zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specific…☆949Updated this week
- Container image registry that serves images built fresh when you ask for them☆213Updated 9 months ago
- Network egress filtering and runtime security for GitHub-hosted and self-hosted runners☆621Updated this week
- Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and mo…☆375Updated this week