sigstore / rekorLinks
Software Supply Chain Transparency Log
☆1,014Updated this week
Alternatives and similar repositories for rekor
Users that are interested in rekor are comparing it to the libraries listed below
Sorting:
- Sigstore OIDC PKI☆759Updated last week
- Common go library shared across sigstore services and clients☆489Updated last week
- in-toto is a framework to protect supply chain integrity.☆950Updated last week
- Keyless Git signing using Sigstore☆1,033Updated last week
- in-toto Attestation Framework☆298Updated 3 weeks ago
- Language-agnostic SLSA provenance generation for Github Actions☆500Updated 3 months ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆497Updated this week
- Verify provenance from SLSA compliant builders☆285Updated 2 months ago
- A CLI tool to sign and verify artifacts☆430Updated last week
- Supply Chain Security in Tekton Pipelines☆258Updated this week
- A security layer for Git repositories☆546Updated this week
- ☆248Updated this week
- build APKs from source code☆516Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆414Updated last week
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆492Updated last week
- Platform AbstRaction for SECurity service☆498Updated 4 months ago
- Build OCI images from APK packages directly without Dockerfile☆1,435Updated this week
- Supply-chain Levels for Software Artifacts☆1,735Updated this week
- A reading list for software supply-chain security.☆364Updated 2 years ago
- Reference implementation of OpenPubkey☆858Updated last month
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆458Updated this week
- Public Chainguard Images☆630Updated last week
- The SPIFFE Runtime Environment☆2,074Updated this week
- Cross tooling and interoperability specifications☆174Updated 4 months ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,410Updated this week
- Software Supply Chain Security Platform☆352Updated last week
- The Update Framework specification☆393Updated last year
- Main package repository for production Wolfi images☆1,050Updated this week
- The SPIFFE Project☆1,636Updated 3 weeks ago
- OpenVEX Specification☆158Updated 4 months ago