Alternatives and similar repositories for sigstore-python

Users that are interested in sigstore-python are comparing it to the libraries listed below

• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆52Updated last week
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆74Updated last week
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆35Updated 3 weeks ago
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆92Updated last week
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆263Updated 2 weeks ago
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆128Updated last month
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆50Updated this week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆74Updated last week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆211Updated last month
• psf / sboms-for-python-packages
  Software Bill-of-Materials documents for Python packages
  ☆39Updated 3 months ago
• gittuf / gittuf
  A security layer for Git repositories
  ☆525Updated this week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆106Updated this week
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆82Updated this week
• sigstore / fulcio
  Sigstore OIDC PKI
  ☆726Updated this week
• sethmlarson / truststore
  Verify certificates using OS trust stores
  ☆185Updated 3 months ago
• pypi / inspector
  🕵️ File browser for distributions on PyPI
  ☆104Updated 2 weeks ago
• sigstore / rekor-monitor
  Log monitor for Rekor to verify immutability and monitor entries
  ☆34Updated this week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆136Updated this week
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆107Updated last week
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆290Updated this week
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆33Updated 2 months ago
• sigstore / root-signing
  TUF repository for Sigstore trust root
  ☆103Updated this week
• github / annotated-logger
  A decorator to aid in annotating logs for easier reading and searching
  ☆86Updated this week
• ossf / security-insights-spec
  Machine-readable specification for the attestation of security-relevant data.
  ☆59Updated 3 weeks ago
• in-toto / attestation
  in-toto Attestation Framework
  ☆274Updated 2 weeks ago
• abravalheri / validate-pyproject
  Validation library for simple check on `pyproject.toml`
  ☆160Updated this week
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆121Updated 4 months ago
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆96Updated last week
• psf / fundable-packaging-improvements
  Packaging improvements that could be funded
  ☆54Updated 2 years ago
• spdx / spdx-3-model
  The model for the information captured in SPDX version 3 standard.
  ☆83Updated last week