Alternatives and similar repositories for sigstore-python:

Users that are interested in sigstore-python are comparing it to the libraries listed below

• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆51Updated this week
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆256Updated 2 weeks ago
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆73Updated 3 months ago
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆88Updated 2 weeks ago
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆35Updated last month
• CycloneDX / cyclonedx-python-lib
  Python implementation of OWASP CycloneDX
  ☆80Updated this week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆74Updated 2 weeks ago
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆105Updated this week
• github / annotated-logger
  A decorator to aid in annotating logs for easier reading and searching
  ☆85Updated this week
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆47Updated this week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆208Updated last week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆198Updated 2 weeks ago
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆126Updated last month
• psf / sboms-for-python-packages
  Software Bill-of-Materials documents for Python packages
  ☆36Updated 2 months ago
• gittuf / gittuf
  A security layer for Git repositories
  ☆503Updated last week
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆168Updated 3 weeks ago
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆284Updated this week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆117Updated last week
• secure-systems-lab / securesystemslib
  Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
  ☆49Updated this week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆229Updated 8 months ago
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆104Updated last week
• slsa-framework / slsa-github-generator
  Language-agnostic SLSA provenance generation for Github Actions
  ☆461Updated last month
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆180Updated 7 months ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆78Updated 4 months ago
• sigstore / fulcio
  Sigstore OIDC PKI
  ☆712Updated this week
• sigstore / model-transparency
  Supply chain security for ML
  ☆154Updated last week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆304Updated this week
• sigstore / root-signing
  TUF repository for Sigstore trust root
  ☆100Updated this week
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆30Updated last month
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆120Updated 3 months ago