Alternatives and similar repositories for sigstore-python

Users that are interested in sigstore-python are comparing it to the libraries listed below

• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆64Updated this week
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆39Updated this week
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆82Updated last week
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆231Updated last week
• psf / sboms-for-python-packages
  Software Bill-of-Materials documents for Python packages
  ☆45Updated 10 months ago
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆130Updated 3 months ago
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆316Updated last week
• CycloneDX / cyclonedx-python-lib
  Functionality and DataModels of OWASP CycloneDX for Python
  ☆100Updated this week
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆37Updated last week
• CycloneDX / cyclonedx-python
  CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
  ☆350Updated this week
• slsa-framework / slsa-verifier
  Verify provenance from SLSA compliant builders
  ☆303Updated 2 months ago
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆111Updated 2 weeks ago
• secure-systems-lab / securesystemslib
  Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
  ☆52Updated last week
• sonatype-nexus-community / jake
  Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
  ☆132Updated 7 months ago
• repository-service-tuf / repository-service-tuf
  Umbrella Repository Service for TUF
  ☆58Updated this week
• sarugaku / resolvelib
  Resolve abstract dependencies into concrete ones
  ☆160Updated 2 months ago
• kushaldas / johnnycanencrypt
  Python module for OpenPGP written in Rust.
  ☆53Updated 2 weeks ago
• sethmlarson / truststore
  Verify certificates using OS trust stores
  ☆214Updated last month
• python-jsonschema / check-jsonschema
  A CLI and set of pre-commit hooks for jsonschema validation with built-in support for GitHub Workflows, Renovate, Azure Pipelines, and mo…
  ☆292Updated this week
• aboutcode-org / license-expression
  Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …
  ☆72Updated 5 months ago
• github / annotated-logger
  A decorator to aid in annotating logs for easier reading and searching
  ☆94Updated last week
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆85Updated last month
• pypi / inspector
  🕵️ File browser for distributions on PyPI
  ☆113Updated last week
• aboutcode-org / purldb
  Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…
  ☆58Updated last week
• psf / fundable-packaging-improvements
  Packaging improvements that could be funded
  ☆57Updated 2 years ago
• dlint-py / dlint
  Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
  ☆174Updated 2 weeks ago
• nedbat / scriv
  Changelog management tool
  ☆297Updated last week
• ddelange / pipgrip
  Lightweight pip dependency resolver with deptree preview functionality based on the PubGrub algorithm
  ☆204Updated 2 weeks ago
• pypa / abi3audit
  Scans Python packages for abi3 violations and inconsistencies
  ☆120Updated 3 weeks ago
• pyupio / dparse
  A parser for Python dependency files
  ☆65Updated last year