slsa-framework / example-package
☆17Updated this week
Related projects ⓘ
Alternatives and complementary repositories for example-package
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆56Updated this week
- Go library for Sigstore signing and verification☆47Updated last week
- Log monitor for Rekor to verify immutability and monitor entries☆25Updated this week
- Protocol Buffer specifications☆23Updated this week
- TUF repository for Sigstore trust root☆88Updated this week
- Helm charts for sigstore project☆65Updated this week
- A TUF repository and signing tool☆21Updated this week
- ☆21Updated last year
- Go library for Sigstore signing and verification☆16Updated last year
- A GitHub Action used for publishing an Action to ghcr.io as an OCI container.☆33Updated this week
- Build and deploy Go applications with Terraform☆27Updated last week
- Go implementation of The Update Framework heavily influenced by python-tuf☆13Updated 8 months ago
- Helm Chart for deploying GUAC☆14Updated 3 months ago
- Sigstore user stories☆29Updated last year
- Search Rekor for entries☆23Updated 3 months ago
- Cryptographic and general-purpose routines for Golang Secure Systems Lab projects at NYU☆23Updated this week
- A CLI used to work with the Wolfi OSS project☆57Updated this week
- ☆30Updated 2 weeks ago
- GitHub Actions for signing and verifying artifacts with Notation☆16Updated last week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆41Updated last year
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- A High-Availability distribution of Knative.☆20Updated 7 months ago
- A Kubernetes admission controller driven by open-feature☆13Updated last year
- ☆56Updated 2 years ago
- SLSA Proposals☆9Updated 9 months ago
- A specification for signing methods and formats used by Secure Systems Lab projects.☆68Updated 2 months ago
- GitHub Action to check Docker system status in your workflow☆11Updated 2 weeks ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆130Updated this week
- ☆26Updated this week
- A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.☆39Updated this week