spdx / sbom-landscapeLinks
SPDX SBOM Landscape
β16Updated 2 years ago
Alternatives and similar repositories for sbom-landscape
Users that are interested in sbom-landscape are comparing it to the libraries listed below
Sorting:
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.β65Updated this week
- π CNCF Community Awardsβ25Updated last week
- Helm Chart for deploying GUACβ18Updated 3 months ago
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworksβ33Updated 5 months ago
- Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchoreβ65Updated last week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.β43Updated last year
- SPDX Merge toolβ47Updated 5 months ago
- Automating Compliance Tooling Projectβ22Updated 3 years ago
- β64Updated last year
- Integrates Spiffe and Vault to have secretless authenticationβ92Updated last week
- GitVote is a GitHub application that allows holding a vote on issues and pull requestsβ125Updated 2 weeks ago
- To manage Docker Content Trust and Notary certificatesβ13Updated last week
- Cloud Storage Kubernetes Operator with Go and Operator SDKβ12Updated 4 years ago
- depstat is a dependency analyzer for Go modules enabled projects. It runs as part of the Kubernetes CI pipeline to help evaluate dependenβ¦β36Updated 10 months ago
- A Kubewarden Policy that verifies all the signatures of the container images referenced by a Podβ13Updated last week
- Operator deploying the Observatorium projectβ14Updated last year
- Trivy plugin for OCI referrersβ23Updated last year
- Helm charts for sigstore projectβ80Updated last week
- β20Updated 2 weeks ago
- Sigstore user storiesβ30Updated 2 years ago
- K8S Operator for Rekorβ20Updated 2 years ago
- β14Updated 2 years ago
- β14Updated last year
- Administrative tooling for Falcoβ110Updated this week
- Collection of Go packages to work with SPDX filesβ152Updated 2 weeks ago
- Hermeto is a CLI tool that prefetches your project dependencies to aid in making your container build process hermetic.β22Updated last week
- sbomasm: The Complete SBOM Management Toolkitβ80Updated last week
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'β¦β33Updated 2 years ago
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practicesβ137Updated this week
- β23Updated 2 years ago