A TUF repository and signing tool
☆43Feb 24, 2026Updated last week
Alternatives and similar repositories for tuf-on-ci
Users that are interested in tuf-on-ci are comparing it to the libraries listed below
Sorting:
- Witness Examples☆12Feb 27, 2024Updated 2 years ago
- Log monitor for Rekor to verify immutability and monitor entries☆48Updated this week
- Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.☆21Feb 16, 2026Updated 2 weeks ago
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆19Feb 6, 2026Updated 3 weeks ago
- in-toto Enhancements☆20Feb 17, 2025Updated last year
- Go implementation of The Update Framework heavily influenced by python-tuf☆14Mar 7, 2024Updated last year
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆33Apr 22, 2025Updated 10 months ago
- Umbrella Repository Service for TUF☆61Feb 23, 2026Updated last week
- ☆11Nov 10, 2025Updated 3 months ago
- Privateer plugin for scanning the security hygiene of a GitHub repository.☆20Updated this week
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- Post-quantum trusted time-stamping server☆17Dec 11, 2024Updated last year
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Updated this week
- TUF repository for Sigstore trust root☆118Updated this week
- Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU☆52Feb 24, 2026Updated last week
- in-toto Attestation Framework☆326Feb 17, 2026Updated 2 weeks ago
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- Privateer is a plugin-based framework for security & compliance evaluations.☆18Updated this week
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Jul 5, 2023Updated 2 years ago
- Notary Project Website☆27Nov 10, 2025Updated 3 months ago
- To manage Docker Content Trust and Notary certificates☆13Updated this week
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆21Updated this week
- ☆18Jul 30, 2024Updated last year
- A curated list of awesome CNAB (Cloud Native Applications Bundles) | https://cnab.io/☆16Dec 17, 2020Updated 5 years ago
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆18Updated this week
- A community collection of security reviews of open source software components.☆97Feb 29, 2024Updated 2 years ago
- Go library for Sigstore signing and verification☆84Feb 23, 2026Updated last week
- A security layer for Git repositories☆578Updated this week
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 3 months ago
- An http proxy for reproducibility.☆19Jan 10, 2023Updated 3 years ago
- 🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)☆39Feb 26, 2026Updated last week
- ☆23Oct 26, 2021Updated 4 years ago
- Specification for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆26Nov 17, 2025Updated 3 months ago
- ☆22Jul 24, 2025Updated 7 months ago
- A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root☆21Oct 20, 2022Updated 3 years ago
- A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.☆42Feb 16, 2026Updated 2 weeks ago
- Integrates Spiffe and Vault to have secretless authentication☆97Updated this week
- Supply chain security for ML☆226Updated this week
- GitHub Apps in Golang, inspired by Probot☆17Aug 29, 2023Updated 2 years ago