wagoodman / go-bouncer
Reports on the licenses used by a Go package and its dependencies.
☆10Updated 7 months ago
Alternatives and similar repositories for go-bouncer:
Users that are interested in go-bouncer are comparing it to the libraries listed below
- native go library for installation and management of apk packages☆29Updated 9 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆60Updated this week
- Transparenty Immutable Container Image Tags☆20Updated last year
- ☆20Updated 7 months ago
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- oci and apk explorer☆53Updated this week
- A CLI used to work with the Wolfi OSS project☆61Updated this week
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆11Updated 3 years ago
- Dynamic GitHub Actions from Wolfi packages☆42Updated 10 months ago
- Go modules related to OCI (Open Container Initiative) registries☆24Updated last week
- Helper methods for Magefiles☆33Updated 2 years ago
- ☆56Updated 2 years ago
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆62Updated this week
- ☆18Updated last week
- Trivy plugin for OCI referrers☆23Updated 10 months ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- Keyless Git signing with cosign!☆11Updated 2 years ago
- [Experimental] jail for Go modules☆75Updated this week
- sigstore installation walkthrough, local☆57Updated 10 months ago
- Go module to generate and transform VEX documents☆38Updated 2 weeks ago
- A tool to create, transform and attest VEX metadata☆130Updated last week
- To manage Docker Content Trust and Notary certificates☆12Updated this week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆54Updated 2 weeks ago
- Git provider client for Go☆71Updated 2 weeks ago
- ☆36Updated last year
- A collection of Dagger modules powered by Dagger.☆13Updated 3 months ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆136Updated last week
- GitHub actions for the chainguard-images☆19Updated 3 weeks ago