Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: slsaprovenance

Repositories

slsa-framework/slsa-github-generator

Language-agnostic SLSA provenance generation for Github Actions

Language: Go - Size: 28.1 MB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 380 - Forks: 115

jenstroeger/python-package-template

An opinionated Python package/application template repository, with SLSA and SBOM support built in, enabled for security scanners, code linters, typing, testing and code coverage monitoring, and release automation for reproducible builds.

Language: Makefile - Size: 707 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 33 - Forks: 11

deislabs/image-layer-provenance 📦

Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.

Language: Go - Size: 8.33 MB - Last synced: about 2 months ago - Pushed: 7 months ago - Stars: 40 - Forks: 2

GoTurkiye/goreleaser-supply-chain-example

A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance

Language: Go - Size: 41 KB - Last synced: 11 months ago - Pushed: over 2 years ago - Stars: 4 - Forks: 0

Related Keywords

slsaprovenance 4 slsa 4 sbom 2 security-tools 2 security 2 docker 1 oci 1 oci-image 1 oras 1 provenance 1 security-audit 1 vulnerabilities 1 vulnerability 1 vulnerability-assessment 1 vulnerability-management 1 cosign 1 githubactions 1 goreleaser 1 grype 1 syft 1 cve 1 containers 1 containerization 1 container-image 1 container 1 template-repository 1 security-automation 1 secure-by-design 1 reproducible-builds 1 release-automation 1 python-package 1 python 1 conventional-commits 1 security-hardening 1