Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "slsaprovenance"

slsa-framework/slsa-github-generator

Language-agnostic SLSA provenance generation for Github Actions

Language: Go - Size: 36.8 MB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 480 - Forks: 151

deislabs/image-layer-provenance 📦

Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.

Language: Go - Size: 8.33 MB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 43 - Forks: 2

jenstroeger/python-package-template

An opinionated Python package/application template repository, with SLSA and SBOM support built in, enabled for security scanners, code linters, typing, testing and code coverage monitoring, and release automation for reproducible builds.

Language: Makefile - Size: 712 KB - Last synced at: about 10 hours ago - Pushed at: about 12 hours ago - Stars: 35 - Forks: 11

GoTurkiye/goreleaser-supply-chain-example

A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance

Language: Go - Size: 41 KB - Last synced at: about 1 year ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 0

Related Topics
slsa 4 security-tools 2 security 2 sbom 2 container 1 container-image 1 containerization 1 containers 1 cve 1 docker 1 oci 1 oci-image 1 oras 1 provenance 1 security-audit 1 vulnerabilities 1 vulnerability 1 vulnerability-assessment 1 vulnerability-management 1 security-hardening 1 template-repository 1 security-automation 1 secure-by-design 1 reproducible-builds 1 release-automation 1 python-package 1 python 1 conventional-commits 1 syft 1 grype 1 goreleaser 1 githubactions 1 cosign 1