Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with slsa

A curated list of projects in awesome lists tagged with slsa .

- Recently synced
- Stars

https://github.com/slsa-framework/slsa-github-generator

Language-agnostic SLSA provenance generation for Github Actions

security security-hardening security-tools slsa slsaprovenance

Last synced: 03 Aug 2024

https://github.com/chainloop-dev/chainloop

Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

attestation compliance cyclonedx devsecops in-toto license metadata-platform open-source-licensing ospo oss-compliance regulated-industry sbom sbom-discovery sbom-distribution security slsa slsa-provenance spdx supply-chain-security

Last synced: 03 Aug 2024

https://github.com/kubernetes-sigs/tejolote

A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.

attestation provenance sbom sigstore slsa

Last synced: 04 Aug 2024

https://github.com/jenstroeger/python-package-template

An opinionated Python package/application template repository, with SLSA and SBOM support built in, enabled for security scanners, code linters, typing, testing and code coverage monitoring, and release automation for reproducible builds.

conventional-commits python python-package release-automation reproducible-builds sbom secure-by-design security-automation slsa slsaprovenance template-repository

Last synced: 02 Nov 2024

https://github.com/thomasvitale/supply-chain-security-java

Samples showing how to secure the supply chain for Java applications.

cyclonedx java sbom sigstore slsa supply-chain-security

Last synced: 26 Oct 2024

https://github.com/sergiomarotco/Azure-DevOps-Server-segmentation-cheat-sheet

Azure DevOps Server development system segmentation best practices

azure-devops azure-devops-server cicd-segmentation devsecops-best-practices dsomm network-segmentation security-cheat-sheets slsa supply-chain-security

Last synced: 23 Oct 2024

https://github.com/hashicorp/actions-go-build

Define a reproducible Go build.

build crt go reproducible slsa

Last synced: 07 Oct 2024

https://github.com/googlecloudplatform/aactl

Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.

artifact attestations build container cosign gcb gcp import predicate sbom sigstore slsa

Last synced: 07 Oct 2024

https://github.com/docker/attest

Library to create, verify, and evaluate policy for attestations on container images

attestation in-toto oci rego slsa supply-chain-security the-update-framework

Last synced: 02 Nov 2024

https://github.com/andros21/rustracer

rustracer - a multi-threaded raytracer in pure rust

cargo clap cosign coverage cue rayon raytracing rust slsa yaml

Last synced: 14 Oct 2024

https://github.com/dominikwilkowski/bronzies

A Lifesaver learning app for bronze proficiency level

highscore reactjs signals slsa teaching-tool

Last synced: 14 Oct 2024

https://github.com/ifimust/srsr

Really Simple Service Registry

gin go golang microservices slsa

Last synced: 15 Oct 2024