Jenkins Shared Library
-
Updated
Aug 17, 2023 - Groovy
Jenkins Shared Library
A paper on supply chain security in software development for Uni.
Pipeline for patching CVEs in container images 💉📦
A wrapper for running in-toto commands and using dbom repositories as the storage medium for the in-toto attestations
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
in-toto is a framework to secure the software supply chain.
Enabling Software Supply Chain Security Capabilities in ArgoCD
Github Action implementation of SLSA Provenance Generation
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Add a description, image, and links to the in-toto topic page so that developers can more easily learn about it.
To associate your repository with the in-toto topic, visit your repo's landing page and select "manage topics."