Jenkins Shared Library
-
Updated
Aug 17, 2023 - Groovy
Jenkins Shared Library
A paper on supply chain security in software development for Uni.
A wrapper for running in-toto commands and using dbom repositories as the storage medium for the in-toto attestations
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
Pipeline for patching CVEs in container images 💉📦
Github Action implementation of SLSA Provenance Generation
in-toto is a framework to secure the software supply chain.
Enabling Software Supply Chain Security Capabilities in ArgoCD
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Add a description, image, and links to the in-toto topic page so that developers can more easily learn about it.
To associate your repository with the in-toto topic, visit your repo's landing page and select "manage topics."