A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
-
Updated
Jun 5, 2024 - Go
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Github Action implementation of SLSA Provenance Generation
Enabling Software Supply Chain Security Capabilities in ArgoCD
in-toto is a framework to secure the software supply chain.
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
A wrapper for running in-toto commands and using dbom repositories as the storage medium for the in-toto attestations
Jenkins Shared Library
A paper on supply chain security in software development for Uni.
Pipeline for patching CVEs in container images 💉📦
Add a description, image, and links to the in-toto topic page so that developers can more easily learn about it.
To associate your repository with the in-toto topic, visit your repo's landing page and select "manage topics."