Agentic AI Workflows for Development Chores
-
Updated
May 9, 2024 - Python
#
supply-chain
Here are 500 public repositories matching this topic...
Endo is a distributed secure JavaScript sandbox, based on SES
javascript
security
multi-tenant
sandbox
supply-chain
capabilities
hardened
ocaps
powerbox
prototype-pollution
captp
-
Updated
May 9, 2024 - JavaScript
A tool to create, transform and attest VEX metadata
-
Updated
May 9, 2024 - Go
Software Supply Chain Transparency Log
-
Updated
May 8, 2024 - Go
Code-signing for npm packages
-
Updated
May 8, 2024 - TypeScript
Command line interface for the Phylum API
rust
cli
security
malware
supply-chain
vulnerabilities
software-supply-chain
malware-detection
security-scan
software-supply-chain-security
secure-software-supply-chain
-
Updated
May 8, 2024 - Rust
GUAC aggregates software security metadata into a high fidelity graph database.
security
supply-chain
software-supply-chain
supply-chain-analytics
supply-chain-security
supply-chain-visibility
software-supply-chain-security
-
Updated
May 8, 2024 - Go
boostsecurityio/poutine
github
cli
golang
security
devops
ci
supply-chain
security-scanner
devsecops
github-actions
supply-chain-security
gh-extension
-
Updated
May 8, 2024 - Go
A GitHub Actions Supply Chain CTF / Goat
-
Updated
May 8, 2024 - JavaScript
Official GitHub Action for OpenSSF Scorecard.
-
Updated
May 8, 2024 - Go
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
docker
containers
supply-chain
owasp
bom
oci
sca
software-bill-of-materials
purl
package-url
sbom
cyclonedx
saasbom
mlbom
-
Updated
May 8, 2024 - JavaScript
OtterDog is a tool to manage GitHub organizations at scale using a configuration as code approach. It is actively used by the Eclipse Foundation to manage its numerous projects hosted on GitHub.
-
Updated
May 8, 2024 - Python
Security audit Python project dependencies against security advisory databases.
security
poetry
supply-chain
dependency-graph
gemnasium
pip
safety
vulnerabilities
vulnerability-detection
security-tools
pipenv
cvssv3
cvssv2
safety-db
github-security-advisories
pyup
-
Updated
May 8, 2024 - Python
Software Supply Chain Security Platform
-
Updated
May 9, 2024 - Go
Supply Chain Integrity Transparency and Trust ledger application using Confidential Consortium Framework (CCF)
-
Updated
May 8, 2024 - C++
Trusty Dependency Analysis Action
-
Updated
May 8, 2024 - Go
Throw a tag at and it comes back with a checksum.
-
Updated
May 9, 2024 - Go
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
-
Updated
May 8, 2024 - Go
FOSSLight Hub : Integrated management web-service for Open Source Compliance Process
-
Updated
May 9, 2024 - Java
Improve this page
Add a description, image, and links to the supply-chain topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the supply-chain topic, visit your repo's landing page and select "manage topics."