Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

proxy.golang.org "slsa" keyword

Top 6.8% on proxy.golang.org
github.com/mattermost/builder v0.0.2
Mattermost builder
2 versions - Latest release: over 2 years ago - 11 stars on GitHub
github.com/GoogleCloudPlatform/aactl v0.4.12
Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA p...
21 versions - Latest release: 12 months ago - 4 stars on GitHub
Top 2.3% on proxy.golang.org
github.com/slsa-framework/slsa-github-generator v1.10.0
Language-agnostic SLSA provenance generation for Github Actions
33 versions - Latest release: 3 months ago - 10 dependent packages - 16 dependent repositories - 162 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/martinbaillie/ocistow v0.0.0-20211028112505-1b5ea3ce8b3f
Stream, Mutate and Sign Images with AWS Lambda and ECR
1 version - Latest release: over 2 years ago - 17 stars on GitHub
Top 8.0% on proxy.golang.org
github.com/kubernetes-sigs/tejolote v0.2.1
A highly configurable build executor and observer designed to generate signed SLSA provenance att...
3 versions - Latest release: about 1 year ago - 35 stars on GitHub
Top 7.8% on proxy.golang.org
sigs.k8s.io/tejolote v0.3.0
A highly configurable build executor and observer designed to generate signed SLSA provenance att...
4 versions - Latest release: 2 months ago - 35 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/nais/salsa v0.8.20230131140132
SLSA level 3 action
28 versions - Latest release: over 1 year ago - 9 stars on GitHub
Top 8.4% on proxy.golang.org
github.com/mchmarny/s3cme v0.7.18
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image te...
134 versions - Latest release: 4 months ago - 38 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/hi-artem/provenance-generator-buildkite-plugin v1.1.16
A proof-of-concept SLSA provenance generator for Buildkite.
26 versions - Latest release: over 2 years ago - 2 stars on GitHub
Top 5.9% on proxy.golang.org
github.com/philips-labs/slsa-provenance-action v0.9.0
Github Action implementation of SLSA Provenance Generation
28 versions - Latest release: 6 months ago - 36 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/goturkiye/goreleaser-supply-chain-example v0.4.0
A demonstration of how GoReleaser can help us to make software supply chain more secure by using ...
4 versions - Latest release: over 2 years ago - 4 stars on GitHub
Top 9.1% on proxy.golang.org
github.com/developer-guy/goreleaser-slsa-provenance v0.3.0 💰
A demonstration of showing how to use 💃SLSA 3 Generic Generator with GoReleaser to release artifa...
3 versions - Latest release: 8 months ago - 9 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/johnsonshi/image-manifest-layer-history v0.0.3
Container image provenance spec that allows tracing CVEs detected in registry images back to a CV...
3 versions - Latest release: over 1 year ago - 37 stars on GitHub
Top 7.3% on proxy.golang.org
github.com/hashicorp/actions-go-build v0.1.9
Define a reproducible Go build.
13 versions - Latest release: over 1 year ago - 2 stars on GitHub
Top 8.2% on proxy.golang.org
github.com/GoTurkiye/goreleaser-supply-chain-example v0.4.0
Copyright © 2022 NAME HERE <EMAIL ADDRESS> Licensed under the Apache License, Version 2.0 (the "...
4 versions - Latest release: over 2 years ago - 4 stars on GitHub
Top 7.4% on proxy.golang.org
github.com/oracle/macaron v0.10.0
Macaron is a supply chain security analysis tool from Oracle Labs that checks conformance to SLSA...
11 versions - Latest release: about 1 month ago - 87 stars on GitHub
Related Keywords
provenance 8 sbom 7 slsaprovenance 4 attestation 3 cosign 3 goreleaser 3 sigstore 3 software-supply-chain 3 security-tools 3 security 3 oci 2 docker 2 syft 2 supply-chain-security 2 vulnerability 2 grype 2 container 2 build 2 artifact 2 githubactions 2 slsa3 1 slsalevel3 1 slsa-provenance 1 slsa-generic-generator 1 slsa-framework 1 in-toto 1 cicd 1 container-image 1 containerization 1 containers 1 cve 1 oci-image 1 oras 1 security-audit 1 vulnerabilities 1 vulnerability-assessment 1 vulnerability-management 1 crt 1 go 1 reproducible 1 mattermost 1 reproducible-builds 1 attestations 1 gcb 1 gcp 1 import 1 predicate 1 security-hardening 1 aws 1 aws-lambda 1 ecr 1 supplychain 1 ci-cd 1 end-to-end 1 integrity 1 software-artifact 1 cosine 1 oidc 1 buildkite 1 buildkite-plugin 1 github-action 1 github-actions 1 hacktoberfest 1