Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
proxy.golang.org "slsa" keyword
Top 6.8% on proxy.golang.org
2 versions - Latest release: over 2 years ago - 11 stars on GitHub
github.com/mattermost/builder v0.0.2
Mattermost builder2 versions - Latest release: over 2 years ago - 11 stars on GitHub
github.com/GoogleCloudPlatform/aactl v0.4.12
Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA p...21 versions - Latest release: 12 months ago - 4 stars on GitHub
Top 2.3% on proxy.golang.org
33 versions - Latest release: 3 months ago - 10 dependent packages - 16 dependent repositories - 162 stars on GitHub
github.com/slsa-framework/slsa-github-generator v1.10.0
Language-agnostic SLSA provenance generation for Github Actions33 versions - Latest release: 3 months ago - 10 dependent packages - 16 dependent repositories - 162 stars on GitHub
Top 8.2% on proxy.golang.org
1 version - Latest release: over 2 years ago - 17 stars on GitHub
github.com/martinbaillie/ocistow v0.0.0-20211028112505-1b5ea3ce8b3f
Stream, Mutate and Sign Images with AWS Lambda and ECR1 version - Latest release: over 2 years ago - 17 stars on GitHub
Top 8.0% on proxy.golang.org
3 versions - Latest release: about 1 year ago - 35 stars on GitHub
github.com/kubernetes-sigs/tejolote v0.2.1
A highly configurable build executor and observer designed to generate signed SLSA provenance att...3 versions - Latest release: about 1 year ago - 35 stars on GitHub
Top 7.8% on proxy.golang.org
4 versions - Latest release: 2 months ago - 35 stars on GitHub
sigs.k8s.io/tejolote v0.3.0
A highly configurable build executor and observer designed to generate signed SLSA provenance att...4 versions - Latest release: 2 months ago - 35 stars on GitHub
Top 8.2% on proxy.golang.org
28 versions - Latest release: over 1 year ago - 9 stars on GitHub
github.com/nais/salsa v0.8.20230131140132
SLSA level 3 action28 versions - Latest release: over 1 year ago - 9 stars on GitHub
Top 8.4% on proxy.golang.org
134 versions - Latest release: 4 months ago - 38 stars on GitHub
github.com/mchmarny/s3cme v0.7.18
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image te...134 versions - Latest release: 4 months ago - 38 stars on GitHub
Top 8.2% on proxy.golang.org
26 versions - Latest release: over 2 years ago - 2 stars on GitHub
github.com/hi-artem/provenance-generator-buildkite-plugin v1.1.16
A proof-of-concept SLSA provenance generator for Buildkite.26 versions - Latest release: over 2 years ago - 2 stars on GitHub
Top 5.9% on proxy.golang.org
28 versions - Latest release: 6 months ago - 36 stars on GitHub
github.com/philips-labs/slsa-provenance-action v0.9.0
Github Action implementation of SLSA Provenance Generation28 versions - Latest release: 6 months ago - 36 stars on GitHub
Top 8.2% on proxy.golang.org
4 versions - Latest release: over 2 years ago - 4 stars on GitHub
github.com/goturkiye/goreleaser-supply-chain-example v0.4.0
A demonstration of how GoReleaser can help us to make software supply chain more secure by using ...4 versions - Latest release: over 2 years ago - 4 stars on GitHub
Top 9.1% on proxy.golang.org
3 versions - Latest release: 8 months ago - 9 stars on GitHub
github.com/developer-guy/goreleaser-slsa-provenance v0.3.0 💰
A demonstration of showing how to use 💃SLSA 3 Generic Generator with GoReleaser to release artifa...3 versions - Latest release: 8 months ago - 9 stars on GitHub
Top 8.2% on proxy.golang.org
3 versions - Latest release: over 1 year ago - 37 stars on GitHub
github.com/johnsonshi/image-manifest-layer-history v0.0.3
Container image provenance spec that allows tracing CVEs detected in registry images back to a CV...3 versions - Latest release: over 1 year ago - 37 stars on GitHub
Top 7.3% on proxy.golang.org
13 versions - Latest release: over 1 year ago - 2 stars on GitHub
github.com/hashicorp/actions-go-build v0.1.9
Define a reproducible Go build.13 versions - Latest release: over 1 year ago - 2 stars on GitHub
Top 8.2% on proxy.golang.org
4 versions - Latest release: over 2 years ago - 4 stars on GitHub
github.com/GoTurkiye/goreleaser-supply-chain-example v0.4.0
Copyright © 2022 NAME HERE <EMAIL ADDRESS> Licensed under the Apache License, Version 2.0 (the "...4 versions - Latest release: over 2 years ago - 4 stars on GitHub
Top 7.4% on proxy.golang.org
11 versions - Latest release: about 1 month ago - 87 stars on GitHub
github.com/oracle/macaron v0.10.0
Macaron is a supply chain security analysis tool from Oracle Labs that checks conformance to SLSA...11 versions - Latest release: about 1 month ago - 87 stars on GitHub
Related Keywords
provenance
8
sbom
7
slsaprovenance
4
attestation
3
cosign
3
goreleaser
3
sigstore
3
software-supply-chain
3
security-tools
3
security
3
oci
2
docker
2
syft
2
supply-chain-security
2
vulnerability
2
grype
2
container
2
build
2
artifact
2
githubactions
2
slsa3
1
slsalevel3
1
slsa-provenance
1
slsa-generic-generator
1
slsa-framework
1
in-toto
1
cicd
1
container-image
1
containerization
1
containers
1
cve
1
oci-image
1
oras
1
security-audit
1
vulnerabilities
1
vulnerability-assessment
1
vulnerability-management
1
crt
1
go
1
reproducible
1
mattermost
1
reproducible-builds
1
attestations
1
gcb
1
gcp
1
import
1
predicate
1
security-hardening
1
aws
1
aws-lambda
1
ecr
1
supplychain
1
ci-cd
1
end-to-end
1
integrity
1
software-artifact
1
cosine
1
oidc
1
buildkite
1
buildkite-plugin
1
github-action
1
github-actions
1
hacktoberfest
1