Data

Tools

Indexes

Applications

Experiments

Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

github actions "supply-chain" keyword

Top 4.6% on github actions
sigstore/gh-action-sigstore-python v3.2.0
Use sigstore-python to sign Python packages
30 versions - Latest release: 3 months ago - 143 dependent repositories - 65 stars on GitHub
Top 0.6% on github actions
ossf/scorecard-action v2.4.3
Run OSSF Scorecard checks and output results in SARIF format
33 versions - Latest release: 5 months ago - 6,465 dependent repositories - 337 stars on GitHub
Duffney/setup-notation v1.0.0
Setup Notation CLI on GitHub Actions runners
5 versions - Latest release: about 3 years ago - 1 dependent repositories - 3 stars on GitHub
Top 3.8% on github actions
pypa/gh-action-pip-audit v1.1.0 💰
Use pip-audit to scan Python dependencies for known vulnerabilities
16 versions - Latest release: over 1 year ago - 131 dependent repositories - 76 stars on GitHub
Related Keywords
github-actions 3 security 3 codesigning 1 github 1 openssf-scorecard 1 cloud-native 1 container-registry 1 image-signature 1 pip 1