Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
proxy.golang.org "supply-chain-security" keyword
Top 9.9% on proxy.golang.org
156 versions - Latest release: about 1 month ago - 577 stars on GitHub
github.com/appthreat/dep-scan v5.3.3+incompatible 💰
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, ...156 versions - Latest release: about 1 month ago - 577 stars on GitHub
Top 10.0% on proxy.golang.org
1 version - Latest release: about 1 year ago - 1,342 stars on GitHub
github.com/slsa-framework/slsa v1.0.0
Supply-chain Levels for Software Artifacts1 version - Latest release: about 1 year ago - 1,342 stars on GitHub
Top 8.2% on proxy.golang.org
28 versions - Latest release: about 1 month ago - 2 stars on GitHub
github.com/safedep/vet v1.5.10
Helping engineering and security teams evaluate their Open Source Software Supply Chain28 versions - Latest release: about 1 month ago - 2 stars on GitHub
Top 9.8% on proxy.golang.org
1 version - Latest release: over 2 years ago - 20 stars on GitHub
github.com/testifysec/solarsploit v0.0.0-20210929070835-43ad7931a5f6
Red team tool that emulates the SolarWinds CI compromise attack vector.1 version - Latest release: over 2 years ago - 20 stars on GitHub
Top 5.1% on proxy.golang.org
29 versions - Latest release: 5 months ago - 430 stars on GitHub
github.com/legit-labs/legitify v1.0.7
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets29 versions - Latest release: 5 months ago - 430 stars on GitHub
Top 5.5% on proxy.golang.org
29 versions - Latest release: 5 months ago - 433 stars on GitHub
github.com/Legit-Labs/legitify v1.0.7
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets29 versions - Latest release: 5 months ago - 433 stars on GitHub
Top 7.4% on proxy.golang.org
11 versions - Latest release: 20 days ago - 87 stars on GitHub
github.com/oracle/macaron v0.10.0
Macaron is a supply chain security analysis tool from Oracle Labs that checks conformance to SLSA...11 versions - Latest release: 20 days ago - 87 stars on GitHub
Top 8.2% on proxy.golang.org
5 versions - Latest release: about 2 years ago - 4 stars on GitHub
github.com/shibumi/secure-supply-chain-example v1.0.0
Supply Chain Security does not need to be difficult5 versions - Latest release: about 2 years ago - 4 stars on GitHub
Top 5.6% on proxy.golang.org
10 versions - Latest release: 11 months ago - 158 stars on GitHub
github.com/step-security/secure-workflows v1.4.0
Secure your GitHub repository with ease through automated security fixes10 versions - Latest release: 11 months ago - 158 stars on GitHub
Top 5.3% on proxy.golang.org
10 versions - Latest release: 11 months ago - 159 stars on GitHub
github.com/step-security/secure-repo v1.4.0
Secure your GitHub repository with ease through automated security fixes10 versions - Latest release: 11 months ago - 159 stars on GitHub
Top 5.7% on proxy.golang.org
3 versions - Latest release: over 2 years ago - 130 stars on GitHub
github.com/cugu/gocap v0.2.1
List your dependencies capabilities and monitor if updates require more capabilities.3 versions - Latest release: over 2 years ago - 130 stars on GitHub
Top 5.8% on proxy.golang.org
152 versions - Latest release: 4 months ago - 155 stars on GitHub
github.com/ckotzbauer/sbom-operator v0.0.0-20240121123323-403368f12fb2
Catalogue all images of a Kubernetes cluster to multiple targets with Syft152 versions - Latest release: 4 months ago - 155 stars on GitHub
Top 8.2% on proxy.golang.org
28 versions - Latest release: 10 months ago - 834 stars on GitHub
github.com/tern-tools/tern v2.12.1+incompatible
Tern is a software composition analysis tool and Python library that generates a Software Bill of...28 versions - Latest release: 10 months ago - 834 stars on GitHub
Top 6.8% on proxy.golang.org
49 versions - Latest release: 24 days ago - 2 dependent repositories - 45 stars on GitHub
github.com/docker/scout-cli v1.8.0
Docker Scout CLI49 versions - Latest release: 24 days ago - 2 dependent repositories - 45 stars on GitHub
Top 8.4% on proxy.golang.org
134 versions - Latest release: 4 months ago - 38 stars on GitHub
github.com/mchmarny/s3cme v0.7.18
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image te...134 versions - Latest release: 4 months ago - 38 stars on GitHub
Top 9.6% on proxy.golang.org
github.com/naveensrinivasan/scorecarddata v0.0.0-20220531014954-c224c58a89eb
1 version - Latest release: almost 2 years ago - 1 stars on GitHub
Related Keywords
security
9
sbom
6
golang
5
devsecops
4
github
4
security-tools
4
devops
3
docker
2
slsa
2
security-scanner
2
sdlc-security
2
actions
2
github-actions
2
gitlab
2
ci
2
software-composition-analysis
2
workflow
2
compliance
2
containers
2
k8s
1
kubernetes
1
scorecard
1
operator
1
dependencies
1
ossf
1
metadata-extraction
1
open-source
1
vulnerability
1
provenance
1
oidc
1
cosine
1
attestation
1
tool
1
spdx
1
oss-compliance
1
risk-management
1
python
1
cve
1
cyclonedx
1
dependency-analysis
1
dependency-audit
1
reachability-analysis
1
risk-audit
1
sca
1
security-audit
1
vex
1
vulnerability-scanners
1
policy-as-code
1
compiler
1
cosign
1
fulcio
1
keyless
1
rekor
1
sigstore
1
go
1
supply-chain-attacks
1