|
frizbee
☆
« Back to VersTracker
|
||||||||||||||||||||
|
Description: Throw a tag at and it comes back with a checksum |
||||||||||||||||||||
| Type: Formula | Latest Version: 0.1.7@0 | Tracked Since: Dec 25, 2025 | ||||||||||||||||||||
| Links: Homepage | GitHub | @stacklok | formulae.brew.sh | ||||||||||||||||||||
| Stars: 151 | Forks: 24 | Language: Go | Category: Security | ||||||||||||||||||||
| Tags: security devops ci-cd github-actions supply-chain developer-tools | ||||||||||||||||||||
| Install: brew install frizbee | ||||||||||||||||||||
|
About: Frizbee is a developer tool that automatically updates GitHub Actions and other YAML workflows to use checksum-verified versions instead of mutable tags. It enhances supply chain security by replacing floating tags like 'v1' with immutable references that include the SHA256 hash of the release artifact. This prevents supply chain attacks caused by tag manipulation or compromised releases. |
||||||||||||||||||||
Key Features:
|
||||||||||||||||||||
Use Cases:
|
||||||||||||||||||||
Alternatives:
|
||||||||||||||||||||
| Version History | ||||||||||||||||||||
|