|
« Back to VersTracker
|
All Categories
|
All Tags
|
Related:
security
devops
signing
sigstore
devsecops
ci-cd
compliance
attestation
git
github-actions
|
| Package |
Description |
Version |
|
gitsign
☆
formula
1,044
|
Keyless Git signing using Sigstore |
0.13.0 |
|
malcontent
☆
formula
635
|
Supply Chain Attack Detection, via context differential analysis and YARA |
1.18.3 |
|
frizbee
☆
formula
151
|
Throw a tag at and it comes back with a checksum |
0.1.7 |
|
cargo-auditable
☆
formula
|
Make production Rust binaries auditable |
0.7.2 |
|
chain-bench
☆
formula
|
Software supply chain auditing tool based on CIS benchmark |
0.1.10 |
|
chainloop-cli
☆
formula
|
CLI for interacting with Chainloop |
1.65.0 |
|
cosign
☆
formula
|
Container Signing |
3.0.3 |
|
gittuf
☆
formula
|
Security layer for Git repositories |
0.12.0 |
|
notation
☆
formula
|
CLI tool to sign and verify OCI artifacts and container images |
1.3.2 |
|
opensca-cli
☆
formula
|
OpenSCA is a supply-chain security tool for security researchers and developers |
|
|
phylum-cli
☆
formula
|
Command-line interface for the Phylum API |
|
|
ratchet
☆
formula
|
Tool for securing CI/CD workflows with version pinning |
|
|
ratify
☆
formula
|
Artifact Ratification Framework |
1.4.0 |
|
rekor-cli
☆
formula
|
CLI for interacting with Rekor |
1.4.3 |
|
sh4d0wup
☆
formula
|
Signing-key abuse and update exploitation framework |
|
|
slsa-verifier
☆
formula
|
Verify provenance from SLSA compliant builders |
2.7.1 |
|
witness
☆
formula
|
Automates, normalizes, and verifies software artifact provenance |
0.10.1 |