There are no reviews yet. Be the first to send feedback to the community and the maintainers!
in-toto
in-toto is a framework to protect supply chain integrity.witness
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.attestation
in-toto Attestation Frameworkin-toto-golang
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.demo
Securing Alice's, Bob's and Carl's software supply chain using in-totocommunity
in-toto is a framework to secure the software supply chain.specification
Specification and other related documents.in-toto-rs
A rust implementation of in-totosupply-chain-compromises
go-witness
Go implementation of witnessITE
in-toto Enhancementsscai-demos
Software Supply Chain Attribute Integrity (SCAI) Demos and CLI toolsattestation-verifier
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layoutsfriends
Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.in-toto-java
A Java implementation of in-toto runlibkubectl-in-toto
github-action
in-toto provenance github actionin-toto-webhook
apt-transport-in-toto
in-toto transport for aptDockerfiles
totoify-grafeas
in-toto-testing
in-toto.io
The in-toto website and documentationlayout-web-tool
A flask app that helps to create, modify and visualize in-toto layouts.image-resources
This repo contains image-related resources for in-totoin-toto-inspections
A set of common in-toto inspectionsite-4-demo
demo-jekyll
Metadata and scripts to secure a basic jekyll supply chain with in-toto and grafeasLove Open Source and this site? Check out how you can help us