All Categories → No Category → software-supply-chain

Top 6 software-supply-chain open source projects

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.

✭ 48

go Makefile shell security software-supply-chain in-toto

dependency-check-py

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

✭ 44

python shell security security-audit dependency-analysis owasp cli-utility vulnerability-detection software-supply-chain cve-scanning software-composition-analysis

Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages

✭ 46

java PHP ruby python javascript HTML open-source npm security rubygems packagist maven static-analysis pypi dynamic-analysis software-supply-chain attack-detection

Software-Component-Verification-Standard

Software Component Verification Standard (SCVS)

✭ 82

python shell lua open-source best-practices supply-chain owasp software-supply-chain scrm cscrm scvs

A rust implementation of in-toto

✭ 23

rust security software-supply-chain

slsa-provenance-action

Github Action implementation of SLSA Provenance Generation

✭ 34

go Makefile shell Dockerfile security provenance software-supply-chain hacktoberfest security-tools github-actions github-action in-toto slsa

1-6 of 6 software-supply-chain projects