chainloop
chainloop copied to clipboard
chainloop-dev
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
`names` are currently primed to become `identifiers` that the user could use for the interaction with the controlplane instead of `uuids`. We've already done most of the grunt work of...
Chainloop has [a plugin mechanism](https://github.com/chainloop-dev/chainloop/blob/main/app/controlplane/plugins/README.md) for fanOut integrations. A fanOut plugin implements logic that will be executed when attestations or materials are received. This logic can be anything from sending...
Currently, you can create API tokens [1] that can be used for automation for a limited set of tasks. The permissions that this token has by default are hardcoded and...
Attested materials now support arbitrary annotations that can be useful to add additional context. For example ## All materials - Add the material name, this is the name from which...
When generating a finalized attestation, the JSON fields exhibit variations in their formats. This discrepancy likely stems from the amalgamation of the complete attestation definition with the provenance predicate from...
I have artifact which is bigger than 100MB so material crafting fails because of too big file. As far as I can see in https://github.com/chainloop-dev/chainloop/blob/main/app/controlplane/internal/data/casbackend.go#L223-L226 it's impossible to change the...
The `sha256sum` option `ignore-missing` might be missing on some Linux distributions: ``` sha256sum: unrecognized option '--ignore-missing' ``` References: - https://github.com/werf/werf/issues/1544 - https://github.com/werf/multiwerf/pull/31/files
Workflow Lists are not currently paginated.
Metadata
Owner
Metadata
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.