in-toto

icon indicating a website link https://in-toto.io/

icon location A framework to protect software supply chain integrity

Results 13 repositories owned by in-toto

in-toto

844
Stars
134
Forks
Watchers

in-toto is a framework to protect supply chain integrity.

verified publisher icon in-toto

witness

365
Stars
53
Forks
Watchers

Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.

verified publisher icon in-toto

in-toto-golang

114
Stars
48
Forks
Watchers

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.

verified publisher icon in-toto

attestation

201
Stars
44
Forks
Watchers

in-toto Attestation Framework

verified publisher icon in-toto

demo

80
Stars
29
Forks
Watchers

Securing Alice's, Bob's and Carl's software supply chain using in-toto

verified publisher icon in-toto

docs

30
Stars
22
Forks
Watchers

Specification and other related documents.

verified publisher icon in-toto

in-toto-rs

31
Stars
14
Forks
Watchers

A rust implementation of in-toto

verified publisher icon in-toto

supply-chain-compromises

23
Stars
8
Forks
Watchers

verified publisher icon in-toto

community

49
Stars
8
Forks
Watchers

in-toto is a framework to secure the software supply chain.

verified publisher icon in-toto

scai-demos

18
Stars
2
Forks
Watchers

Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools

verified publisher icon in-toto