supply-chain
| Date | Project Name | 🎉 | ? | Tags |
|---|---|---|---|---|
| 01/26 |
go-tuf/v2 v2.4.1
* [go-tuf/v2 v2.4.1](https://github.com/theupdateframework/go-tuf) – Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
|
6
|
Go 694 ⭐4065 days old |
golang security go supply-chain tuf |
| 01/22 |
sigstore framework v1.10.4
* [sigstore framework v1.10.4](https://github.com/sigstore/sigstore) – Common code library shared by Sigstore infrastructure and Go clients providing signing interfaces and OpenID Connect support.
Common code library shared by Sigstore infrastructure and Go clients providing signing interfaces and OpenID Connect support.
|
6
|
Go 496 ⭐1805 days old |
golang security go supply-chain sigstore |
| 01/21 |
go-tuf/v2 v2.4.0
* [go-tuf/v2 v2.4.0](https://github.com/theupdateframework/go-tuf) – Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
|
7
|
Go 694 ⭐4065 days old |
golang security go supply-chain tuf |
| 01/19 |
go-tuf/v2 v2.3.1
* [go-tuf/v2 v2.3.1](https://github.com/theupdateframework/go-tuf) – Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
Lightweight Go library for creating, signing, verifying, and managing secure software update metadata.
|
6
|
Go 694 ⭐4065 days old |
golang security go supply-chain tuf |
| 01/13 |
Witness v0.10.2
* [Witness v0.10.2](https://github.com/in-toto/witness) – Dynamic CLI tool for creating and verifying software supply chain attestations using the in-toto specification.
Dynamic CLI tool for creating and verifying software supply chain attestations using the in-toto specification.
|
6
|
Go 511 ⭐1509 days old |
security go security-tools supply-chain verification attestation |