Language-agnostic SLSA provenance generation for Github Actions
-
Updated
Oct 20, 2025 - Go
#
slsaprovenance
Here are 5 public repositories matching this topic...
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
docker security security-audit containers container provenance oci oci-image vulnerability vulnerabilities cve vulnerability-management vulnerability-assessment containerization security-tools container-image oras slsa slsaprovenance
-
Updated
Oct 30, 2023 - Go
An opinionated Python package/application template repository, with SLSA and SBOM support built in, enabled for security scanners, code linters, typing, testing and code coverage monitoring, and release automation for reproducible builds.
python release-automation python-package reproducible-builds security-automation conventional-commits secure-by-design sbom template-repository slsa slsaprovenance
-
Updated
Nov 3, 2025 - Makefile
A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance
-
Updated
Feb 10, 2022 - Go
🔒 Fail CI if dependencies in your lockfile lose npm provenance or trusted publisher status, enhancing the security of your projects.
wordpress security machine-learning provenance software-supply-chain hacktoberfest system-security adversarial-examples adversarial-attacks github-action in-toto slsa supply-chain-security slsaprovenance gh-actions-repo slsa-provenance slsa-framework trusted-publishing
-
Updated
Nov 4, 2025 - TypeScript
Improve this page
Add a description, image, and links to the slsaprovenance topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the slsaprovenance topic, visit your repo's landing page and select "manage topics."