Stars
Automatic compile-time instrumentation of Go code
Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
The service side of clearlydefined.io
Free DSSE Attestation Online Decoder Tool
OtterDog is a tool to manage GitHub organizations at scale using a configuration as code approach. It is actively used by the Eclipse Foundation to manage its numerous projects hosted on GitHub.
🚦 A pretty diagnostics, references, telescope results, quickfix and location list to help you solve all the trouble your code is causing.
cliffe / SecGen
Forked from SecGen/SecGenCreate randomly insecure VMs
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
A PoC protocol and tooling for software supply chain transparency.
F1 Live Timing TUI for all F1 sessions with variable delay to sync to your TV. Supports replaying previously recorded sessions.
Monorepo vs. polyrepo: architecture for source code management (SCM) version control systems (VCS)
WEBCAT is an architectural framework for providing blocking code signing and verification, integrity and transparency checks for browser-based applications.
A software supply chain framework powered by Nix.
GH Archive is a project to record the public GitHub timeline, archive it, and make it easily accessible for further analysis.
An ebook reader application supporting PDF, DjVu, EPUB, FB2 and many more formats, running on Cervantes, Kindle, Kobo, PocketBook and Android devices
Software for creating and managing a distributed and reproducible chain of builds
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
A model checker for implementing distributed systems.
Radio in a bottle. All in one solution for your own radio station.
An automated deductive program verifier based on concurrent separation logic