Software Supply Chain Transparency Log
-
Updated
Dec 8, 2025 - Go
#
supply-chain
Here are 42 public repositories matching this topic...
GUAC aggregates software security metadata into a high fidelity graph database.
security graph supply-chain vulnerability vex spdx vulnerability-management software-supply-chain supply-chain-analytics sbom attestations in-toto cyclonedx slsa supply-chain-security supply-chain-visibility software-supply-chain-security spdx-sbom cyclonedx-sbom
-
Updated
Dec 3, 2025 - Go
OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure
kubernetes security cloud virtual-machine scanner malware supply-chain exploits vulnerabilities rootkits leaked-secrets sbom
-
Updated
Dec 8, 2025 - Go
Go implementation of The Update Framework (TUF)
-
Updated
Dec 8, 2025 - Go
Official GitHub Action for OpenSSF Scorecard.
-
Updated
Dec 9, 2025 - Go
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
-
Updated
Dec 9, 2025 - Go
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
golang security oss supply-chain spdx vulnerability-scanners security-automation security-tools devsecops supplychain syft sbom gomodule cyclonedx epss
-
Updated
Mar 31, 2025 - Go
Software Supply Chain Security Platform
-
Updated
Dec 12, 2025 - Go
Go implementation of Centrifuge POD (Private Off-chain Data) node
-
Updated
Apr 10, 2024 - Go
boostsecurityio/poutine
github cli golang security devops ci supply-chain security-scanner devsecops github-actions supply-chain-security gh-extension
-
Updated
Nov 28, 2025 - Go
A tool to create, transform and attest VEX metadata
-
Updated
Dec 12, 2025 - Go
Throw a tag at it and it comes back with a checksum.
-
Updated
Dec 13, 2025 - Go
Signature Transparency Log designed for ease of use, low cost, and minimal maintenance
-
Updated
Dec 8, 2025 - Go
Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
go golang signing supply-chain software-bill-of-materials syft goreleaser sbom attestations slsa cosign sigstore slsa-provenance
-
Updated
Dec 8, 2025 - Go
🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)
-
Updated
Dec 13, 2025 - Go
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
go npm security maven nuget pypi supply-chain cargo hacktoberfest dependency-management blue-team supply-chain-management defensive-security golang-module go-module sbom dependency-scanning dependency-security sbom-generator package-security
-
Updated
Dec 9, 2025 - Go
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
-
Updated
Oct 14, 2024 - Go
Cryptographic, immutable, append only software release ledger.
-
Updated
Nov 23, 2020 - Go
A P2P blockchain network created using Golang!
go golang blockchain supply-chain golang-application blockchain-technology blockchain-network blockchain-explorer blockchain-platform blockchain-service blockchain-demos supply-chain-management blockchain-demo golang-api
-
Updated
Nov 15, 2018 - Go
Improve this page
Add a description, image, and links to the supply-chain topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the supply-chain topic, visit your repo's landing page and select "manage topics."