in-toto's repositories
attestation
in-toto Attestation Framework
in-toto-golang
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
archivista
Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for software artifacts.
in-toto-rs
A rust implementation of in-toto
scai-demos
Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools
go-witness
Go implementation of witness
attestation-verifier
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
in-toto-java
A Java implementation of in-toto runlib
apt-transport-in-toto
in-toto transport for apt
github-action
in-toto provenance github action
rebuilderd
Independent verification of binary packages - reproducible builds
in-toto-jenkins-plugin
A Jenkins plugin to track steps and create in-toto link metadata
layout-web-tool
A flask app that helps to create, modify and visualize in-toto layouts.
image-resources
This repo contains image-related resources for in-toto
demo-opensuse
in-toto openSUSE demo
rebuilderd-website
Arch Linux Rebuilderd status webpage (read-only mirror)
securesystemslib
Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU