in-toto's repositories
attestation
in-toto Attestation Framework
in-toto-golang
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
archivista
Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for software artifacts.
specification
Specification and other related documents.
in-toto-rs
A rust implementation of in-toto
scai-demos
Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools
go-witness
Go implementation of witness
attestation-verifier
Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
in-toto-java
A Java implementation of in-toto runlib
apt-transport-in-toto
in-toto transport for apt
github-action
in-toto provenance github action
in-toto-jenkins-plugin
A Jenkins plugin to track steps and create in-toto link metadata
rebuilderd
Independent verification of binary packages - reproducible builds
in-toto.io
The in-toto website and documentation
layout-web-tool
A flask app that helps to create, modify and visualize in-toto layouts.
image-resources
This repo contains image-related resources for in-toto
in-toto-inspections
A set of common in-toto inspections
rebuilderd-website
Arch Linux Rebuilderd status webpage (read-only mirror)
securesystemslib
Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU