Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
Updated 2025-07-16 17:15:18 +08:00
Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for software artifacts.
Updated 2025-07-13 15:54:20 +08:00
in-toto is a framework to secure the software supply chain.
Updated 2025-07-12 14:25:41 +08:00
in-toto is a framework to protect supply chain integrity.
Updated 2025-07-12 14:25:34 +08:00
in-toto Attestation Framework
Updated 2025-07-12 14:24:36 +08:00
Specification and other related documents.
Updated 2025-07-12 14:24:20 +08:00
Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools
Updated 2025-07-12 14:24:01 +08:00
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Updated 2025-07-12 14:23:57 +08:00