GitHub - naveensrinivasan/gittuf: A security layer for Git repositories

gittuf provides a security layer for Git using some concepts introduced by The Update Framework (TUF). Among other features, gittuf handles key management for all developers on the repository, allows you to set permissions for repository branches, tags, files, etc., lets you use new cryptographic algorithms (SHA256, etc.), protects against other attacks Git is vulnerable to, and more — all while being backwards compatible with GitHub, GitLab, etc.

gittuf is a sandbox project at the Open Source Security Foundation (OpenSSF) as part of the Supply Chain Integrity Working Group.

Current Status

gittuf is currently in alpha. It is NOT intended for use in a production system or repository. Contributions are welcome, please refer to the contributing guide. Some of the features listed above are being actively developed, please refer to the roadmap and the issue tracker for more details.

Installation & Get Started

See the get started guide.

Name		Name	Last commit message	Last commit date
Latest commit History 698 Commits
.github		.github
docs		docs
internal		internal
.gitignore		.gitignore
.golangci.yml		.golangci.yml
.goreleaser.yml		.goreleaser.yml
CHANGELOG.md		CHANGELOG.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
MAINTAINERS.txt		MAINTAINERS.txt
Makefile		Makefile
README.md		README.md
SECURITY.md		SECURITY.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Current Status

Installation & Get Started

About

Releases

Packages

Languages

License

naveensrinivasan/gittuf

Folders and files

Latest commit

History

Repository files navigation

Current Status

Installation & Get Started

About

Resources

License

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages