Trusty Dependency Risk Action

Frizbee Action helps you pin your GitHub Actions and container images to specific versions using checksums.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Keyless Git signing using Sigstore

A Golang SDK for trusty

How many GitHub repositories actually pin by hash?

Build AI assistants that interact with your systems

Go implementation of The Update Framework heavily influenced by python-tuf

Official u-bmc WebUI written in Svelte using the SkeletonUI Kit

Typescript clients for Minder

Throw a tag at it and it comes back with a checksum.

Go library and CLIs for working with container registries

A transparent, highly scalable and cryptographically verifiable data store.

LLM inference in C/C++

Software Supply Chain Security Platform

Stacklok Homebrew Tap

A repository containing Minder rules and profiles recommended by your friends at Stacklok

🙃 A delightful community-driven (with 2,300+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…

Terminal UI library with rich, interactive widgets — written in Golang

A security layer for Git repositories

Dental practice management software for the needs of all dentists in Bulgaria

Go library for Sigstore signing and verification

Open source vulnerability DB and triage service.

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Sigstore OIDC PKI

A TUF repository and signing tool

TUF repository for Sigstore trust root

🐀 Small chrome extension to monitor (and optionally block) other extensions' network calls

Tensor library for machine learning

Scripts for fine-tuning Meta Llama3 with composable FSDP & PEFT methods to cover single/multi-node GPUs. Supports default & custom datasets for applications such as summarization and Q&A. Supportin…