#Software-supply-chain-security
Showing 11 of 11 repositories tagged #software-supply-chain-security, ranked by stars
GUAC aggregates software security metadata into a high fidelity graph database.
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Reference implementation of OpenPubkey
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Software Supply Chain Security Platform
Harden your package manager configs against supply chain attacks.
Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX — covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory grading, and PQC compliance (CNSA 2.0, NIST IR 8547).
ReARM - Release Governance Platform for the Agentic Era
Enabling Software Supply Chain Security Capabilities in ArgoCD
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, openAPI, cloudevents, etc. Auto generate code after defining requirements in UI as diagram.
Sharing software supply chain security open source projects