bomber
minder
bomber | minder | |
---|---|---|
4 | 2 | |
457 | 197 | |
4.6% | 9.6% | |
6.9 | 10.0 | |
8 days ago | 3 days ago | |
Go | Go | |
Mozilla Public License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bomber
minder
-
Software Supply Chain Security
It's worth checking out what stacklok.com are up too.
startup founded by the creator of sigstore and a co-founder of kubernetes. They are building a supply chain platform called https://github.com/stacklok/minder
It seems early in and mostly focused on GitHub right now, but I spoke to one of the engineers on the project and they are extending out to other integrations and have sigstore attestation policy available, albeit an early iteration
- Hey everybody! We just open-sourced a tool to help you monitor your repositories and other software supply chain assets. It's all in golang! Give it a try! I hope folks find it useful. Feedback is welcome!
What are some alternatives?
BOTP - ©SMS & CALL BOMBER FOR TERMUX USERS || PER SUBMIT 5K BOMBING SMS✌
cas - Codenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts
bearer - Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
rekor - Software Supply Chain Transparency Log
osv.dev - Open source vulnerability DB and triage service.
kubeclarity - KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
parlay - Enrich SBOMs with data from third party services
fatbom - fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
nosqli - NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
gosec - Go security checker