build-extra VS gittuf

Compare build-extra vs gittuf and see what are their differences.

build-extra

Additional files and scripts to help build Git for Windows on MSYS2. (by git-for-windows)
Suggest topics
Source Code
Suggest alternative
Edit details

gittuf

A security layer for Git repositories (by gittuf)
Git Tuf gittuf git-security access-control
Source Code
gittuf.dev
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
build-extra gittuf
3 2
617 329
1.0% 4.9%
9.0 9.6
8 days ago 6 days ago
Inno Setup Go
GNU General Public License v3.0 or later Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

build-extra

Posts with mentions or reviews of build-extra. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-23.

gittuf

Posts with mentions or reviews of gittuf. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-23.
  • Git Branches: Intuition and Reality
    6 projects | news.ycombinator.com | 23 Nov 2023
    It actually does but it's very much in alpha/active development (under the umbrella of OpenSSF with the intent of being integrated into mainline git eventually).

    https://github.com/gittuf/gittuf

  • Gittuf – a security layer for Git using some concepts introduced by TUF
    5 projects | news.ycombinator.com | 24 Oct 2023
    Hey Will, thanks!

    The paper is from quite a few years ago now and the reference is for a subset of gittuf's threat model, specifically the metadata manipulation / reference state attacks. The paper talks about MITM as one way to carry out a ref state attack, but if you're communicating with a compromised repository, you can be a victim of such an attack even if you're using authenticated transport and using signed commits / tags that you have a way of verifying.

    We do have a threat model for gittuf that we've been meaning to add [0] to the design doc. I'll try and get that done today. It should probably be in there before we tag our alpha release. :)

    [0] https://github.com/gittuf/gittuf/issues/95

What are some alternatives?

When comparing build-extra and gittuf you can also consider the following projects:

msys2-installer - The one-click installer for MSYS2

gitsign - Keyless Git signing using Sigstore

example

attestation - in-toto Attestation Framework

GitExtensions - Git Extensions is a standalone UI tool for managing git repositories. It also integrates with Windows Explorer and Microsoft Visual Studio (2015/2017/2019).

git-secret - :busts_in_silhouette: A bash-tool to store your private data inside a git repository.

go-tuf - Go implementation of The Update Framework (TUF)

slsa - Supply-chain Levels for Software Artifacts

trdl - The universal solution for delivering your software updates securely from a trusted The Update Framework (TUF) repository.

wasm-to-oci - Use OCI registries to distribute Wasm modules

build-extra vs msys2-installer gittuf vs gitsign build-extra vs example gittuf vs attestation build-extra vs GitExtensions gittuf vs git-secret gittuf vs go-tuf gittuf vs example gittuf vs slsa gittuf vs trdl gittuf vs wasm-to-oci