encapsule
By matrixApi
slsa-verifier
Verify provenance from SLSA compliant builders (by slsa-framework)
encapsule | slsa-verifier | |
---|---|---|
1 | 2 | |
0 | 205 | |
- | 2.9% | |
6.3 | 8.4 | |
8 months ago | 5 days ago | |
Python | Go | |
- | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
encapsule
Posts with mentions or reviews of encapsule.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-10-05.
slsa-verifier
Posts with mentions or reviews of slsa-verifier.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-11-15.
-
10 reasons you should quit your HTTP client
Each of our releases comes with SLSA provenance data (multiple.intoto.jsonl), which can be used to verify the source and provenance of the binaries with the slsa-verifier tool.
-
Python 3.12.0 from a supply chain security perspective
My biggest takeaway from this article is the Supply chain Levels for Software Artifacts (SLSA) security framework: https://github.com/slsa-framework/slsa-verifier
What are some alternatives?
When comparing encapsule and slsa-verifier you can also consider the following projects:
guac - GUAC aggregates software security metadata into a high fidelity graph database.
setuptools - Official project repository for the Setuptools build system
wg-securing-software-https
Niquests - Requests but with HTTP/3, HTTP/2, Multiplexed Connections, System CAs, Certificate Revocation, DNS over HTTPS / TLS / QUIC or UDP, Async, DNSSEC, and (much) pain removed!