guac vs encapsule

guac

GUAC aggregates software security metadata into a high fidelity graph database. (by guacsec)

Suggest topics

Source Code

guac.sh

Suggest alternative

Edit details

encapsule

By matrixApi

Suggest topics

Source Code

Suggest alternative

Edit details

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

guac		encapsule
	Project
4	Mentions	1
1,179	Stars	0
1.2%	Growth	-
9.8	Activity	6.3
about 12 hours ago	Latest Commit	7 months ago
Go	Language	Python
Apache License 2.0	License	-

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

guac

Posts with mentions or reviews of guac. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-04-10.

Double-Entry Bookkeeping as a Directed Graph
5 projects | news.ycombinator.com | 10 Apr 2024

Interestingly I sort of went in the other direction at one point -- converting what was obviously a graph (build pipelines) into a from-to / credit-debit representation. On reflection it's just an edge list.
My main problem with adapting the representation was in the incommensurability of different kinds of asset moving through the pipeline. How does one credit source code and debit a blob store? I thought about learning more about multi-currency accounting as a source for ideas but never followed it up.
That effort inspired my thinking about a "Universal Asset Graph" for software[0] -- keeping track of not just containment but also movement and transformation of software. It's a partial but not complete inspiration for GUAC, which aims to capture software part relations for easy querying.
[0] https://theoryof.predictable.software/articles/some-requirem...
[1] https://guac.sh
Python 3.12.0 from a supply chain security perspective
5 projects | news.ycombinator.com | 5 Oct 2023

> biggest takeaway from this article is the Supply chain Levels for Software Artifacts (SLSA) security framework
See also GUAC from Kusari, Google, Citi, and others:
“GUAC (Graph for Understanding Artifact Composition) aims to fill in the gaps by ingesting software metadata, like SBOMs, and mapping out relationships between software. When you know how one piece of software affects another, you’ll be able to fully understand your software security position and act as needed.”
https://guac.sh
https://www.kusari.dev
Guac
1 project | news.ycombinator.com | 22 Oct 2022
guac: Graph for Understanding Artifact Composition (GUAC) aggregates software security metadata into a high fidelity graph database—normalizing entity identities and mapping standard relationships between them
1 project | /r/blueteamsec | 20 Oct 2022

encapsule

Posts with mentions or reviews of encapsule. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-10-05.