notation vs secure-supply-chain-on-aks

Our great sponsors

WorkOS - The modern identity platform for B2B SaaS

InfluxDB - Power Real-Time Data Analytics at Scale

SaaSHub - Software Alternatives and Reviews

Our great sponsors

notation		secure-supply-chain-on-aks
	Project
7	Mentions	2
289	Stars	28
6.6%	Growth	-
8.9	Activity	8.0
6 days ago	Latest Commit	5 months ago
Go	Language	Shell
Apache License 2.0	License	-

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

notation

Posts with mentions or reviews of notation. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-15.

Securing CI/CD Images with Cosign and OPA
4 projects | dev.to | 15 Nov 2023

Notary v2: The evolution to Notary v2 brought improvements in signature portability and integration with third-party key management solutions. However, it does not provide a certificate authority, leaving public key discovery for open-source image verification as an unresolved issue.
Automating Kubernetes Deployments with FluxCD for Patched and Signed Container Images
3 projects | dev.to | 27 Sep 2023

Notation
Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain
4 projects | dev.to | 5 Sep 2023

Notation is another command-line too that lets you digitally sign artifacts. And those signatures essentaily become the stamps of approval for the different things in your software supply chain. For example, container images.
notaryproject/notation: Notation is a project to add signatures as standard items in the registry ecosystem, and to build a set of simple tooling for signing and verifying these signatures. Based on Notary V2 standard.
1 project | /r/devopsish | 7 Feb 2023
Getting Started with Notary
3 projects | dev.to | 23 Sep 2022

Notary is the CNCF project name and is often referenced when referring to the process of signing digital artifacts, but Notation is the command line tool that does the heavy lifting. Run the following commands to install Notation.
Dagger: a new way to build CI/CD pipelines
29 projects | news.ycombinator.com | 30 Mar 2022
Making the Internet more secure one signed container at a time
3 projects | /r/kubernetes | 6 May 2021

It should be interoperable, that's the goal. I proposed some idea for nv2 here: https://github.com/notaryproject/nv2/issues/39 and here: https://github.com/notaryproject/nv2/issues/40 too.

secure-supply-chain-on-aks

Posts with mentions or reviews of secure-supply-chain-on-aks. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-09-27.