-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
part of the supply chain is your source forge and builders. On GitHub, you can point the builders to your own infra.. and then maybe check cryptographically that all source code that lands on the builder is correctly is signed and trusted.
But it's nearly impossible to do that for the forge itself (GitHub).
I recommend https://slsa.dev for a better picture of a secure supply chain.
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
To be fair these are quite old. I thought there were newer things as well but not sure.
Related posts
-
SLSA – Supply-Chain Levels for Software Artifacts
-
SLSA • Supply-Chain Levels for Software Artifacts
-
OSCM: The Open Source Consumption Manifesto
-
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub GitLab assets. Version 1.0 is out, check out the new enterprise-level policies.
-
Legitify: Detect and remediate misconfigurations, security and compliance issues across all your GitHub and GitLab assets with ease