Gittuf Alternatives

Similar projects and alternatives to gittuf

Git

285 49,964 10.0 C gittuf VS Git

Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
slsa

35 1,424 8.5 Shell gittuf VS slsa

Supply-chain Levels for Software Artifacts
InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
git-secret

22 3,621 5.7 Shell gittuf VS git-secret

:busts_in_silhouette: A bash-tool to store your private data inside a git repository.
GitExtensions

25 7,514 9.7 C# gittuf VS GitExtensions

Git Extensions is a standalone UI tool for managing git repositories. It also integrates with Windows Explorer and Microsoft Visual Studio (2015/2017/2019).
gitsign

10 899 9.1 Go gittuf VS gitsign

Keyless Git signing using Sigstore
attestation

3 187 8.6 Go gittuf VS attestation

in-toto Attestation Framework
build-extra

3 616 9.0 Inno Setup gittuf VS build-extra

Additional files and scripts to help build Git for Windows on MSYS2.
SaaSHub

www.saashub.com featured

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
example

1 - - gittuf VS example
go-tuf

1 597 8.9 Go gittuf VS go-tuf

Go implementation of The Update Framework (TUF)
trdl

1 234 4.8 Go gittuf VS trdl

The universal solution for delivering your software updates securely from a trusted The Update Framework (TUF) repository.
wasm-to-oci

2 234 0.0 Go gittuf VS wasm-to-oci

Use OCI registries to distribute Wasm modules

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better gittuf alternative or higher similarity.

Suggest an alternative to gittuf

gittuf reviews and mentions

Posts with mentions or reviews of gittuf. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-23.

Git Branches: Intuition and Reality
6 projects | news.ycombinator.com | 23 Nov 2023

It actually does but it's very much in alpha/active development (under the umbrella of OpenSSF with the intent of being integrated into mainline git eventually).
https://github.com/gittuf/gittuf
Gittuf – a security layer for Git using some concepts introduced by TUF
5 projects | news.ycombinator.com | 24 Oct 2023

Hey Will, thanks!
The paper is from quite a few years ago now and the reference is for a subset of gittuf's threat model, specifically the metadata manipulation / reference state attacks. The paper talks about MITM as one way to carry out a ref state attack, but if you're communicating with a compromised repository, you can be a victim of such an attack even if you're using authenticated transport and using signed commits / tags that you have a way of verifying.
We do have a threat model for gittuf that we've been meaning to add [0] to the design doc. I'll try and get that done today. It should probably be in there before we tag our alpha release. :)
[0] https://github.com/gittuf/gittuf/issues/95

Stats

Basic gittuf repo stats

Mentions

Stars

329

Activity

9.6

Last Commit

about 8 hours ago

gittuf/gittuf is an open source project licensed under Apache License 2.0 which is an OSI approved license.

The primary programming language of gittuf is Go.

Popular Comparisons