Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems. Learn more →
Rekor Alternatives
Similar projects and alternatives to rekor
-
-
InfluxDB
InfluxDB high-performance time series database. Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.
-
-
-
styled-components
Visual primitives for the component age. Use the best bits of ES6 and CSS to style your apps without stress 💅
-
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
-
jj
Discontinued A Git-compatible VCS that is both simple and powerful [Moved to: https://github.com/jj-vcs/jj] (by martinvonz)
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
-
-
-
-
-
-
-
-
-
-
Knapsack
Knapsack splits tests evenly across parallel CI nodes to run fast CI build and save you time. (by ArturT)
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better rekor alternative or higher similarity.
rekor discussion
rekor reviews and mentions
Posts with mentions or reviews of rekor.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-03-08.
-
12 cool open-source projects worth checking out in 2025
Website link: Sigstore
-
On-silicon real-time AI compute governance from Nvidia, Intel, EQTY Labs
You lose some benefits around distributed trust & anchoring. But not all. DLT are established in software supply chains. e.g.
https://docs.sigstore.dev/logging/overview/
https://github.com/sigstore/rekor
-
k8s-pvc-tagger: The Swiss Army Knife of AWS EBS Tagging
The container images are signed with sigstore/cosign and can be verified by running:
-
Using the Trusty API to gain provenance information for a Package
The first being Sigstore
-
Obtainium – Get Android App Updates Directly from the Source
There could be asset hashes in sigstore: https://sigstore.dev/
Is there a good way to run native mobile app GUI tests with GitHub Actions?
A VM/container emulator like anbox, waydroid, (or all of ChromeOS Flex in KVM) in a GitHub Action is probably enough to run GUI tests?
"Build your own SLSA 3+ provenance builder on GitHub Actions"
- Why SQLite Does Not Use Git
-
PGP signatures on PyPI: worse than useless
I expect something like https://sigstore.dev
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
sigstore is another suite of tools that focuses on attestation and provenance. Within the suite are two tools I heard mentioned a few times at KubeCon: Cosign and Rekor.
- 50% new NPM packages are spam
-
Spin 1.0 — The Developer Tool for Serverless WebAssembly
Since we can distribute Spin applications using popular registry services, we can also take advantage of ecosystem tools such as Sigstore and Cosign, which address the software supply chain issue by signing and verifying applications using Sigstore's new keyless signatures (using OIDC identity tokens from providers such as GitHub).
-
A note from our sponsor - InfluxDB
influxdata.com | 22 Apr 2025
Stats
Basic rekor repo stats
33
951
9.5
1 day ago
sigstore/rekor is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of rekor is Go.
Sponsored
InfluxDB high-performance time series database
Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.
influxdata.com