Here are
13 public repositories
matching this topic...
Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more
Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
Example project using SLSA 3 Generic Generator with GoReleaser
Sign and package attestations in sigstore bundles
A Jenkins plugin to create SLSA provenance attestations
Generates SBOMs remotely in a verifiable manner (SLSA Build L3)
Create SLSA Provenance from nix flake
Buildkite plugin that generates a SLSA Provenance attestation for a build step
Updated
Oct 22, 2025
Python
Ensignia Provenance Upload Action
Updated
Oct 6, 2025
Groovy
SLSA generate and verify provenance demo
Updated
Nov 14, 2023
Python
A Github Actions pipeline that builds safer containers
Updated
Apr 25, 2025
Dockerfile
🔒 Fail CI if dependencies in your lockfile lose npm provenance or trusted publisher status, enhancing the security of your projects.
Updated
Oct 28, 2025
TypeScript
Improve this page
Add a description, image, and links to the
slsa-provenance
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
slsa-provenance
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.