This repository contains free tools to generate and verify SLSA Build Level 3 provenance for native GitHub projects using GitHub Actions. Developers can build their software using a secure process that protects against many supply chain attacks and tampering. Users of their software can verify a tamper-proof statement of the process to know how the software was created.

Features

  • Provenance is information, or metadata, about how a software artifact was created
  • Documentation available
  • Examples available
  • Generate provenance
  • Easy to use
  • Verify provenance
  • Build Your Own Builder

Project Samples

Project Activity

See All Activity >

Categories

Security

License

Apache License V2.0

Follow SLSA GitHub Generator

SLSA GitHub Generator Web Site

Other Useful Business Software
Go from Code to Production URL in Seconds Icon
Go from Code to Production URL in Seconds

Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
Try it free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of SLSA GitHub Generator!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Go

Related Categories

Go Security Software

Registered

2024-10-23