Pinned Repositories
evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
jupyter-lineage
kubecon-eu22
llvm-project
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies. Note: the repository does not accept github pull requests at this moment. Please submit your patches at http://reviews.llvm.org.
PackagePermissionsManager
scorecard
Security Scorecards - Security health metrics for Open Source
scorecard-remediation-tests
Test for scorecard remediations
slsa-delegator
slsa-github-generator-ko
slsa-on-github-test
Test for SLSA
laurentsimon's Repositories
laurentsimon/scorecard
Security Scorecards - Security health metrics for Open Source
laurentsimon/PackagePermissionsManager
laurentsimon/jupyter-lineage
laurentsimon/slsa-github-generator
laurentsimon/slsa-on-github-test
Test for SLSA
laurentsimon/arrow
Apache Arrow is a multi-language toolbox for accelerated data interchange and in-memory processing
laurentsimon/attestation
in-toto Attestation Framework
laurentsimon/binaries
laurentsimon/bq-queries
laurentsimon/cosign
Container Signing
laurentsimon/croissant
Croissant is a high-level format for machine learning datasets that brings together four rich layers.
laurentsimon/dataset-recorder
laurentsimon/goproxy
An HTTP proxy library for Go
laurentsimon/goreleaser
Deliver Go binaries as fast and easily as possible
laurentsimon/jupyter_client
Jupyter protocol client APIs
laurentsimon/ko-copy
laurentsimon/model-debug
laurentsimon/model-transparency
laurentsimon/notebook
laurentsimon/npm-dep1
laurentsimon/parquet-cli
Command line (CLI) tool to inspect Apache Parquet files on the go
laurentsimon/provenance-npm-test
laurentsimon/rekor
Software Supply Chain Transparency Log
laurentsimon/s3cme
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance
laurentsimon/sigstore-python
A codesigning tool for Python packages
laurentsimon/slsa
Supply-chain Levels for Software Artifacts
laurentsimon/slsa-org
laurentsimon/slsa-project
laurentsimon/slsa-verifier
laurentsimon/starter-workflows
Accelerating new GitHub Actions workflows