nsmith5
Self-hosting and infrastructure enthusiast. Background in statistical physics and high performance computing
@1PasswordSeattle
nsmith5's Stars
copy/v86
x86 PC emulator and x86-to-wasm JIT, running in the browser
sigstore/cosign
Code signing and transparency for containers and binaries
woodpecker-ci/woodpecker
Woodpecker is a simple yet powerful CI/CD engine with great extensibility.
coreos/go-systemd
Go bindings to systemd socket activation, journal, D-Bus, and unit files
chainguard-dev/apko
Build OCI images from APK packages directly without Dockerfile
sigstore/gitsign
Keyless Git signing using Sigstore
sigstore/rekor
Software Supply Chain Transparency Log
sigstore/fulcio
Sigstore OIDC PKI
chainguard-dev/osquery-defense-kit
Production-ready detection & response queries for osquery
anatol/booster
Fast and secure initramfs generator
sigstore/sigstore
Common go library shared across sigstore services and clients
chainguard-dev/melange
build APKs from source code
rsc/tlogdb
Reusable transparent log database
witchery-project/witchery
build distroless images with alpine tools
stacklok/sigstore-the-hard-way
sigstore the hard way!
cilium/cilium-service-mesh-beta
Instructions and issue tracking for Service Mesh capabilities of Cilium
secure-systems-lab/dsse
A specification for signing methods and formats used by Secure Systems Lab projects.
sigstore/scaffolding
Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
kubernetes-sigs/tejolote
A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
mpe/linux-fullhistory
Full history of Linux created by Yoann Padioleau and Rob Landley. See the wiki for usage instructions.
tabbysable/POC-2020-8558
Information about Kubernetes CVE-2020-8558, including proof of concept exploit.
AevaOnline/supply-chain-synthesis
Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
tstromberg/ioc-bench
Benchmark for common indicators of compromise
dolmen-go/jsonptr
JSON Pointer (RFC 6901) for Go
chainguard-dev/hakn
A High-Availability distribution of Knative.
chainguard-dev/clank
Simple tool that allows you to detect imposter commits in GitHub Actions workflows.
chainguard-dev/tlogistry
Transparenty Immutable Container Image Tags
chainguard-images/actions
GitHub actions for the chainguard-images
wlynch/smimecosign
Keyless Git signing with cosign!
testifysec/witness
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.