chainguard-dev Organization Homepage Use Shoulder to learn the repositories in this organization. apko Build OCI images from APK packages directly without Dockerfile osquery-defense-kit Production-ready detection & response queries for osquery melange build APKs from source code malcontent the paranoid open-source malware scanner ssc-reading-list A reading list for software supply-chain security. incert Add CA certificates into containers actions A collection of reusable Github Actions workflows. edu Educational Resources for Software Supply Chain Security osqtool Automated testing, generation & manipulation of #osquery packs bomshell An SBOM query language and associated utilities justtrustme digestabot Github Action to automatically update digests for container images. bom-shelter A place to systematically store software bill of materials (SBOM) documents. vex vexctl is a tool to attest VEX impact statements darkfiles Darkfiles finds orphaned files in container images and makes them to bad deeds cosign-ecs-verify Lambda function for verifying signed images in ECS hello-melange-apko Demo app duplicated in 5 languages (Go/JavaScript/Python/Ruby/Rust) showing how to go from source code to container image using melange+apko registry-redirect go-apk native go library for installation and management of apk packages rules_apko Bazel rules for apko crow-registry
