Sign in with GitHub
← Back to Discover
chainloop-dev

chainloop-dev/chainloop

GoApache-2.0active
88Health

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

Stars556
Forks54
Open Issues20
Contributors54
Last Push0d ago

Health Breakdown

Activity
25
Community
25
Maintenance
13
Popularity
25
#attestation#compliance#cyclonedx#devsecops#in-toto#license#metadata-platform#open-source-licensing#ospo#oss-compliance#regulated-industry#sbom#sbom-discovery#sbom-distribution#security#slsa#slsa-provenance#spdx#supply-chain-security
View on GitHub ↗Issues (20) ↗Pull Requests ↗Wiki ↗

Should you contribute to chainloop-dev/chainloop?

chainloop-dev/chainloop has a FoundDev health score of 88/100, which puts it in the active-and-maintained tier. The maintainer team is shipping recently, issues are being closed, and a PR you open this week has a realistic chance of being reviewed.

Last push was 0 days ago — that signals an actively maintained project. New issues are likely to get a maintainer response within days. The project is written primarily in Go, so prior Go experience will shorten ramp-up.

Licensed under Apache-2.0, a standard OSI-approved license — safe to contribute to under normal employer IP policies.

Community

chainloop-dev88

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

active
55654 contributors20 issues
0d ago

More Go repos

kubevirt
kubevirt/hyperconverged-cluster-operator
Operator pattern for managing multi-operator products
18497
openshift
openshift/origin
Conformance test suite for OpenShift
8.7k94
axone-protocol
axone-protocol/axoned
⛓️ Axone blockchain 💫
17594