witness

Witness prevents tampering of build materials and verifies the integrity of the build process from source to target. It works by wrapping commands executed in a continuous integration process. Its attestation system is pluggable and offers support out of the box for most major CI and infrastructure providers. Verification of Witness metadata and a secure PKI distribution system will mitigate against many software supply chain attack vectors and can be used as a framework for automated governance.

Name

witness

Main Program

witness

Programs

• witness

Homepage

• https://github.com/testifysec/witness

Version

0.10.2

License

• Apache License 2.0

Maintainers

• Frederick F. Kautz IV
• Jack

Platforms

• x86_64-darwin
• aarch64-darwin
• aarch64-linux
• armv5tel-linux
• armv6l-linux
• armv7a-linux
• armv7l-linux
• i686-linux
• loongarch64-linux
• m68k-linux
• microblaze-linux
• microblazeel-linux
• mips-linux
• mips64-linux
• mips64el-linux
• mipsel-linux
• powerpc-linux
• powerpc64-linux
• powerpc64le-linux
• riscv32-linux
• riscv64-linux
• s390-linux
• s390x-linux
• x86_64-linux
• wasm64-wasi
• wasm32-wasi
• i686-freebsd
• x86_64-freebsd
• aarch64-freebsd

Defined

Source