witness
Pluggable CLI tool for handling software artifact provenance
Installation
To install this package, run one of the following:
Usage Tracking
0.11.0
1 / 8 versions selected
Downloads (Last 6 months): 0
Description
Witness is a pluggable framework for software supply chain risk management that automates, normalizes, and verifies software artifact provenance.
About
Summary
Pluggable CLI tool for handling software artifact provenance
Last Updated
Jun 6, 2026 at 21:08
License
Apache-2.0
Supported Platforms
macOS-arm64
linux-64
win-64
Home
https://witness.dev/GitHub Repository
https://github.com/in-toto/witnessDocumentation
https://witness.dev/docs/