Skip to content

buildsec/vendorme

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
example
example
 
 
img
img
 
 
tests
tests
 
 
util
util
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

vendorme

Vendorme is a tool that makes vendoring your project easier to do. It improves the developer workflow by giving you one single place to manage any vendored dependencies, and ensures that those are validated properly to improve the security around your supply chain.

Installation

With go 1.16 installed, run

go install github.com/buildsec/vendorme@latest

How it works

Vendorme takes a basic definition of what you want to vendor, and how to validate it. It will then go through your file - see example

Currently it only supports rekor validations.

Useage

vendorme pull will default to looking for a vendor.yaml

Vendorme CLI

otherwise vendorme pull yourvendorfile.yaml

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity
Custom properties

Stars

7 stars

Watchers

6 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages