FICHA · MANJARO

in-toto

A framework to secure your software supply chain

  • cli-tool
  • CLI
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 28, 2026 description in en

Description

A software supply-chain security framework that records and verifies steps in a build or release process. Teams use it to prove that expected people, tools and commands handled each stage before an artifact is trusted.

Use it when a project needs stronger release integrity or compliance evidence. It is a developer and security tool, so setup requires planning keys, layout rules and verification steps.

How to run

in-toto-run

Commands: in-toto-run

Permissions

Permissions not analysed for this source yet.