Evidence Gate

Version updated for https://github.com/AlenKaleb/evidencegate-action to version v1.0.0.

• This action is used across all versions by ? repositories.

Action Type

This is a Node action using Node version 20.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Evidence Gate is a GitHub Action designed for compliance gating by validating Software Bill of Materials (SBOM) files and verifying provenance attestations in software supply chains. It automates the process of ensuring supply chain artifacts meet compliance requirements before release, supporting SBOM formats like CycloneDX and SPDX. Key capabilities include configurable validation modes (warn, fail, or enforce), native GitHub integration for reporting, and flexible configuration for gradual or strict adoption.

Release notes

Feat: EvidenceGate Action

• AlenKaleb
• GitHub Actions