{"library":"in-toto-attestation","type":"library","category":null,"description":"Python bindings for the in-toto Attestation Framework. This library provides models and serialization for creating, verifying, and bundling software attestations according to the in-toto specification (v1.0+). Current version is 0.9.3 on PyPI, but the library is under active development with GitHub releases up to v1.2.0. The PyPI package lags behind the specification releases; users should prefer the latest GitHub release for up-to-date functionality.","language":"python","status":"active","version":"0.9.3","tags":["in-toto","attestation","supply-chain","security","provenance","slsa"],"last_verified":"Fri May 01","install":[{"cmd":"pip install in-toto-attestation","imports":["from in_toto_attestation.v1 import Statement","from in_toto_attestation.v1.resource_descriptor import ResourceDescriptor","from in_toto_attestation.v1.attestation import Attestation","from in_toto_attestation.v1.bundle import Bundle"]},{"cmd":"pip install git+https://github.com/in-toto/attestation.git@v1.2.0","imports":[]}],"homepage":"https://in-toto.io","github":"https://github.com/in-toto/attestation","docs":null,"changelog":null,"pypi":"https://pypi.org/project/in-toto-attestation/","npm":null,"openapi_spec":null,"status_page":null,"smithery":null,"compatibility":null}