cosign
https://github.com/sigstore/cosign
Cosign aims to make signatures invisible infrastructure.
Cosign supports:
- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in
- Developed at security
- Sources inherited from project openSUSE:Factory
-
2
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:SLECandidates/cosign && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
_service | 0000000127 127 Bytes | |
cosign-2.4.0.tar.gz | 0000864498 844 KB | |
cosign.changes | 0000049257 48.1 KB | |
cosign.spec | 0000004128 4.03 KB | |
vendor.tar.zst | 0009805426 9.35 MB |
Latest Revision
Ana Guerrero (anag+factory)
accepted
request 1205246
from
Marcus Meissner (msmeissn)
(revision 24)
- update to 2.4.0 (jsc#SLE-23879) - Add new bundle support to verify-blob and verify-blob-attestation (#3796) - Adding protobuf bundle support to sign-blob and attest-blob (#3752) - Bump sigstore/sigstore to support email_verified as string or boolean (#3819) - Conformance testing for cosign (#3806) - move incremental builds per commit to GHCR instead of GCR (#3808) - Add support for recording creation timestamp for cosign attest (#3797) - Include SCT verification failure details in error message (#3799) (forwarded request 1205245 from msmeissn)
Comments 0