cosign

Edit Package cosign
https://github.com/sigstore/cosign

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in

Refresh
Refresh
Source Files
Filename Size Changed
_service 0000000127 127 Bytes
cosign-2.4.0.tar.gz 0000864498 844 KB
cosign.changes 0000049257 48.1 KB
cosign.spec 0000004128 4.03 KB
vendor.tar.zst 0009805426 9.35 MB
Latest Revision
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1205246 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 24)
- update to 2.4.0 (jsc#SLE-23879)
  - Add new bundle support to verify-blob and verify-blob-attestation (#3796)
  - Adding protobuf bundle support to sign-blob and attest-blob (#3752)
  - Bump sigstore/sigstore to support email_verified as string or boolean (#3819)
  - Conformance testing for cosign (#3806)
  - move incremental builds per commit to GHCR instead of GCR (#3808)
  - Add support for recording creation timestamp for cosign attest (#3797)
  - Include SCT verification failure details in error message (#3799) (forwarded request 1205245 from msmeissn)
Comments 0
openSUSE Build Service is sponsored by