Overview Repositories Revisions Requests Users Attributes Meta

cosign

Edit Package cosign
https://github.com/sigstore/cosign

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in

  • Developed at security
  • Sources inherited from project openSUSE:Factory
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:SLECandidates/cosign && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
cosign-1.6.0.tar.gz 0007069651 6.74 MB
cosign.changes 0000011353 11.1 KB
cosign.spec 0000002490 2.43 KB
vendor.tar.bz2 0012781280 12.2 MB
Revision 4 (latest revision is 24)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 966617 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 4) 
- updated to 1.6.0
  - Fix double time import in e2e tests by @saschagrunert in #1388
  - Add --timeout support to sign command by @saschagrunert in #1379
  - Fix comparison in replace option for attestation by @bburky in #1366
  - Add Cosign logo to README by @nsmith5 in #1395
  - Minor refactor to verify SCT and Rekor entry with multiple keys by @haydentherapper in #1396
  - Fix a link of SECURITY.md by @knqyf263 in #1399
  - update cosign and cross-build image for the release job by @cpanato in #1400
  - feat: login command by @developer-guy in #1398
  - TUF: Add root status output by @asraa in #1404
  - Add a newline after password input by @knqyf263 in #1407
  - make imageRef lowercase before parsing by @bobcallaway in #1409
  - Improve error message when image is not found in registry by @imjasonh in #1410
  - Add ability to override the Spiffe socket via environmental variable: by @vaikas in #1421
  - Fix incorrect error check when verifying SCT by @haydentherapper in #1422
  - Skip the ReadWrite test that flakes on Windows. by @dlorenc in #1415
  - Allow PassFunc to be nil by @saschagrunert in #1426
  - Update the cosign keyless documentation to point to the GA release. by @dlorenc in #1427
  - Remove TUF timestamp from OCI signature bundle by @haydentherapper in #1428
  - Add docs on API stability and deprecation table by @priyawadhwa in #1429
  - update cross-build image which adds goimports by @cpanato in #1435
  - feat: enhance clean cmd capability by @developer-guy in #1430
  - use the upstream kubernetes version lib and ldflags by @n3wscott in #1413
  - Improve log lines to match with implementation by @marcofranssen in #1432
  - feat: fig autocomplete feature by @developer-guy in #1360
  - update cross-build to use go 1.17.7 by @cpanato in #1446
  - Fetch verification targets by TUF custom metadata by @haydentherapper in #1423
  - feat: add -buildid= to ldflags by @developer-guy in #1451
  - Streamline SignBlobCmd API with SignCmd by @saschagrunert in #1454
  - convert release cosigned to also generate yaml artifact. by @k4leung4 in #1453 (forwarded request 966616 from msmeissn)
Comments 0
openSUSE Build Service is sponsored by
Places