Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signing our release using SigStore #2568

Open
sunng87 opened this issue Oct 11, 2023 · 0 comments
Open

Signing our release using SigStore #2568

sunng87 opened this issue Oct 11, 2023 · 0 comments
Labels
C-enhancement Category Enhancements

Comments

@sunng87
Copy link
Member

sunng87 commented Oct 11, 2023

What type of enhancement is this?

Configuration

What does the enhancement do?

Sigstore is an open source project for improving software supply chain security. The Sigstore framework and tooling empowers software developers and consumers to securely sign and verify software artifacts such as release files, container images, binaries, software bills of materials (SBOMs), and more. Signatures are generated with ephemeral signing keys so there’s no need to manage keys. Signing events are recorded in a tamper-resistant public log so software developers can audit signing events.

https://docs.sigstore.dev/

Implementation challenges

No response
@sunng87 sunng87 added the C-enhancement Category Enhancements label Oct 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-enhancement Category Enhancements
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sunng87