Overview Repositories Revisions Requests Users Attributes Meta

cosign

Edit Package cosign
https://github.com/sigstore/cosign

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in

  • Developed at security
  • Sources inherited from project openSUSE:Factory
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:FactoryCandidates/cosign && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
cosign-1.8.0.tar.gz 0007217748 6.88 MB
cosign.changes 0000019836 19.4 KB
cosign.spec 0000002513 2.45 KB
vendor.tar.bz2 0013149080 12.5 MB
Revision 6 (latest revision is 20)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 978429 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 6) 
- updated to 1.8.0
 - Move the KMS integration imports into the binary entrypoints by @mattmoor in #1744
 - [Cosigned] Convert functions for webhookCIP from v1alpha1 by @DennyHoang in #1736
 - Refactor policy related code, add support for vuln verify by @vaikas in #1747
 - Use bundle log ID to find verification key by @haydentherapper in #1748
 - [cosigned] The webhook name is now configurable via --webhook-name flag by @vpnachev in #1726
 - Add intermediate CA certificate pool for Fulcio by @haydentherapper in #1749
 - test: create fake TUF test root and create test SETs for verification by @asraa in #1750
 - Implement identities, fix bug in webhook validation. by @vaikas in #1759
 - Validate issuer/subject regexp in validate webhook. by @vaikas in #1761
 - chore: add warning when attaching sBOMs by @hectorj2f in #1756
 - Verify embedded SCTs by @haydentherapper in #1731
 - chore: add warning when downloading a sBOM by @hectorj2f in #1763
 - [policy-webhook] The webhooks name is now configurable via --(validating|mutating)-webhook-name flags by @vpnachev in #1757
 - Break the CIP action tests into a sh script. by @vaikas in #1767
 - tuf: add debug info if tuf update fails by @asraa in #1766
 - cosigned: add support for rsa keys by @hectorj2f in #1768
 - Cosigned validate against remote sig src by @DennyHoang in #1754
 - Add Fulcio intermediate CA certificate to intermediate pool by @haydentherapper in #1774
 - fix: more informative error by @ybelMekk in #1778
 - Run update-codegen. by @wlynch in #1789
 - Remove the dependency on v1alpha1.Identity which brings in unnecessary k8s deps. by @vaikas in #1790
 - Refactor fulcio signer to take in KeyOpts. by @wlynch in #1788
 - test: add cue unit tests by @hectorj2f in #1791
 - Attestations + policy in cip. by @vaikas in #1772
 - chore: add rego function to consume modules and evaluate them by @hectorj2f in #1787
 - Add parallelization for processing policies / authorities. by @vaikas in #1795
 - Allow passing keys via environment variables (env:// refs) by @znewman01 in #1794
 - Handle context cancelled properly + tests. by @vaikas in #1796
 - Fix a bug where an error would send duplicate results. by @vaikas in #1797
Comments 0
openSUSE Build Service is sponsored by
Places