Overview Repositories Revisions Requests Users Attributes Meta

cosign

Edit Package cosign
https://github.com/sigstore/cosign

Cosign aims to make signatures invisible infrastructure.

Cosign supports:

- Hardware and KMS signing
- Bring-your-own PKI
- Our free OIDC PKI (Fulcio)
- Built-in

  • Developed at security
  • Sources inherited from project openSUSE:Factory
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:FactoryCandidates/cosign && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
cosign-1.9.0.tar.gz 0007240352 6.9 MB
cosign.changes 0000023251 22.7 KB
cosign.spec 0000002513 2.45 KB
vendor.tar.bz2 0121374720 116 MB
Revision 7 (latest revision is 20)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 983636 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 7) 
- updated to 1.9.0
  - Check failure message of policy that fails with issuer mismatch by @vaikas in #1815
  - [Cosigned] Add signature pull secrets by @DennyHoang in #1805
  - feat: add rego policy support by @hectorj2f in #1817
  - Refactor fulcio signer to take in KeyOpts (take 2) by @wlynch in #1818
  - cosigned: Test unsupported KMS providers by @imjasonh in #1820
  - chore(deps): Included dependency review by @naveensrinivasan in #1792
  - Add auth flow option to KeyOpts. by @wlynch in #1827
  - Document Staging instance usage with Keyless by @k4leung4 in #1824
  - New flag --oidc-providers-disable to disable OIDC providers by @puerco in #1832
  - Validate tlog entry when verifying signature via public key. by @wlynch in #1833
  - Add function to explicitly request a certain provider by @priyawadhwa in #1837
  - cosigned: Fix podAntiAffinity labels by @elfotografo007 in #1841
  - remove exclude from go.mod by @cpanato in #1846
  - [Cosigned] Glob matching improvement by @DennyHoang in #1842
  - sget: Enable KMS providers for sget by @imjasonh in #1852
  - Fix piv-tool generate-key command in TOKENS doc by @nealmcb in #1850
  - Add IBM Cloud Container Registry to tested registry list by @bainsy88 in #1856
  - If SBOM ref has .json suffix, assume JSON mediatype by @jdolitsky in #1859
  - Add rekor.0.pub TUF target to unit tests by @priyawadhwa in #1860
  - Normalize certificate flag names by @haydentherapper in #1868
  - Check certificate policy flags with only a certificate by @haydentherapper in #1869
  - Update go to 1.17.10 / cosign image to 1.18.0 and actions setup go by @cpanato in #1861
  - Point git commmit FUN.md to gitsign! by @wlynch in #1874
  - [cosigned] remove regex from the image pattern fields by @hectorj2f in #1873
  - go.mod: format go.mod by @zchee in #1879
  - Remove dependency on deprecated github.com/pkg/errors by @zchee in #1887
  - tree: only report artifacts that are present by @ribbybibby in #1872
  - update README with ebpf modules by @EItanya in #1888
  - Update github.com/google/go-containerregistry/pkg/authn/k8schain module to f1b065c6cb3d by @vpnachev in #1889 (forwarded request 983635 from msmeissn)
Comments 0
openSUSE Build Service is sponsored by
Places