Overview Repositories Revisions Requests Users Attributes Meta

Supply Chain Transparency Log

Edit Package rekor
https://github.com/sigstore/rekor

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. Rekor will enable software maintainers and build systems to record signed metadata to an immutable record. Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's lifecycle. For more details visit the sigstore website

The Rekor project provides a restful API based server for validation and a transparency log for storage. A CLI application is available to make and verify entries, query the transparency log for inclusion proof, integrity verification of the transparency log or retrieval of entries by either public key or artifact.

Rekor fulfils the signature transparency role of sigstore's software signing infrastructure. However, Rekor can be run on its own and is designed to be extensible to working with different manifest schemas and PKI tooling.

  • Developed at security
  • Sources inherited from project openSUSE:Factory
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/rekor && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
rekor-0.6.0.tar.gz 0000692070 676 KB
rekor.changes 0000006012 5.87 KB
rekor.spec 0000002909 2.84 KB
vendor.tar.xz 0005989551 5.71 MB
Revision 5 (latest revision is 21)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 972809 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 5) 
- Updated to rekor 0.6.0
  - attempting to fix codeowners file by @bobcallaway in #653
  - Update the warning text for the GA release. by @dlorenc in #654
  - Add docs about API stability and deprecation policy by @priyawadhwa in #661
  - update cross-build and dockerfile to use go 1.17.7 by @cpanato in #666
  - Move k8s objects out of the default namespace by @k4leung4 in #674
  - add securityContext to deployment. by @k4leung4 in #678
  - Add intoto type documentation by @jspeed-meyers in #679
  - create namespace for rekor config in yaml. by @k4leung4 in #680
  - Set rekor-cli User-Agent header on requests by @bobcallaway in #684
  - update security process link by @bobcallaway in #685
  - explicitly set permissions for github actions by @k4leung4 in #687
  - Add documentation about Alpine type by @jspeed-meyers in #697
  - Add code coverage to pull requests. by @k4leung4 in #676
  - Consistent parenthesis use in Makefile by @k4leung4 in #700
  - Use logRangesFlag in API, route reads based on TreeID by @lkatalin in #671
  - Generate release yaml for non-CI builds. by @k4leung4 in #702
  - Mirror signed release images from GCR to GHCR as part of release by @k4leung4 in #701
  - build trillian container to existing release. by @k4leung4 in #715
  - Make the loginfo command a bit more future/backwards proof. by @dlorenc in #718
  - Switch to using the swag library for pointer manipulation. by @dlorenc in #719
  - Change TreeID to be of type string instead of int64 by @priyawadhwa in #712
  - Add sharding e2e test to Github Actions by @priyawadhwa in #714
  - fix merge conflict by @priyawadhwa in #720
  - Clearer logging for createAndInitTree by @priyawadhwa in #724
  - Return virtual index when creating and getting a log entry by @priyawadhwa in #725
  - Fix copy/paste mistake in repo name. by @k4leung4 in #730
  - Use reusuable release workflow in sigstore/sigstore by @k4leung4 in #729
  - Get log proofs by Tree ID by @priyawadhwa in #733
  - Refactor rekor-cli loginfo by @priyawadhwa in #734 (forwarded request 972808 from msmeissn)
Comments 0
openSUSE Build Service is sponsored by
Places