-
Notifications
You must be signed in to change notification settings - Fork 58
Insights: sigstore/sigstore-python
Overview
Could not load contribution data
Please try again later
29 Pull requests merged by 5 people
-
build(deps): update ruff requirement from <0.11.12 to <0.11.13
#1417 merged
May 29, 2025 -
ci: ambient credential tests fix
#1416 merged
May 29, 2025 -
feat:(oidc) derive audience claim from client_id in IdentityToken
#1402 merged
May 29, 2025 -
Verifier: Use correct Timestamp hash algorithm
#1385 merged
May 27, 2025 -
trust: Support operator field, support multiple services
#1407 merged
May 27, 2025 -
improve KindVersion compatibility
#1370 merged
May 23, 2025 -
build(deps): update ruff requirement from <0.11.11 to <0.11.12
#1410 merged
May 23, 2025 -
use new SigningConfig generator in fixtures
#1409 merged
May 23, 2025 -
Fix timestamp tests
#1406 merged
May 22, 2025 -
Use trust config everywhere
#1363 merged
May 22, 2025 -
build(deps): bump rfc3161-client from 1.0.1 to 1.0.2
#1399 merged
May 20, 2025 -
build(deps): bump pyopenssl from 25.0.0 to 25.1.0
#1397 merged
May 19, 2025 -
build(deps): bump cryptography from 44.0.3 to 45.0.2
#1398 merged
May 19, 2025 -
docs: added a link to the CI workflow
#1391 merged
May 19, 2025 -
Fix instantiation in
_to_rekor()for optional inclusion promise#1382 merged
May 19, 2025 -
build(deps): bump sigstore-protobuf-specs from 0.4.1 to 0.4.2
#1392 merged
May 19, 2025 -
build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 in the actions group
#1393 merged
May 18, 2025 -
Verify artifact signing time against all timestamps
#1381 merged
May 16, 2025 -
build(deps): update ruff requirement from <0.11.10 to <0.11.11
#1386 merged
May 15, 2025 -
Add support for ed25519 keys
#1377 merged
May 14, 2025 -
build(deps): update ruff requirement from <0.11.9 to <0.11.10
#1379 merged
May 12, 2025 -
Specify sha256 in TSA request
#1373 merged
May 9, 2025 -
More proto updates
#1358 merged
May 9, 2025 -
build(deps): bump platformdirs from 4.3.7 to 4.3.8
#1374 merged
May 8, 2025 -
make TSA validity end optional
#1368 merged
May 8, 2025 -
no trailing slash for post to /entries
#1366 merged
May 8, 2025 -
build(deps): bump cryptography from 44.0.2 to 44.0.3
#1362 merged
May 2, 2025 -
build(deps): bump github/codeql-action from 3.28.16 to 3.28.17 in the actions group
#1361 merged
May 2, 2025 -
build(deps): update ruff requirement from <0.11.8 to <0.11.9
#1360 merged
May 1, 2025
3 Pull requests opened by 1 person
-
[DRAFT] Rekor v1 and v2 support via signing-config
#1387 opened
May 16, 2025 -
[DRAFT] Add RekorV2Client
#1400 opened
May 20, 2025 -
sign and verify with Rekorv2
#1414 opened
May 23, 2025
18 Issues closed by 2 people
-
Signing: hardcoded audience value won't allow a custom sigstore clients audience claim
#1401 closed
May 29, 2025 -
TSA verification only works for sha256
#1375 closed
May 27, 2025 -
Add tests for signingconfig service selection
#1411 closed
May 27, 2025 -
trust: Provide a better way to select service versions
#1396 closed
May 27, 2025 -
trust: Handle the "operator" field in trust root
#1395 closed
May 27, 2025 -
Parsing KindVersion in rekor V2
#1369 closed
May 23, 2025 -
CI: `staging` fixture not working
#1408 closed
May 23, 2025 -
CI: TSA tests silently failing
#1405 closed
May 22, 2025 -
OIDC URL is ignored in SigningConfig
#1371 closed
May 22, 2025 -
Use trustconfig throughout the project
#1359 closed
May 22, 2025 -
Use signingconfig from "--trust-config"
#1347 closed
May 22, 2025 -
Pydantic verification when inclusion promise is missing.
#1383 closed
May 19, 2025 -
Verifying Signature time when no inclusion promise or integrated time
#1380 closed
May 16, 2025 -
Brittle TSA tests
#1378 closed
May 14, 2025 -
Add support for ed25519 keys
#1376 closed
May 14, 2025 -
TSA request message digest defaults to sha256
#1372 closed
May 9, 2025 -
Support timestamp validity periods without end dates
#1367 closed
May 8, 2025 -
Trailing slash in "/entries" path
#1365 closed
May 8, 2025
10 Issues opened by 5 people
-
Align Client Fallback Behavior for Deprecated ECDSA Algorithms in v3 Bundles
#1415 opened
May 27, 2025 -
Add tests for local containers in CI
#1413 opened
May 23, 2025 -
signing: Use all logs listed in signingconfig
#1412 opened
May 23, 2025 -
Concurrency errors from multiple TUF Updaters
#1403 opened
May 21, 2025 -
fail reasonably on unsupported kindversions
#1394 opened
May 19, 2025 -
Signing: Support multiple rekor logs while signing
#1390 opened
May 16, 2025 -
Signing: Support multiple TSAs while signing
#1389 opened
May 16, 2025 -
Handle public good SigningConfig once it's available
#1388 opened
May 16, 2025 -
Cannot verify npm attestations
#1384 opened
May 14, 2025
#1364 opened
2 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
Document our TSA/signed timestamp policy
#1226 commented on
May 13, 2025 • 0 new comments -
Support rekor v2
#1340 commented on
May 20, 2025 • 0 new comments