Skip to content
@sigstore

sigstore

Software Supply Chain Security
sigstore logo

Sign. Verify. Protect. Making sure your software is what it claims to be.

Learn more at https://sigstore.dev/

Pinned Loading

  1. cosign cosign Public

    Code signing and transparency for containers and binaries

    Go 4.6k 551

  2. fulcio fulcio Public

    Sigstore OIDC PKI

    Go 664 140

  3. rekor rekor Public

    Software Supply Chain Transparency Log

    Go 908 164

  4. sigstore-rs sigstore-rs Public

    An experimental Rust crate for sigstore

    Rust 177 53

  5. sigstore-python sigstore-python Public

    A Sigstore client written in Python

    Python 235 49

  6. sigstore-java sigstore-java Public

    java clients for sigstore

    Java 46 20

Repositories

Showing 10 of 60 repositories
  • sigstore Public

    Common go library shared across sigstore services and clients

    sigstore/sigstore’s past year of commit activity
    Go 452 Apache-2.0 124 34 15 Updated Dec 25, 2024
  • github-sync Public

    Pulumi GitHub Sync for sigstore

    sigstore/github-sync’s past year of commit activity
    Go 5 Apache-2.0 4 0 1 Updated Dec 25, 2024
  • timestamp-authority Public

    RFC3161 Timestamp Authority

    sigstore/timestamp-authority’s past year of commit activity
    Go 73 Apache-2.0 39 9 2 Updated Dec 25, 2024
  • root-signing Public

    TUF repository for Sigstore trust root

    sigstore/root-signing’s past year of commit activity
    Makefile 90 Apache-2.0 81 18 0 Updated Dec 24, 2024
  • root-signing-staging Public

    Staging TUF repository for Sigstore trust root

    sigstore/root-signing-staging’s past year of commit activity
    4 Apache-2.0 6 5 0 Updated Dec 24, 2024
  • cosign Public

    Code signing and transparency for containers and binaries

    sigstore/cosign’s past year of commit activity
    Go 4,598 Apache-2.0 551 232 (1 issue needs help) 17 Updated Dec 24, 2024
  • policy-controller Public

    Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign

    sigstore/policy-controller’s past year of commit activity
    Go 123 56 53 5 Updated Dec 24, 2024
  • protobuf-specs Public

    Protocol Buffer specifications

    sigstore/protobuf-specs’s past year of commit activity
    Rust 23 Apache-2.0 31 30 7 Updated Dec 24, 2024
  • sigstore-js Public

    Code-signing for npm packages

    sigstore/sigstore-js’s past year of commit activity
    TypeScript 158 Apache-2.0 23 4 2 Updated Dec 23, 2024
  • gitsign Public

    Keyless Git signing using Sigstore

    sigstore/gitsign’s past year of commit activity
    Go 957 63 20 (1 issue needs help) 2 Updated Dec 23, 2024