gitsign
git
gitsign | git | |
---|---|---|
10 | 616 | |
899 | 8,080 | |
0.7% | 0.7% | |
9.1 | 0.0 | |
3 days ago | 4 days ago | |
Go | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitsign
-
Gittuf – a security layer for Git using some concepts introduced by TUF
> does it also filter/escape ANSI Sequences in messages and author names?
Not at present! Do you have a link or so I could use to familiarize myself? I'm curious if it'd fall within gittuf's scope.
> does it block garbage collection?
Nope, it doesn't. That said, the repository will have more objects, gittuf tracks additional objects through custom refs in `refs/gittuf/`.
> how do you ensure that the developers are really the developers and there's no spoofing?
At present, gittuf policies use signing keys. It doesn't rely on the commit metadata for author and committer but rather the commit's signature. We support GPG and Sigstore's gitsign [0] right now, and we want to support other signing mechanisms like SSH keys as well.
[0] https://github.com/sigstore/gitsign
-
Signing Git Commits with Your SSH Key
You may want to check out https://github.com/sigstore/gitsign! You can generate ephemeral x509 code signing certs for free using Sigstore.
(disclosure: I'm a maintainer for gitsign)
-
A toolbox for a secure software supply chain
Def check out the gitsign project mentioned in the post: https://github.com/sigstore/gitsign
-
Enable Gitsign Today and Start Signing your Commits
Gitsign offers a keyless commit signing implementation based on OIDC, which is an identity layer built on top of the OAuth 2.0 framework. Gitsign supports verifying your identity either through GitHub, Microsoft, or a Google account.
-
SSH commit verification now supported
Shameless plug for the gitsign project in sigstore: https://github.com/sigstore/gitsign
This isn't supported by GitHub yet but we're hopefully working towards that too.
- sigstore/gitsign: Keyless Git signing using Sigstore
- Keyless Git signing with Sigstore!
-
Gitsign
We used to actually run an RFC3161 timestamp server in addition to the transparency log but recently turned it down because no one was using it. I'd like to bring it back for stuff like this.
https://github.com/sigstore/gitsign/issues/22
git
-
Understanding the Basics of Git.
Go to this link
-
"Filename too long" error even after "fix" in git bash (windows 10)
I'd start by verifying that you're on the most current version of Git for Windows, and updating if that isn't the case. Followed by opening an issue here, if you're still encountering the problem.
-
Gitting Started with Git: A Beginner's Guide to Version Control
Download the Git for Windows installer from the official website (https://gitforwindows.org/).
-
pyaction 4.24.0 Released
This Docker image is designed to support implementing Github Actions with Python. As of version 4.0.0., it starts with the official python docker image as the base which is a Debian OS. It specifically uses python:3-slim to keep the image size down for faster loading of Github Actions that use pyaction. On top of the base, we've installed curl gpg, git, and the GitHub CLI. We added curl and gpg because they are needed to install the GitHub CLI, and they may come in handy anyway (especially curl) when implementing a GitHub Action.
-
Save yourselves a lot of hassle (New to AwesomeWM PSA)
May I introduce you to https://git-scm.com/
-
An AsyncAPI Example: Building Your First Event-driven API
Git
-
Basics of Git
Before you start using Git, you need to install it on your computer. You can download and install Git from the official website (https://git-scm.com/). Once installed, open a terminal or command prompt and run the following commands to configure Git with your name and email:
-
Publish an NPM Package from a GitHub Repository
Git: You should have Git installed on your machine. You can download it from the official website (https://git-scm.com/).
-
Better Git Commits with `@commitlint`
When working on a project together, Git is a crucial tool that help teams collaborate smoothly. One of the key features is commits, which act like snapshots of the project's progress.
-
"Мобильная" разработка. [Системы контроля версий, Git]
Официальный сайт Git
What are some alternatives?
smimesign - An S/MIME signing utility for use with Git
git-lfs - Git extension for versioning large files
git-ts - Git TimeStamp Utility
Chocolatey - Chocolatey - the package manager for Windows
github - Just a place to track issues and feature requests that I have for github
HomeBrew - 🍺 The missing package manager for macOS (or Linux)
SignTools - ✒ A free, self-hosted platform to sideload iOS apps without a computer
deemix-webui
community - Public feedback discussions for: GitHub Mobile, GitHub Discussions, GitHub Codespaces, GitHub Sponsors, GitHub Issues and more!
Camunda BPM - Flexible framework for workflow and decision automation with BPMN and DMN. Integration with Quarkus, Spring, Spring Boot, CDI.
cargo-vet - supply-chain security for Rust
sensible-side-buttons - A macOS menu bar app that enables system-wide navigation functionality for the side buttons on third-party mice.