sigstore-the-hard-way
sigstore-rs
| sigstore-the-hard-way | sigstore-rs | |
|---|---|---|
| 2 | 2 | |
| 109 | 152 | |
| 0.9% | 0.7% | |
| 1.5 | 8.8 | |
| 7 days ago | 5 days ago | |
| Rust | ||
| Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sigstore-the-hard-way
- Sigstore the Hard Way
-
Signing Software The Easy Way with Sigstore and Cosign
Also, if you want to dig even deeper, you can checkout "sigstore the hard way", which is a guide to setting everything up, for scratch - including fulcio CA and rekor transparency log server.
sigstore-rs
-
What's everyone working on this week (30/2022)?
building out the project sigstore rust library
-
Comparing Rust supply chain safety tools
sigstore has a rust library https://github.com/sigstore/sigstore-rs
What are some alternatives?
rekor - Software Supply Chain Transparency Log
ez_term - Terminal UI framework based on templates and focused on simplicity.
cosign - Code signing and transparency for containers and binaries
cargo-supply-chain - Gather author, contributor and publisher data on crates in your dependency graph.
cosign-keyless-admission-webhook - Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
bevy_fundsp - A Bevy plugin that integrates FunDSP into Bevy.
cosign-installer - Cosign Github Action
idencomp - Attempt on building a high-performance compression tool for genetic data
gitsign - Keyless Git signing using Sigstore
rans-rs - rANS encoder and decoder for Rust
connaisseur - An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
velum - Lightweight and minimal blog engine