smimesign
opentimestamps-client
| smimesign | opentimestamps-client | |
|---|---|---|
| 2 | 2 | |
| 569 | 283 | |
| 0.5% | 0.0% | |
| 0.0 | 2.6 | |
| about 1 month ago | about 2 months ago | |
| Go | Python | |
| MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
smimesign
-
Signing Git Commits with Your SSH Key
I believe GitHub's smimesign can use RFC3161 timestamps:
How to specify a timestamp server
https://github.com/github/smimesign/issues/47
-
Gitsign
smimesign supports timestamping with a normal timestamp server, with a bit of extra effort. It would be cool if your tool could (at least optionally) do the same.
https://github.com/github/smimesign/issues/47#issuecomment-4...
opentimestamps-client
-
📑 MiniBolt resources 📚 List of the MiniBolt core/bonus guides + latest versions
OpenTimeStamp-client v0.7.1 (Released: 26th August 2022) - https://github.com/opentimestamps/opentimestamps-client/releases
-
Signing Git Commits with Your SSH Key
if you sign your commits, you should also consider timestamping your commits. I use OpenTimestamps for this. Docs and some rationale here: https://github.com/opentimestamps/opentimestamps-client/blob...
from the doc:
> My signing keys (e.g. blog or Qubes code signing keys) do not have expiration dates. This is not laziness. There is a fundamental problem with using an expiration date on keys used for code signing (e.g. git tag -s), because it is unclear what the outcome should be when one verifies some old code (written and signed when the key was still valid) in the future when the key has already expired?
> Naturally we would like the old code, written and signed when the key was still valid, to continue to verify fine also in the future, after the key expires (and the developer passed away, perhaps). However, it is very problematic to prevent the attacker from creating falsified code pretending to be an old one.
What are some alternatives?
gitsign - Keyless Git signing using Sigstore
platform-samples - A public place for all platform sample projects.
git-ts - Git TimeStamp Utility
rebalance-lnd - A script that can be used to balance lightning channels of a lnd node
electrs - An efficient re-implementation of Electrum Server in Rust
community - Public feedback discussions for: GitHub Mobile, GitHub Discussions, GitHub Codespaces, GitHub Sponsors, GitHub Issues and more!
btc-rpc-explorer - Database-free, self-hosted Bitcoin explorer, via RPC to Bitcoin Core.
cargo-vet - supply-chain security for Rust
git-blame-someone-else - Blame someone else for your bad code.
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
zap-desktop - Zap Wallet - Cross platform Lightning Network wallet focused on user experience and ease of use ⚡️