Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: gitsign | Distribution: openSUSE Tumbleweed |
Version: 0.11.0 | Vendor: openSUSE |
Release: 1.1 | Build date: Thu Oct 24 10:17:01 2024 |
Group: Unspecified | Build host: reproducible |
Size: 57645717 | Source RPM: gitsign-0.11.0-1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://github.com/sigstore/gitsign | |
Summary: Keyless Git signing using Sigstore |
Keyless Git signing with Sigstore! This is heavily inspired by https://github.com/github/smimesign, but uses keyless Sigstore to sign Git commits with your own GitHub / OIDC identity.
Apache-2.0
* Thu Oct 24 2024 opensuse_buildservice@ojkastl.de - Update to version 0.11.0: * Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.4.1 (#573) * Fix matching of tlog entries to payload (#584) * Fix unhandled extension issue for cached certs (#583) * Update credential-cache messages to user (#582) * Support gitsign-credential-cache on Windows (#579) * Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (#580) * Bump anchore/sbom-action from 0.17.3 to 0.17.4 in the actions group (#581) * Trigger workflows on push only to main branch (#578) * Bump the gomod group across 1 directory with 2 updates (#577) * Bump github.com/sigstore/fulcio from 1.5.1 to 1.6.5 (#575) * Bump Go to 1.23.2 and golangci-lint to 1.61 (#576) * Bump anchore/sbom-action from 0.17.2 to 0.17.3 in the actions group (#572) * Bump github.com/docker/docker (#553) * Handle GeneralName as SAN (#571) * Bump the actions group across 1 directory with 6 updates (#569) * Fix gitsign env test (#568) * Bump the actions group with 2 updates (#552) * e2e tests: Use beacon token. (#549) * Bump github.com/sigstore/fulcio from 1.4.5 to 1.5.1 (#541) * Bump github.com/mattn/go-tty from 0.0.5 to 0.0.7 in the gomod group (#546) * Bump docker/login-action from 3.2.0 to 3.3.0 in the actions group (#545) * Bump anchore/sbom-action from 0.16.1 to 0.17.0 in the actions group (#543) * update go to 1.22.5 and fix golangci-lint action (#542) * Bump github.com/sigstore/sigstore from 1.8.6 to 1.8.7 in the gomod group (#539) * Bump github.com/coreos/go-oidc/v3 from 3.10.0 to 3.11.0 (#540) * Bump the actions group with 3 updates (#538) * Bump google.golang.org/grpc from 1.64.0 to 1.64.1 (#536) * Bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#535) * Bump github.com/sigstore/sigstore from 1.8.4 to 1.8.6 in the gomod group (#534) * Support for Client Secret File (#533) * Point to homebrew-core (#531) * Bump actions/attest-build-provenance in the actions group (#530) * Bump actions/attest-build-provenance in the actions group (#529) * Updates ci/dependabot/release (#528) * Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#527) * Bump imjasonh/setup-crane from 0.3 to 0.4 (#524) * Bump actions/checkout from 4.1.6 to 4.1.7 (#525) * Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (#521) * Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 (#522) * Bump golang.org/x/crypto from 0.23.0 to 0.24.0 (#523) * resolves #516 adds support for private rekor for gitsign attest (#517) * launchctl commands for macOS users (#520) * Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 (#518) * Bump docker/login-action from 3.1.0 to 3.2.0 (#519) * Bump anchore/sbom-action from 0.15.11 to 0.16.0 (#514) * Bump actions/checkout from 4.1.5 to 4.1.6 (#513) * Tue May 14 2024 opensuse_buildservice@ojkastl.de - Update to version 0.10.2: * Bump golang.org/x/crypto from 0.22.0 to 0.23.0 (#507) * Bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2 (#509) * Bump actions/checkout from 4.1.4 to 4.1.5 (#510) * Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (#511) * Bump google.golang.org/protobuf from 1.34.0 to 1.34.1 (#508) * Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#512) * Bump anchore/sbom-action from 0.15.10 to 0.15.11 (#498) * Bump actions/checkout from 4.1.3 to 4.1.4 (#499) * Bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 (#505) * Bump actions/setup-go from 5.0.0 to 5.0.1 (#504) * Bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#502) * Bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#503) * Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 (#500) * e2e.yaml: Avoid non-versioned TUF metadata (#496) * Bump actions/checkout from 4.1.2 to 4.1.3 (#495) * Bump golang.org/x/net from 0.22.0 to 0.23.0 (#494) * Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#493) * Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 (#492) * Remove local-user validation. (#491) * Bump github.com/sigstore/fulcio from 1.4.4 to 1.4.5 (#488) * Bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1 (#486) * Bump github.com/sigstore/rekor from 1.3.5 to 1.3.6 (#487) * Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#489) * Bump imjasonh/setup-crane from 0.2 to 0.3 (#485) * Bump golang.org/x/crypto from 0.21.0 to 0.22.0 (#490) * Wed Apr 03 2024 opensuse_buildservice@ojkastl.de - Update to version 0.10.1: * update base image for gitsign to one with shell available (#484) * Wed Apr 03 2024 opensuse_buildservice@ojkastl.de - Update to version 0.10.0: * Bump actions/cache from 4.0.1 to 4.0.2 (#478) * Bump actions/checkout from 4.1.1 to 4.1.2 (#476) * Bump anchore/sbom-action from 0.15.9 to 0.15.10 (#480) * Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 (#479) * Bump github.com/docker/docker (#477) * Bump github.com/go-git/go-git/v5 (#481) * Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 (#468) * Bump github.com/go-openapi/runtime from 0.27.1 to 0.28.0 (#469) * Bump github.com/go-openapi/strfmt from 0.22.2 to 0.23.0 (#471) * Bump github.com/go-openapi/swag from 0.22.9 to 0.23.0 (#470) * Bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 (#482) * Bump golang.org/x/crypto from 0.20.0 to 0.21.0 (#474) * Bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#472) * Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#473) * Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 (#467) * add gitsign image (#483) * Sat Mar 16 2024 opensuse_buildservice@ojkastl.de - Update to version 0.9.0: * Add config options for Autoclose and AutocloseTimeout (#466) * Bump actions/cache from 4.0.0 to 4.0.1 (#456) * Bump github.com/go-openapi/strfmt from 0.22.0 to 0.22.2 (#464) * Update to use go1.22 and ci udpates (#465) * Enable autoclose for sigstore confirmation page. (#455) * CI updates and fix lints (#461) * Remove GITSIGN_LOG env variable. (#463) * Run e2e Go tests first. (#462) * Add go-git based signer implementation. (#454) * Bump github.com/sigstore/protobuf-specs from 0.2.1 to 0.3.0 (#453) * Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#450) * Bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 (#449) * Add GITSIGN_TOKEN_PROVIDER docs (#447) * Add tokenProvider configuration for forcing OIDC providers. (#446) - BuildRequire go1.22 * Thu Feb 08 2024 opensuse_buildservice@ojkastl.de - Update to version 0.8.1: * Bump github.com/sigstore/rekor from 1.3.4 to 1.3.5 (#443) * Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#444) * Bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 (#442) * Bump anchore/sbom-action from 0.15.5 to 0.15.8 (#445) * Bump anchore/sbom-action from 0.15.4 to 0.15.5 (#441) * Bump github.com/go-openapi/swag from 0.22.7 to 0.22.9 (#440) * Bump github.com/go-openapi/runtime from 0.26.2 to 0.27.1 (#439) * Bump github.com/sigstore/sigstore from 1.8.0 to 1.8.1 (#438) * Bump anchore/sbom-action from 0.15.3 to 0.15.4 (#437) * Bump actions/cache from 3.3.3 to 4.0.0 (#436) * Bump anchore/sbom-action from 0.15.2 to 0.15.3 (#435) * Bump actions/cache from 3.3.2 to 3.3.3 (#434) * Bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#433) * Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 (#431) * Bump anchore/sbom-action from 0.15.1 to 0.15.2 (#430) * Bump github.com/go-openapi/strfmt from 0.21.10 to 0.22.0 (#428) * Bump github.com/go-openapi/swag from 0.22.6 to 0.22.7 (#429) * Bump github.com/sigstore/sigstore from 1.7.6 to 1.8.0 (#424) * Bump github.com/go-openapi/swag from 0.22.5 to 0.22.6 (#425) * Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#427) * Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#423) * Bump github.com/go-openapi/strfmt from 0.21.9 to 0.21.10 (#422) * Bump github.com/go-openapi/swag from 0.22.4 to 0.22.5 (#421) * Bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#420) * Bump github.com/go-openapi/runtime from 0.26.0 to 0.26.2 (#414) * Bump github.com/sigstore/cosign/v2 from 2.2.1 to 2.2.2 (#416) * Bump actions/setup-go from 4.1.0 to 5.0.0 (#412) * Bump anchore/sbom-action from 0.15.0 to 0.15.1 (#413) * Bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 (#417) * Bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#418) * Bump github.com/go-openapi/strfmt from 0.21.8 to 0.21.9 (#419) * Bump github.com/coreos/go-oidc/v3 from 3.8.0 to 3.9.0 (#415) * Bump github.com/go-openapi/strfmt from 0.21.7 to 0.21.8 (#410) * Bump github.com/sigstore/rekor from 1.3.3 to 1.3.4 (#409) * Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.8.0 (#408) * Bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 (#406) * Bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 (#407) * Bump anchore/sbom-action from 0.14.3 to 0.15.0 (#405) * Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (#404) * Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (#401) * Bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#403) * Fri Nov 10 2023 kastl@b1-systems.de - Update to version 0.8.0: * Add options for Rekor client, make public key fetcher configurable. (#399) * Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.1 (#400) * Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#397) * Bump github.com/sigstore/rekor from 1.3.2 to 1.3.3 (#398) * Bump github.com/docker/docker (#396) * Bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 (#394) * Bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 (#395) * Bump actions/checkout from 4.1.0 to 4.1.1 (#393) * Bump github.com/coreos/go-oidc/v3 from 3.6.0 to 3.7.0 (#392) * Bump github.com/sigstore/fulcio from 1.4.0 to 1.4.3 (#389) * Bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 (#388) * Bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#385) * Bump github.com/sigstore/rekor from 1.3.0 to 1.3.2 (#390) * Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#391) * Bump golang.org/x/net from 0.15.0 to 0.17.0 (#387) * Bump golang.org/x/crypto from 0.13.0 to 0.14.0 (#386) * upgrade to go1.21 (#383) * Bump e2e github actions workflows to go 1.21 (#384) * Bump actions/checkout from 4.0.0 to 4.1.0 (#381) * Bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 (#379) * Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 (#380) * Bump actions/checkout from 3.6.0 to 4.0.0 (#375) * Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 (#373) * Bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#377) * Bump actions/cache from 3.3.1 to 3.3.2 (#374) * Bump github.com/sigstore/rekor from 1.2.2 to 1.3.0 (#370) * Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (#372) * Bump github.com/sigstore/sigstore from 1.7.2 to 1.7.3 (#371) * Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#369) * Bump actions/checkout from 3.5.3 to 3.6.0 (#368) * Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#366) * Bump github.com/sigstore/protobuf-specs from 0.2.0 to 0.2.1 (#367) * Bump actions/setup-go from 4.0.1 to 4.1.0 (#362) * Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (#363) * Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 (#361) * Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#360) * Bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#359) * Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#358) * Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 (#356) * Bump github.com/sigstore/fulcio from 1.3.4 to 1.4.0 (#357) * Updates to avoid values appearing in certificates (#354) * Bump github.com/sigstore/fulcio from 1.3.3 to 1.3.4 (#351) * Bump github.com/secure-systems-lab/go-securesystemslib (#353) * Bump github.com/sigstore/protobuf-specs from 0.1.0 to 0.2.0 (#352) * Bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#349) * Bump github.com/sigstore/fulcio from 1.3.2 to 1.3.3 (#348) * Bump github.com/sigstore/fulcio from 1.3.1 to 1.3.2 (#345) * Bump dependabot/fetch-metadata from 1.5.1 to 1.6.0 (#343) * Bump github.com/sigstore/rekor (#347) * Bump github.com/sigstore/cosign/v2 from 2.1.0 to 2.1.1 (#344) * Bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#342) * Bump github.com/sigstore/sigstore from 1.7.0 to 1.7.1 (#340) * Bump github.com/sigstore/cosign/v2 (#341) * Bump anchore/sbom-action from 0.14.2 to 0.14.3 (#339) * Bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#338) * Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (#333) * Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#334) * Bump github.com/sigstore/sigstore from 1.6.5 to 1.7.0 (#337) * Bump golang.org/x/crypto from 0.9.0 to 0.10.0 (#336) * Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#332) * Bump actions/checkout from 3.5.2 to 3.5.3 (#331) * Fix offline verification marshalling, add e2e tests. (#330) * update sigstore/sigstore and cosign (#329) * Bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#327) * Bump dependabot/fetch-metadata from 1.4.0 to 1.5.1 (#323) * Bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#325) * Bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#324) * Bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#322) * Add gitsign initialize. (#321) * Tue May 23 2023 kastl@b1-systems.de - Update to version 0.7.1: * Offline verification: refactor to make it clear no signature checks are happening. (#319) * Revoke v0.7.0 (#318) * Tue May 23 2023 kastl@b1-systems.de - Update to version 0.7.0: * Bump github.com/jonboulle/clockwork from 0.3.0 to 0.4.0 (#316) * Add offline verification (#220) * Bump github.com/coreos/go-oidc/v3 from 3.5.0 to 3.6.0 (#314) * Bump sigstore/cosign-installer from 3.0.3 to 3.0.5 (#313) * Bump actions/setup-go from 4.0.0 to 4.0.1 (#312) * Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#310) * Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#311) * Bump github.com/docker/distribution (#309) * Bump github.com/cloudflare/circl from 1.3.1 to 1.3.3 (#308) * Bump github.com/sigstore/fulcio from 1.2.0 to 1.3.1 (#302) * Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4 (#304) * Bump github.com/in-toto/in-toto-golang from 0.8.0 to 0.9.0 (#305) * Bump anchore/sbom-action from 0.14.1 to 0.14.2 (#307) * Bump github.com/mattn/go-tty from 0.0.4 to 0.0.5 (#306) * Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#300) * Bump github.com/in-toto/in-toto-golang from 0.7.1 to 0.8.0 (#298) * Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2 (#299) * Bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#297) * Bump actions/checkout from 3.5.0 to 3.5.2 (#289) * Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3 (#296) * Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0 (#295) * Bump dependabot/fetch-metadata from 1.3.6 to 1.4.0 (#294) * Ensure that io writers are properly closed. (#292) * Bump github.com/sigstore/sigstore from 1.6.1 to 1.6.2 (#290) * Fix e2e test for initializing cosign (#287) * Update e2e test to use CDN instead of GCS (#285) * Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#283) * Mon May 01 2023 Johannes Kastl <kastl@b1-systems.de> - new package gitsign: Keyless Git signing using Sigstore
/usr/bin/gitsign /usr/share/doc/packages/gitsign /usr/share/doc/packages/gitsign/README.md /usr/share/licenses/gitsign /usr/share/licenses/gitsign/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 19 01:14:14 2024