bindle
bindle copied to clipboard
deislabs
Bindle: Object Storage for Collections
# The Problem **TL;DR**: The canonical invoice omits semantic metadata relevant to the integrity of a `bindle` thus losing the guarantee of preserving the signed intent. Currently, from the bindle...
Per https://github.com/deislabs/bindle/issues/302#issuecomment-1030275077, I'm wondering if we'd like bindle to add the following functionality: Create a token when clients successfully log in with basic auth credentials, such that further client actions...
On `bindle push`, I'm seeing behavior where an authn error is returned when attempting to send in un/pw via env vars, but all is good when I use the global...
Right now, when Bindle loads a parcel off of the file system it checks the hash. But this is done in the storage driver. Really, this should be done a...
To complete this, I am working on the general key management in Bindle, with emphasis on creator and host key signing/verifying.
Some flags might be necessary to override defaults, but here is what I am thinking as the default behavior: - User runs `bindle push` - Client loads user's signing secret...
Bindle doesn't have a project logo/icon, so I took a pass at making one for folks to review Color variants (for light mode/dark mode): |  |  | ...
A desired feature of future-Bindle would be to mark an individual parcel as yanked. Scenario: Say we have a single library that is frequently shared by many bindles. And imagine...
I've read a lot of this spec and a lot of OCI, but I'm wondering if there are any comparisons published. I can see some differences in the feature set...
The [signing spec](https://github.com/deislabs/bindle/blob/main/docs/signing-spec.md#signing-on-the-invoice) says: `The signature is computed by concatenating the following pieces of data together in a line-separated (\n) UTF-8 string: by, name, version, role, at and the label.sha256...
