Batuhan Apaydın
Batuhan Apaydın
[SLSA Framework organization ](https://github.com/slsa-framework)provides a bunch of generators (Trusted Go builder[^1], Generic Generator[^2], Container Generator[^3]) today and all of them were announced as GA[^4] pretty recently. So, we can use...
Signed-off-by: Batuhan Apaydın It requires ko => v0.12.0 to use the `--bare` option with the local daemon. _https://github.com/ko-build/ko/pull/820_
Hello folks, really really great project, I love the idea ❤️ What about making a new release with GoReleaser? I can make a PR to show how to do it,...
### Describe the feature or problem you’d like to solve There is a brilliant tool called actionlint[^1] to make a static check for GitHub Actions workflow files, so I'm proposing...
TBH: I really really like this repository because it gives us very detailed examples about each topic but searching through the code samples is really hard for finding and also...
Signed-off-by: Batuhan Apaydın cc: @cpanato
/cc @elinesterov @dlorenc Signed-off-by: Batuhan Apaydın
[cosign](https://github.com/sigstore/cosign) maintained by [sigstore](https://sigstore.dev/) community is a new standard that allows the signature and verification of container images and OCI artifacts. we (w/@dentrax @erkanzileli) thought that we can add this...
**Description** The idea is actually came from here[^1]. We can support verification of the signature with multiple public keys, I couldn't think over the design much yet but, at the...