David Tesar
David Tesar
The workflow option is nice, but I still believe there would be value added by having an option to configure this from the GitHub action because: 1. There are a...
@alexeldeib are any of these gaps on the planned backlog?
I think this issue is still relevant although I believe there should be a refreshed version of the issue based on the newest developments (i.e. Workload identity and existing support...
We need the spec for verify. [Relevant sign and verify workflow document](https://github.com/notaryproject/notaryproject/blob/main/signing-and-verification-workflow.md).
I know this already works today and we use this for our notation azure key vault plugin. The user story is here to ensure: 1. There is nothing missing/needed for...
@priteshbandi - this is to make sure that **plugin list** works for RC-1. The other is to make sure that sign and verify works with plugins.
> We might also need to make output script-friendly. Yes there could be something like a `-o json` option to output it json format
Related to #175 and #167
I'm assuming that the system-level directory is a security mechanism for certain things (like the trust store). Therefore, if the user directory overrides the system, wouldn't that be a security...