notation
notation copied to clipboard
notaryproject
A CLI tool to sign and verify artifacts
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 1.0.1 to 1.0.2. Release notes Sourced from actions/add-to-project's releases. v1.0.2 What's Changed build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in actions/add-to-project#583 build(deps-dev): bump @types/node from...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Modify targeted goarch and ignore irelevant configs (e.g windows / arm and darwi n/ arm)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.1 to 4.5.0. Commits e28ff12 chore(release): bump to 4.5.0 (#1477) 7594baa Use an existing token even if the PR is from a fork (#1471) 81c0a51 feat: add...
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. Release notes Sourced from actions/checkout's releases. v4.1.7 What's Changed Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739 Bump...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1. Release notes Sourced from github.com/spf13/cobra's releases. v1.8.1 ✨ Features Add env variable to suppress completion descriptions on create by @scop in spf13/cobra#1938 🐛 Bug...
### What is not working as expected? The OCSP timeout threshold is hardcoded to 2 seconds, which is not flexible enough. One of our notation customers encounters timeout issues frequently,...
### What is not working as expected? N/A ### What did you expect to happen? We created a guideline that defines the guiding principles for Notation CLI error message improvements...
### Is your feature request related to a problem? Would notation consider to wrap the `application/vnd.cncf.notary.signature` from `config.MediaType` to `artifactType` field in the signature manifest to better utilize [oci-spec v1.1...
### What is not working as expected? CNCF provides a tool Clomonitor to run OpenSSF Security Best Practice checks on CNCF projects. There is a signing related check that has...
### Is your feature request related to a problem? CNCF provides a tool Clomonitor to run OpenSSF Security Best Practice checks on CNCF projects. There is a signing related check...