Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Sigstore v1.0 Launch for Open-Source Software Supply Chain Security

23.Tablet Connections Esm H446

Sigstore that is backed by Google, Red Hat, GitHub, and other prominent organizations with an aim to secure the open-source software supply chain has reached general availability and issued the "v1.0" releases for their key software components.

This week Sigstore celebrated its general availability milestone and releasing the v1.0 software of their Rekor transparency log and Fulcio certificate authority software. Sigstore now considers itself to be production-grade for software artifact signing and verification.

Sigstore provides the means of easily and cryptographically-backed means of signing code, verifying signatures using a transparency log, and monitoring of activity for safely vetting the software supply chain.

The link for this article located at Phoronix is no longer available.