Hackernews posts about Sigstore
- OpenPubKey and Sigstore (blog.sigstore.dev)
- Sigstore protects Apt archives: apt-verify and apt-sigstore (blog.josefsson.org)
- Keyless Signing with Witness and SigStore (www.testifysec.com)
- Sigstore Announces General Availability for Rekor and Fulcio (blog.sigstore.dev)
- Signed Git Commits with Buildkite, Sigstore, Gitsign and OIDC (buildkite.com)
- A stable release of sigstore-Python (blog.trailofbits.com)
- NPM and Sigstore: Making JavaScript secure by default (www.chainguard.dev)
- sigstore-python 2.0 (blog.sigstore.dev)
- A stable release of sigstore-Python (blog.trailofbits.com)
- Need to Sign Your Code and Haven’t a Clue? Sigstore Can Help (thenewstack.io)
- Elastic Stack container images signed with Sigstore (www.elastic.co)
- Sigstore: Roots of Trust for Software Artifacts (www.infoworld.com)
- Towards Easier, More Secure Signature Tech for the Java Ecosystem with Sigstore (blog.sigstore.dev)
- Keyless Signing of Digital Attestations with Witness and SigStore (www.testifysec.com)
- The 1.0 release of sigstore-Python (blog.sigstore.dev)
- You can’t use Sigstore without Sigstore (blog.sigstore.dev)
- Sigstore December Roundup (blog.sigstore.dev)
- Signatus, ergo securus? Who can sign what with TUF and Sigstore (blog.sigstore.dev)
- Comparing In-Toto and Sigstore: Two Approaches to Software Supply Chain Security (www.testifysec.com)
- Sigstore the Easy Way (rewanthtammana.com)
- Sigstore November Roundup (blog.sigstore.dev)
- Sigstore Reaches General Availability (www.i-programmer.info)
- Show HN: Trusty – Dependency Software Supply Chain Security (www.trustypkg.dev)
- We Sign Code Now (blog.trailofbits.com)
- An Introduction to Fulcio (edu.chainguard.dev)