-
### Describe the bug
```
gh --version
gh version 2.55.0 (2024-08-20)
https://github.com/cli/cli/releases/tag/v2.55.0
```
Currently the `gh attestation verify --help` for the `--signer-workfl…
-
Currently, no verification is done when an attestation is received in the control plane. Creation and validation checks are done in the client side, but not on the server side.
We should allow ope…
-
### Description
Update workflows to use attestations when publishing to PyPI.
https://github.com/pypa/gh-action-pypi-publish/discussions/255
### Additional Information
_No response_
-
Specification states that "The revocation of an Entity is made with the unavailability of the Entity Statement related to it" [Link ](https://github.com/italia/eudi-wallet-it-docs/blob/df948503e22cbf9…
-
# Beacon Node API Implementation Roadmap
This document outlines the tasks to implement the Beacon Node API endpoints.
## Beacon
- [x] `GET /eth/v1/beacon/genesis` - Retrieve details of the ch…
-
https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds.
seems like while pypa is still suggestion …
-
I came across this following link describing the currently in public beta feature to use artifact assestations to establish provenance for builds here on GitHub; https://docs.github.com/en/actions/se…
-
1. Implement normalization of the remaining annotations, namely `-` for
prenominal forms, `=` for pronominal, `+` for qualitative, and `―` for
_same as above_.
Just carry them on a separ…
-
Witness should be able to verify and create policy on cosign sigs
-
Thanks for this action and all the work on the whole infrastructure setup. 🙂
I'm just starting to attempt to generate SBOM and provenance attestations (this part using this action), sign my images …