search

sigstore / root-signing

TUF repository for Sigstore trust root
Apache License 2.0
80 stars 77 forks source link

sign-root-targets for joshuagl #1137

Closed joshuagl closed 3 months ago

joshuagl commented 4 months ago

Summary

Release Note

Documentation

kommendorkapten commented 4 months ago

@haydentherapper this is the test signing, it looks as expected. For root:

Targets:

Running verify:

Outputting metadata verification at /Users/kommendorkapten/git/root-signing/repository...

Verifying root.json...
    Contains 1/3 valid signatures from the current staged metadata
    Contains 1/3 valid signatures from the previous root
    root version 9, expires 2024/08/28

Verifying targets.json...
    Contains 1/3 valid signatures from the current staged metadata
    targets version 9, expires 2024/08/28