search

sigstore / sigstore-rs

An experimental Rust crate for sigstore
https://sigstore.github.io/sigstore-rs/sigstore/
Apache License 2.0
156 stars 48 forks source link

sign: init #310

Closed jleightcap closed 6 months ago

jleightcap commented 7 months ago

Summary

Add ability to sign artifacts à la sigstore-python, towards Bundle signing and verification. Follow-up from #305, and the prerequisite motivation to #311.

Release Note

Expose added bundle and sign modules. No breaking changes to existing modules.

Documentation

woodruffw commented 7 months ago

I've done a quick pass on this, and it LGTM overall -- thanks @jleightcap and @tnytown!

@flavio Is there anything else we can or should do here? I see https://github.com/sigstore/sigstore-rs/pull/310#discussion_r1405833990 as one (small) outstanding thing, but there might be others I've missed 🙂

flavio commented 6 months ago

@woodruffw merged! thanks to all the people involved :heart: