Open laurentsimon opened 1 year ago
https://github.com/sigstore/cosign/pull/3059 is splitting APIs based on providers. Once it's landed, we can use these to provide various slsa-verifier builds: on for all providers, one for Google, docker, etc
There is also a new Go library donated by GitHub folks https://github.com/sigstore/sigstore-go!
https://github.com/sigstore/cosign/pull/3059 is splitting APIs based on providers. Once it's landed, we can use these to provide various slsa-verifier builds: on for all providers, one for Google, docker, etc