Skip to main content

Sigstore Java - Sign And Verify Your Java Builds

 sigstore-java, currently under development but not yet ready for general-purpose use,  is a tool for signing and verifying Java package distributions with Sigstore's keyless signing. This is one more step taken by Sigstore towards securing the software supply chain.

Sigstore signing empowers software developers to securely sign software artifacts such as release files, container images and binaries. These signatures are then stored in a tamper-proof public log - for free.

full article on i-programmer:

https://www.i-programmer.info/news/80-java/16176-sigstore-java-sign-and-verify-your-java-builds.html

Labels:

Comments

Post a Comment

Popular posts from this blog

Spatial Data Management For GIS and Data Scientists

  Videos of the lectures taught in Fall 2023 at the University of Tennessee are now available as a YouTube playlist. They provide a complete overview of the concepts of GeoSpatial science using Google Earth Engine, PostgresSQL GIS , DuckDB, Python and SQL. https://www.i-programmer.info/news/145-mapping-a-gis/16772-spatial-data-management-for-gis-and-data-scientists.html
Post a Comment
Read more