proxy-git.cwkhome.fun/notaryproject/notation
Notation is a CLI project to add signatures as standard items in the OCI registry ecosystem, and to build a set of simple tooling for signing and verifying these signatures. This should be viewed as similar security to checking git commit signatures, although the signatures are generic and can be used for additional purposes. Notation is an implementation of the Notary Project specifications.
You can find the Notary Project README to learn about the overall Notary Project.
[!NOTE] The documentation for installing Notation CLI is available here.
Notary Project is a CNCF Incubating project. We :heart: your contribution.
Join us at Zoom Dial-in link / Passcode: 77777. Please see the CNCF Calendar for community meeting details. Meeting notes are captured on hackmd.io.
The Notation release process is defined in RELEASE_MANAGEMENT.md.
Support for the Notation project is defined in supported releases.
This project has adopted the CNCF Code of Conduct. See CODE_OF_CONDUCT.md for further details.
This project is covered under the Apache 2.0 license. You can read the license here.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
