@bdehamer/sigstore
Advanced tools
oclif example Hello World CLI
$ npm install -g @bdehamer/sigstore
$ sigstore COMMAND
running command...
$ sigstore (--version)
@bdehamer/sigstore/0.0.3 darwin-arm64 node-v18.12.1
$ sigstore --help [COMMAND]
USAGE
$ sigstore COMMAND
...
sigstore attest FILEsigstore help [COMMANDS]sigstore verify ARTIFACTsigstore verify bundle [FILE]sigstore attest FILEattest the supplied file
USAGE
$ sigstore attest FILE [--json] [--fulcio-url <value>] [--rekor-url <value>] [--tsa-url <value>]
[--tlog-upload] [--oidc-client-id <value>] [--oidc-issuer <value>] [--oidc-redirect-url <value>] [-t <value>] [-o
<value>]
ARGUMENTS
FILE file to attest
FLAGS
-o, --output-file=<value> write output to file
-t, --type=<value> [default: application/vnd.in-toto+json] type to apply to the DSSE envelope
--fulcio-url=<value> [default: https://fulcio.sigstore.dev] URL to the Sigstore PKI server
--oidc-client-id=<value> [default: sigstore] OIDC client ID for application
--oidc-issuer=<value> [default: https://oauth2.sigstore.dev/auth] OIDC provider to be used to issue ID token
--oidc-redirect-url=<value> OIDC redirect URL
--rekor-url=<value> [default: https://rekor.sigstore.dev] URL to the Rekor transparency log
--tlog-upload whether or not to upload entry to the transparency log
--tsa-url=<value> URL to the Timestamping Authority
GLOBAL FLAGS
--json Format output as json.
DESCRIPTION
attest the supplied file
EXAMPLES
$ sigstore attest
See code: dist/commands/attest.ts
sigstore help [COMMANDS]Display help for sigstore.
USAGE
$ sigstore help [COMMANDS] [-n]
ARGUMENTS
COMMANDS Command to show help for.
FLAGS
-n, --nested-commands Include all nested commands in the output.
DESCRIPTION
Display help for sigstore.
See code: @oclif/plugin-help
sigstore verify ARTIFACTdescribe the command here
USAGE
$ sigstore verify ARTIFACT --bundle <value> [--tlog-threshold <value>] [--ctlog-threshold <value>]
ARGUMENTS
ARTIFACT bundle to verify
FLAGS
--bundle=<value> (required) the Sigstore bundle containing the verification material
--ctlog-threshold=<value> [default: 1] number of certificate transparency log entries required to verify
--tlog-threshold=<value> [default: 1] number of transparency log entries required to verify
DESCRIPTION
describe the command here
EXAMPLES
$ sigstore verify
See code: dist/commands/verify.ts
sigstore verify bundle [FILE]describe the command here
USAGE
$ sigstore verify bundle [FILE] [-n <value>] [-f]
ARGUMENTS
FILE file to read
FLAGS
-f, --force
-n, --name=<value> name to print
DESCRIPTION
describe the command here
EXAMPLES
$ sigstore verify bundle
FAQs
Sigstore CLI
The npm package @bdehamer/sigstore receives a total of 0 weekly downloads. As such, @bdehamer/sigstore popularity was classified as not popular.
We found that @bdehamer/sigstore demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.