![Maven Central Adds Sigstore Signature Validation](https://cdn.sanity.io/images/cgdhsj6q/production/7da3bc8a946cfb5df15d7fcf49767faedc72b483-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
This project independently packages the timezone data required by ics.py
.
It includes the Olson / IANA timezone Database converted to iCalender vTimezone files by vzic
and the Unicode CLDR mapping of Windows timezone names to the Olson identifiers.
Having a separate project from ics.py allows regular releases when the timezone data changes
(which is not as seldom as you might think) without having to do a new release of ics.py
.
Similar to pytz
, this project follows the YYYY.minor
calendar versioning scheme representing the periodic updates of its data,
while ics.py
uses semantic versioning to allow ensuring compatibility with its more gradually evolving code-base.
The source code of the project itself and the IANA time zone database are in the public domain, while the Unicode CLDR Windows timezone name mapping file is under the Unicode, inc. license agreement for data files and software, having the following copyright notice:
Copyright © 1991-2013 Unicode, Inc. CLDR data files are interpreted according to the LDML specification (http://unicode.org/reports/tr35/) For terms of use, see http://www.unicode.org/copyright.html
FAQs
iCalendar vTimezone Data
We found that ics-vtimezones demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.