-
-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support verifying packages with minisign #2978
Labels
Milestone
Comments
This was referenced Jul 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature Overview
Support verifying packages with minisign.
Why is the feature needed?
To install some packages securely.
For example, zig is signed by minisign.
Workaround
No response
Example Code
This feature is similar to Cosign and slsa-verifier.
https://aquaproj.github.io/docs/reference/registry-config/cosign/
This feature depends on minisign.
So aqua should install minisign transparently same as Cosign and slsa-verifier.
registry.yaml
Note
The text was updated successfully, but these errors were encountered: