Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

sigstore / sigstore-js Public

Notifications You must be signed in to change notification settings
Fork 23
Star 160

Code
Issues 5
Pull requests 9
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Releases: sigstore/sigstore-js

Releases · sigstore/sigstore-js

@sigstore/[email protected]

06 Jun 15:15

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Minor Changes

439343b: Use new OAuth identity provider for retrieving OIDC tokens in non-CI environments

Patch Changes

0d9acd4: adds OAuth identity provider in support of interactive authentication flows for the attest command
a923d32: Bump @oclif/color from 1.0.5 to 1.0.6
2bd39a2: Bump @oclif/color from 1.0.4 to 1.0.5
Updated dependencies [4fdf826]
Updated dependencies [f72e2b2]
Updated dependencies [5ea8b63]
Updated dependencies [84fd931]
- [email protected]

Assets 2

Loading

All reactions

[email protected]

16 May 13:34

[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

[email protected]

Patch Changes

2f89e43: Update Fulcio client to handle responses with detached SCTs

Assets 2

Loading

All reactions

@sigstore/[email protected]

16 May 16:22

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

c6c0840: Export SearchLogQuery type

Assets 2

Loading

All reactions

@sigstore/[email protected]

16 May 16:22

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

45980a3: Fix support for --tlog-upload/--no-tlog-upload flag

Assets 2

Loading

All reactions

@sigstore/[email protected]

16 May 13:34

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

929d5d2: Fix to allow --tlog-upload flag to be negated with --no-tlog-upload
Updated dependencies [2f89e43]
- [email protected]

Assets 2

Loading

All reactions

[email protected]

15 May 16:27

[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

[email protected]

Patch Changes

cab068e: Propagate retry/timeout options to the Timestamp Authority client

Assets 2

Loading

All reactions

@sigstore/[email protected]

15 May 16:27

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

6078e49: Initial release

Assets 2

Loading

All reactions

@sigstore/[email protected]

15 May 17:22

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

e8d440e: Add missing @oclif/color dependency

Assets 2

Loading

All reactions

@sigstore/[email protected]

15 May 16:26

@sigstore/[email protected]

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

@sigstore/[email protected]

Patch Changes

630f2fa: Initial release
Updated dependencies [cab068e]
- [email protected]

Assets 2

Loading

All reactions

v1.5.0

11 May 16:38

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v1.5.0

Minor Changes

f4c677e: Generated bundle excludes Fulcio root and intermediate certificates
5ca42a0: New tsaServerURL option for requesting a timestamp from a Timestamp Authority API
4e715c9: Exposes a new tuf.client function which returns a client for retrieving targets from the Sigstore TUF repository.
4b97516: New tlogUpload option for sign and attest to control signature uploads to the transparency log
f927296: New retry and timeout options to control fetch behavior when errors occur

Patch Changes

2e5e733: Certificate chain verification enforces pathlen constraint for CA certs
3205ce9: Updates certificate verification to ignore all but the first certificate present in the bundle
bb2006b: Updating embedded Sigstore TUF root to v7

Assets 2

Loading

All reactions

Previous 1 2 … 10 11 12 13 14 Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.