Signature Transparency Log designed for ease of use, low cost, and minimal maintenance

Binary transparency log to make tampered artifact distribution auditable

Verify certificates using OS trust stores

Rust clients for the Fulcio and Rekor APIs

TUF client conformance test suite

Throw a tag at it and it comes back with a checksum.

TUF repository for Sigstore trust root

Staging TUF repository for Sigstore trust root

A Sigstore client written in Python

Conformance testing for Sigstore clients

An automated TUF repository demo

A local caching server

A TUF repository and signing tool

free autopilot for sailboats written in python supporting signalk

Faking an AC12 autopilot to unlock autopilot panel/functionality on B&G Triton2 and Vulcan/Zeus

A web app to visualize your TUF repositories

Community artifact repository workflow experiments

JavaScript implementation of The Update Framework (TUF)

Automated updates for stand-alone Python applications.

Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

Test vectors for TUF

Command line tool for editing and maintaining a TUF repository

Python reference implementation of The Update Framework (TUF)

git commit --fixup, but automatic

Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU

The Python package installer

pip fork to experiment with PEP-458 implementation https://www.python.org/dev/peps/pep-0458/: See branch tuf-v2 (and tuf-mvp and tuf-mvp-vendored for earlier work)

reproducible, snapshot-based Debian rootfs builder

A series of blog posts and talks about the world of containers 📦