Signing Software The Easy Way with Sigstore and Cosign Signing software artifacts has many obvious benefits such as code integrity or developer (author) authentication. Yet it’s oftentimes neglected, creating a software ripe for supply chain attacks. One of the reasons why people can’t be bothered to sign their code is that existing tools – such…

Read More