1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
Source: rekor
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Uploaders:
Reinhard Tartler <siretart@tauware.de>,
Simon Josefsson <simon@josefsson.org>,
Section: golang
Testsuite: autopkgtest-pkg-go
Build-Depends:
debhelper-compat (= 13),
dh-sequence-golang,
golang-any,
golang-github-asaskevich-govalidator-dev (>> 11.0.1~),
golang-github-blang-semver-dev,
golang-github-go-chi-chi-dev,
golang-github-go-openapi-errors-dev,
golang-github-go-openapi-runtime-dev,
golang-github-go-openapi-strfmt-dev,
golang-github-go-openapi-swag-dev,
golang-github-go-openapi-validate-dev,
golang-github-go-viper-mapstructure-dev,
golang-github-google-trillian-dev,
golang-github-hashicorp-go-cleanhttp-dev,
golang-github-hashicorp-go-retryablehttp-dev,
golang-github-in-toto-in-toto-golang-dev,
golang-github-jedisct1-go-minisign-dev,
golang-github-sassoftware-relic-dev,
golang-github-sigstore-protobuf-specs-dev,
golang-github-sigstore-sigstore-dev (>> 1.8.10-2~),
golang-github-smallstep-crypto-dev,
golang-github-spf13-cobra-dev,
golang-github-spf13-viper-dev,
golang-github-tink-crypto-tink-go-awskms-dev,
golang-github-tink-crypto-tink-go-dev,
golang-github-tink-crypto-tink-go-gcpkms-dev,
golang-github-transparency-dev-merkle-dev,
golang-github-veraison-go-cose-dev,
golang-go.uber-zap-dev,
golang-golang-x-crypto-dev,
golang-google-protobuf-dev,
golang-k8s-sigs-release-utils-dev,
golang-webpki-org-jsoncanonicalizer-dev (>> 0.20210204-1.1~),
help2man <!nodoc>,
Standards-Version: 4.7.3
Vcs-Browser: https://salsa.debian.org/go-team/packages/rekor
Vcs-Git: https://salsa.debian.org/go-team/packages/rekor.git
Homepage: https://github.com/sigstore/rekor
XS-Go-Import-Path: github.com/sigstore/rekor
Package: rekor
Architecture: any
Depends:
${misc:Depends},
${shlibs:Depends},
Built-Using:
${misc:Built-Using},
Static-Built-Using:
${misc:Static-Built-Using},
Description: Software Supply Chain Transparency Log (program)
Rekor's goals are to provide an immutable tamper resistant ledger of
metadata generated within a software projects supply chain. Rekor will
enable software maintainers and build systems to record signed metadata
to an immutable record. Other parties can then query said metadata to
enable them to make informed decisions on trust and non-repudiation of an
object's lifecycle.
.
The Rekor project provides a restful API based server for validation and
a transparency log for storage. A CLI application is available to make
and verify entries, query the transparency log for inclusion proof,
integrity verification of the transparency log or retrieval of entries
by either public key or artifact.
.
Rekor fulfils the signature transparency role of sigstore's software
signing infrastructure. However, Rekor can be run on its own and is
designed to be extensible to working with different manifest schemas and
PKI tooling.
.
This package contains the command-line tool rekor-cli.
Package: golang-github-sigstore-rekor-dev
Architecture: all
Multi-Arch: foreign
Depends:
golang-github-asaskevich-govalidator-dev (>> 11.0.1~),
golang-github-blang-semver-dev,
golang-github-go-chi-chi-dev,
golang-github-go-openapi-errors-dev,
golang-github-go-openapi-runtime-dev,
golang-github-go-openapi-strfmt-dev,
golang-github-go-openapi-swag-dev,
golang-github-go-openapi-validate-dev,
golang-github-go-viper-mapstructure-dev,
golang-github-google-trillian-dev,
golang-github-hashicorp-go-cleanhttp-dev,
golang-github-hashicorp-go-retryablehttp-dev,
golang-github-in-toto-in-toto-golang-dev,
golang-github-jedisct1-go-minisign-dev,
golang-github-sassoftware-relic-dev,
golang-github-sigstore-protobuf-specs-dev,
golang-github-sigstore-sigstore-dev (>> 1.8.10-2~),
golang-github-smallstep-crypto-dev,
golang-github-spf13-cobra-dev,
golang-github-spf13-viper-dev,
golang-github-tink-crypto-tink-go-awskms-dev,
golang-github-tink-crypto-tink-go-dev,
golang-github-tink-crypto-tink-go-gcpkms-dev,
golang-github-transparency-dev-merkle-dev,
golang-github-veraison-go-cose-dev,
golang-go.uber-zap-dev,
golang-golang-x-crypto-dev,
golang-google-protobuf-dev,
golang-k8s-sigs-release-utils-dev,
golang-webpki-org-jsoncanonicalizer-dev (>> 0.20210204-1.1~),
${misc:Depends},
Description: Software Supply Chain Transparency Log (library)
Rekor's goals are to provide an immutable tamper resistant ledger of
metadata generated within a software projects supply chain. Rekor will
enable software maintainers and build systems to record signed metadata
to an immutable record. Other parties can then query said metadata to
enable them to make informed decisions on trust and non-repudiation of an
object's lifecycle.
.
The Rekor project provides a restful API based server for validation and
a transparency log for storage. A CLI application is available to make
and verify entries, query the transparency log for inclusion proof,
integrity verification of the transparency log or retrieval of entries
by either public key or artifact.
.
Rekor fulfils the signature transparency role of sigstore's software
signing infrastructure. However, Rekor can be run on its own and is
designed to be extensible to working with different manifest schemas and
PKI tooling.
|
