Issues: sigstore/cosign
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
cosign attach command couldn't attach the rekor-bundle to an image
bug
Something isn't working
#3678
opened Apr 28, 2024 by
ArubaTest
cosign verify with certificates requires the --certificate-identity and --certificate-oidc-issuer flags
bug
Something isn't working
#3671
opened Apr 21, 2024 by
dhaus67
Cosign should check Media Type of the layer before download of the signature
enhancement
New feature or request
#3669
opened Apr 17, 2024 by
Mukuls77
Why calling v2 referrers api and including all signature layer in new signature manifest
question
Further information is requested
#3659
opened Apr 9, 2024 by
MinerYang
Bypass YubiKey Authentication for Self-Generated Key Pairs
question
Further information is requested
#3658
opened Apr 8, 2024 by
abakerwrs
Support working with SLSA statements (without wrapping)
enhancement
New feature or request
#3641
opened Apr 3, 2024 by
fmoessbauer
Enable annotations to be set on attestations and signatures when OCI artifacts are uploaded
enhancement
New feature or request
#3640
opened Apr 2, 2024 by
arewm
Cosign doesn't accept Digicert's TSA certificate when verifying a signature
enhancement
New feature or request
#3632
opened Apr 1, 2024 by
alt-enio
Keyless Sigining Verification Fails on Github Self Hosted Runner
question
Further information is requested
#3613
opened Mar 21, 2024 by
learningcicd
cosign sign with hashivault as KMS without transit
enhancement
New feature or request
#3611
opened Mar 20, 2024 by
VenutNSA
cosign verify-attestation
hangs indefinitely in GitHub Actions
bug
#3602
opened Mar 18, 2024 by
AliSajid
Attestations require uploading entire payload to rekor
enhancement
New feature or request
#3599
opened Mar 14, 2024 by
jonjohnsonjr
Request: Update the CODEOWNERS.md with the current list of maintainers
enhancement
New feature or request
#3580
opened Mar 7, 2024 by
TheFoxAtWork
Switch to Fulcio v2 API
enhancement
New feature or request
#3569
opened Feb 29, 2024 by
haydentherapper
feature: 'cosign sign' add flags --ca-roots and --ca-intermediates to allow multiple CA roots
enhancement
New feature or request
#3568
opened Feb 29, 2024 by
dmitris
Fetch TSA certificates from TUF targets when available
enhancement
New feature or request
#3563
opened Feb 28, 2024 by
haydentherapper
verify-attestation should support --platform argument
enhancement
New feature or request
#3552
opened Feb 26, 2024 by
querti
Upgrade to latest Sigstore TUF client
enhancement
New feature or request
#3548
opened Feb 20, 2024 by
haydentherapper
Cosign / rpm integrations meta-issue
enhancement
New feature or request
#3523
opened Feb 5, 2024 by
lkatalin
Mediatype for SPDX should be application/spdx+json
bug
Something isn't working
sbom
#3515
opened Feb 2, 2024 by
lumjjb
feature: 'cosign verify' add flags --ca-roots and --ca-intermediates to allow multiple CA roots
enhancement
New feature or request
#3462
opened Jan 2, 2024 by
dmitris
cosign attach
command couldn't attach the rekor-bundle
to an image
bug
#3458
opened Jan 1, 2024 by
viveksahu26
How can I upload a detached cosign container image signature to the Rekor transparency log?
question
Further information is requested
#3457
opened Dec 29, 2023 by
paulsavoie
show a DIGEST of an image while pushing to registry
enhancement
New feature or request
#3428
opened Dec 11, 2023 by
viveksahu26
cosign dockerfile verify
problem with multistage dockerfile
question
#3425
opened Dec 7, 2023 by
itsibitzi
Previous Next
ProTip!
Find all open issues with in progress development work with linked:pr.