5 Pull requests merged by 3 people

• Specify sha256 in TSA request

  #1373 merged May 9, 2025

• More proto updates

  #1358 merged May 9, 2025

• build(deps): bump platformdirs from 4.3.7 to 4.3.8

  #1374 merged May 8, 2025

• make TSA validity end optional

  #1368 merged May 8, 2025

• no trailing slash for post to /entries

  #1366 merged May 8, 2025

5 Pull requests opened by 3 people

• Use trust config everywhere

  #1363 opened May 5, 2025

• improve KindVersion compatibility

  #1370 opened May 7, 2025

• Add support for ed25519 keys

  #1377 opened May 9, 2025

• build(deps): update ruff requirement from <0.11.9 to <0.11.10

  #1379 opened May 9, 2025

• Verify artifact signing time against all timestamps

  #1381 opened May 9, 2025

3 Issues closed by 1 person

• TSA request message digest defaults to sha256

  #1372 closed May 9, 2025

• Support timestamp validity periods without end dates

  #1367 closed May 8, 2025

• Trailing slash in "/entries" path

  #1365 closed May 8, 2025

7 Issues opened by 3 people

• Verifying Signature time when no inclusion promise or integrated time

  #1380 opened May 9, 2025

• Brittle TSA tests

  #1378 opened May 9, 2025

• Add support for ed25519 keys

  #1376 opened May 9, 2025

• TSA verification only works for sha256

  #1375 opened May 9, 2025

• OIDC URL is ignored in SigningConfig

  #1371 opened May 7, 2025

• Parsing KindVersion in rekor V2

  #1369 opened May 7, 2025

• rekor: Use checkpoint_key_id when possible

  #1364 opened May 5, 2025

2 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Use signingconfig from "--trust-config"

  #1347 commented on May 5, 2025 • 0 new comments

• Support rekor v2

  #1340 commented on May 7, 2025 • 0 new comments