Skip to content

Pull requests: sigstore/cosign

New pull request New
27 Open 3,350 Closed
27 Open 3,350 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

update offline verification directions
#4526 opened Nov 10, 2025 by some-natalie Loading…
Fix OCI verification with local cert - old bundle
#4525 opened Nov 10, 2025 by cmurphy Draft
1
chore(deps): bump cuelang.org/go from 0.14.2 to 0.15.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4524 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump github.com/buildkite/agent/v3 from 3.110.0 to 3.111.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4523 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.2.0 to 2.3.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4522 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump github.com/open-policy-agent/opa from 1.9.0 to 1.10.1 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4521 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump gitlab.com/gitlab-org/api/client-go from 0.157.0 to 0.159.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4520 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump github.com/sigstore/fulcio from 1.7.1 to 1.8.1 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4519 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4518 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump the gomod group with 5 updates dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4517 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump the actions group across 1 directory with 2 updates dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
#4516 opened Nov 10, 2025 by dependabot bot Loading…
chore(deps): bump golang from 1.25.3 to 1.25.4 in the all group dependencies Pull requests that update a dependency file docker Pull requests that update docker code
#4515 opened Nov 10, 2025 by dependabot bot Loading…
fix: Use signal context
#4514 opened Nov 9, 2025 by frezbo Loading…
1
5
chore(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
#4502 opened Oct 27, 2025 by dependabot bot Loading…
Add org.opencontainers.image.title annotation to attestation layers
#4498 opened Oct 24, 2025 by ralphbean Loading…
1
1
Support stdout output for attest-blob bundles
#4495 opened Oct 24, 2025 by ralphbean Loading…
1
4
feat(ISV-6377): let cosign use HashedRekord for TLOG verification of attestations
#4490 opened Oct 22, 2025 by BorekZnovustvoritel Loading…
2
chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
#4478 opened Oct 20, 2025 by dependabot bot Loading…
Deprecate tlog-upload flag, but still respect with signing config
#4458 opened Oct 10, 2025 by haydentherapper Loading…
1
7
Implement OCI 1.1 discovery in verify-attestation
#4453 opened Oct 10, 2025 by falcorocks Loading…
4
Fix signing and verification with ed25519 keys with bundles and Rekor
#4414 opened Sep 16, 2025 by haydentherapper Draft
8
feat(cli): add --payload-media-type to sign (fixes #4300)
#4304 opened Jul 23, 2025 by arubegonsan Loading…
1
2
feat(sign): support loading --cert/--cert-chain from URL and env variable
#4260 opened Jun 24, 2025 by ummetcivi Loading…
Return Public key in sign-blob when no certificate can be extracted.
#4224 opened Jun 6, 2025 by tommyd450 Loading…
2
add sha256:... as alternative way to specify a blob
#4016 opened Jan 17, 2025 by wolfv Loading…
13
ProTip! Filter pull requests by the default branch with base:main.