0.5.0
·
293 commits
to main
since this release
- Signatures can be published to a Rekor transparency log (#117, #119)
It is now possible to upload the signatures made via the endpoint gpg/:name/sign to a Rekor instance.
You can choose to upload information into the transparency when your create a new key, you only need to choose a value for the parameter transparency_log_address (e.g. the public instance https://rekor.sigstore.dev/). For existing keys you can update the parameter transparency_log_address with the new configuration update endpoint.
You can find more details about Rekor in the Rekor's documentation.