Our Audit of sigstore is complete. High risk vulnerability found and fixed.
We’re excited to report the results for the security audit of sigstore. Sigstore is a new standard for signing, verifying and protecting software; and has quickly grown into a premier tool for securing the software supply chain. The security review was facilitated by Open Source Technology Improvement Fund and carried…