Skip to content

in-toto/go-witness

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

436 Commits
.github
.github
 
 
archivista
archivista
 
 
attestation
attestation
 
 
cryptoutil
cryptoutil
 
 
dsse
dsse
 
 
hack
hack
 
 
internal
internal
 
 
intoto
intoto
 
 
log
log
 
 
policy
policy
 
 
registry
registry
 
 
schemagen
schemagen
 
 
signer
signer
 
 
slsa
slsa
 
 
source
source
 
 
timestamp
timestamp
 
 
.clomonitor.yml
.clomonitor.yml
 
 
.gitignore
.gitignore
 
 
.golangci.yml
.golangci.yml
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
DEPENDENCY.md
DEPENDENCY.md
 
 
LICENSE
LICENSE
 
 
MAINTAINERS.md
MAINTAINERS.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY-INSIGHTS.yml
SECURITY-INSIGHTS.yml
 
 
SECURITY.md
SECURITY.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
imports.go
imports.go
 
 
imports_nonwindows.go
imports_nonwindows.go
 
 
run.go
run.go
 
 
sign.go
sign.go
 
 
verify.go
verify.go
 
 
verify_test.go
verify_test.go
 
 

Repository files navigation

go-witness

A client library for Witness, written in Go.

Go Reference Go Report Card OpenSSF Best Practices OpenSSF Scorecard FOSSA Status

Status

This library is currently pre-1.0 and therefore the API may be subject to breaking changes.

Features

  • Creation and signing of in-toto attestations
  • Verification of in-toto attestations and associated signatures with:
  • A growing list of attestor types defined under a common interface
  • A selection of attestation sources to search for attestation collections

Documentation

For more detail regarding the library itself, we recommend viewing pkg.go.dev. For the documentation of the witness project, please view the main witness repository.

Requirements

In order to effectively contribute to this library, you will need:

  • A Unix-compatible Operating System
  • GNU Make
  • Go 1.19

Running Tests

This repository uses Go tests for testing. You can run these tests by executing make test.

About

Go implementation of witness

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

25 stars

Watchers

7 watching

Forks

19 forks
Report repository

Releases 18

v0.6.0 Latest
Jun 17, 2024
+ 17 releases

Packages

No packages published

Contributors 24

+ 10 contributors

Languages