Skip to content

v0.0.28

Latest
Latest

Choose a tag to compare

View all tags
@facutuesca facutuesca released this 16 Oct 16:52
v0.0.28
d400a67
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changed

  • Upgraded sigstore dependency to >=4.0.0. Since version 4.0.0,
    sigstore supports signing using the new Rekor v2 instance, which
    will become the default in the future. We force the version to 1,
    so any attestations created with pypi-attestations==0.0.28 will
    still contain Rekor v1 entries.
  • Repository has been moved to the pypi GitHub org. The new URL
    is https://github.com/pypi/pypi-attestations.
Assets 2
Loading