dlorenc
Follow
dlorenc
Follow
Achievements
Achievements
Highlights
- Pro
- 1 discussion answered
Popular repositories
2,846 contributions in the last year
Less
More
Contribution activity
August 2021
Created 34 commits in 9 repositories
Created 1 repository
- dlorenc/website JavaScript
Created a pull request in sigstore/cosign that received 7 comments
Move "verify-manifest" into "verify".
We'll keep both commands for now, but deprecate verify-manifest. Signed-off-by: Dan Lorenc dlorenc@google.com
+44
−3
•
7
comments
Opened 14 other pull requests in 5 repositories
sigstore/cosign
9
merged
1
closed
- Store attestations in the layer (payload) rather than the annotation.
- Fix some bugs in the attestation support and add a formal spec.
- Bump k8s to 0.22.1.
- Add a commented out list of OWNERS for transparency.
- Add example of openssl signing.
- Fix output display for certs.
- Move the prompting/confirmation down into the password implementations.
- Update google.golang.org/api
- Add support for timestamps in the cosign custom predicate, and docume…
- Explicitly disable auth for the sigstore-tuf-root.
sigstore/rekor
1
merged
tektoncd/chains
1
merged
slsa-framework/slsa
1
merged
kyverno/website
1
merged
Reviewed 86 pull requests in 16 repositories
sigstore/cosign
30 pull requests
- improve documentation about predicate type and change predicate type from provenance to slsaprovenance
- upgrade in-toto-golang to adapt SLSA Provenance
- fix: warnings on admissionregistration version
-
consolidate
requiredirectives for compatibility with go 1.16 - Helm CI and Release jobs
- ci: update cosign-installer to use release v1.1.0
- feat: migrate cosigned admission controller
- remove unnecessary COSIGN_PASSWORD
- add v1.1.0 relnotes
- release: update golang-cross image to use go 1.17
- update Go to 1.17.0
-
Pin
k8s.iodependencies to v0.20.7 - Make payload types public
- fix nil pointer deref in cli/upload.BlobCmd
- fix: lint warning
- Improve Kubernetes examples in docs and commands
- always check remote image
- Refactor to avoid not necessary conversion
- Don't run e2e tests on PRs
- Fix CI issues for forked repos
- Improve docs for keyless SA signing
- Refactor upload-blob to use File interface
- Bump google.golang.org/api from 0.52.0 to 0.53.0
- 'cosign init' minor enhancements (file or URL root, write to $HOME/.sigstore)
- version: add way to display a version when using go get or go install
- Some pull request reviews not shown.
sigstore/rekor
14 pull requests
- Bump github.com/go-openapi/strfmt from 0.20.1 to 0.20.2
- remove extradata field from types
- Updates to INSTALLATION.md notes
- Bump golang from 1.16.7 to 1.17.0
- Bump golang.org/x/mod from 0.4.2 to 0.5.0
- Add TUF type
- Bump google.golang.org/grpc from 1.39.1 to 1.40.0
-
Update snippets to use
consoletype for snippets - Fix unmarshalling an STH
- Bump github.com/go-openapi/runtime from 0.19.29 to 0.19.30
- Bump go.uber.org/zap from 1.18.1 to 1.19.0
- Bump golang from 1.16.6 to 1.16.7
- version: add way to display a version when using go get or go install
- Bump google.golang.org/grpc from 1.39.0 to 1.39.1
GoogleContainerTools/distroless
11 pull requests
- another manual update
- Manual run of update snapshots
- Update update-deb-package-snapshots.yml
- examples/cc: Add C++ example program
- cc: Add debian11 support
- python2.7/python3: rm testdata/debian9.yaml
- Update cloud build for manifestlist + cosign
- Preliminary debian11 (bullseye) support
- Add subdir path for cloudbuild
- Add gcs cache synchronizer
- Add support for Packages.xz
sigstore/fulcio
11 pull requests
- Bump github.com/go-openapi/errors from 0.20.0 to 0.20.1
- Bump github.com/go-openapi/strfmt from 0.20.1 to 0.20.2
- Bump golang from 1.16.7 to 1.17.0
- Bump cloud.google.com/go from 0.91.1 to 0.92.3
- Bump golang from 1.16.7 to 1.17
- Bump cloud.google.com/go from 0.90.0 to 0.91.1
- add SCT as HTTP response header
- Bump github.com/go-openapi/runtime from 0.19.29 to 0.19.30
- Bump go.uber.org/zap from 1.18.1 to 1.19.0
- Bump golang from 1.16.6 to 1.16.7
- Bump cloud.google.com/go from 0.89.0 to 0.90.0
sigstore/sigstore-maven-plugin
4 pull requests
tektoncd/chains
2 pull requests
tektoncd/triggers
2 pull requests
sigstore/homebrew-tap
2 pull requests
slsa-framework/slsa
2 pull requests
sigstore/helm-sigstore
2 pull requests
sigstore/cosign-installer
1 pull request
notaryproject/notary
1 pull request
notaryproject/notation
1 pull request
ossf/allstar
1 pull request
theupdateframework/go-tuf
1 pull request
notaryproject/notaryproject
1 pull request
Created an issue in sigstore/cosign that received 8 comments
Release v1.1.0!
@dekkagaijin @developer-guy @Dentrax anything else we want to get in for this?
8
comments