Bug#1084157: RFP: sigstore-python -- sigstore is a Python tool for generating and verifying Sigstore signatures

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1084157: RFP: sigstore-python -- sigstore is a Python tool for generating and verifying Sigstore signatures
From: Stefano Rivera <stefanor@debian.org>
Date: Sat, 5 Oct 2024 12:15:46 -0700
Message-id: <[🔎] sqfgdzkxwvvhajesy5evbkhjwefyrav6k7exkxximjr67ytlzk@vfaso655smc5>
Reply-to: Stefano Rivera <stefanor@debian.org>, 1084157@bugs.debian.org

Package: wnpp
Severity: wishlist

* Package name    : sigstore-python
  Version         : 3.3.0
  Upstream Contact: Sigstore Authors <sigstore-dev@googlegroups.com>
* URL             : https://github.com/sigstore/sigstore-python
* License         : Apache-2.0
  Programming Lang: Python
  Description     : sigstore is a Python tool for generating and verifying Sigstore signatures

Features:

*  Support for keyless signature generation and verification with Sigstore
*  Support for signing with "ambient" OpenID Connect identities
*  A comprehensive CLI and corresponding importable Python API

See recent debian-devel discussion: https://lists.debian.org/msgid-search/20241004182101.lnc5dqft4vurbcrh@satie.tumbleweed.org.za

Looking at pyproject.toml, there are a few dependencies that need to
come first:

  "sigstore-protobuf-specs == 0.3.2",
  "sigstore-rekor-types == 0.0.13",
  "tuf ~= 5.0",

Reply to:

Prev by Date: Bug#1084156: ITP: python-pyflume -- Python package to integrate with Flume Sensor
Next by Date: Bug#1084160: ITP: wego -- weather app for the terminal
Previous by thread: Bug#1084156: marked as done (ITP: python-pyflume -- Python package to integrate with Flume Sensor)
Next by thread: Bug#1084160: ITP: wego -- weather app for the terminal
Index(es):
- Date
- Thread