Skip to content

Pull requests: sigstore/cosign

New pull request New
26 Open 3,456 Closed
26 Open 3,456 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Deprecate cosign triangulate
#4676 opened Jan 31, 2026 by steiza Loading…
chore(deps): bump google.golang.org/api from 0.260.0 to 0.262.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4672 opened Jan 26, 2026 by dependabot bot Loading…
chore(deps): bump gitlab.com/gitlab-org/api/client-go from 1.11.0 to 1.18.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4671 opened Jan 26, 2026 by dependabot bot Loading…
chore(deps): bump github.com/sigstore/rekor-tiles/v2 from 2.0.1 to 2.1.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4670 opened Jan 26, 2026 by dependabot bot Loading…
chore(deps): bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.10.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4669 opened Jan 26, 2026 by dependabot bot Loading…
chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.4.1 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4668 opened Jan 26, 2026 by dependabot bot Loading…
1
chore: make oci11 referrer selection deterministic
#4656 opened Jan 20, 2026 by 1seal Loading…
1
disallow key and cert identity being used together during verification
#4636 opened Jan 13, 2026 by piceri Loading…
1
6
chore(deps): bump chainguard-dev/actions from 1.5.10 to 1.5.11 in the actions group dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
#4632 opened Jan 12, 2026 by dependabot bot Loading…
2
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.9.1 to 0.10.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4631 opened Jan 12, 2026 by dependabot bot Loading…
chore(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4630 opened Jan 12, 2026 by dependabot bot Loading…
chore(deps): bump golang.org/x/term from 0.38.0 to 0.39.0 dependencies Pull requests that update a dependency file go Pull requests that update Go code
#4628 opened Jan 12, 2026 by dependabot bot Loading…
Sign exclusively via sigstore-go for sign-blob
#4618 opened Jan 5, 2026 by aaronlew02 Loading…
17
Supporting OCI Signing with X.509 Certificate Chain
#4614 opened Jan 5, 2026 by yangkenneth Draft
2
fixes sigstore/cosign/issues/4591
#4593 opened Dec 20, 2025 by rhuddleston Loading…
1
1
Update e2e tests to use scaffolding containers
#4548 opened Nov 25, 2025 by aaronlew02 Loading…
1
1
Add org.opencontainers.image.title annotation to attestation layers
#4498 opened Oct 24, 2025 by ralphbean Loading…
1
1
Support stdout output for attest-blob bundles
#4495 opened Oct 24, 2025 by ralphbean Loading…
1
4
feat(ISV-6377): let cosign use HashedRekord for TLOG verification of attestations
#4490 opened Oct 22, 2025 by BorekZnovustvoritel Loading…
3
Fix signing and verification with ed25519 keys with bundles and Rekor
#4414 opened Sep 16, 2025 by Hayden-IO Draft
8
feat(cli): add --payload-media-type to sign (fixes #4300)
#4304 opened Jul 23, 2025 by arubegonsan Loading…
1
2
feat(sign): support loading --cert/--cert-chain from URL and env variable
#4260 opened Jun 24, 2025 by ummetcivi Loading…
Return Public key in sign-blob when no certificate can be extracted.
#4224 opened Jun 6, 2025 by tommyd450 Loading…
2
add sha256:... as alternative way to specify a blob
#4016 opened Jan 17, 2025 by wolfv Loading…
13
Enable signing and verifying image without registry access
#4014 opened Jan 16, 2025 by bkabrda Loading…
1
2
ProTip! Updated in the last three days: updated:>2026-01-29.