Description:
Codesigning tool for Python packages
|
|
Type: Formula
|
Latest Version: 4.1.0@0
|
Tracked Since: Nov 1, 2025
|
|
Links:
Homepage |
formulae.brew.sh
|
|
Category: Security
|
|
Tags:
security
cryptography
signing
python
devops
|
|
Install:
brew install sigstore
|
About:
Sigstore-python is a Python library for signing and verifying Python package distributions using the Sigstore framework. It enables developers to generate digital signatures backed by OpenID Connect identity, ensuring software integrity and provenance. This tool is essential for adopting the upcoming PEP 740 standard for PyPI package attestation.
|
Key Features:
- Supports signing Python distributions (wheels and sdists) with digital signatures
- Integrates with OpenID Connect for identity verification (e.g., GitHub Actions)
- Provides tools for verifying signatures to ensure package integrity and provenance
- Enables transparency log uploads for immutable signature records
|
Use Cases:
- Securing Python package supply chain by signing releases before publishing to PyPI
- Verifying the authenticity and origin of downloaded Python packages in CI/CD pipelines
|
Alternatives:
-
GPG
– Sigstore uses short-lived, OIDC-based keys, eliminating the complexity of GPG key management and web-of-trust.
-
python-tuf
– TUF provides a framework for secure update systems, while Sigstore focuses specifically on code signing and identity attestation for packages.
|
| Detected |
Version |
Rev |
Change |
Commit |
| Jan 26, 2026 5:41pm |
|
0 |
REVISION_ONLY |
31e7885a |
| Jan 17, 2026 8:18am |
|
3 |
REVISION_ONLY |
373ecc0c |
| Jan 11, 2026 8:20am |
|
2 |
REVISION_ONLY |
39aebcc9 |
| Nov 1, 2025 2:53pm |
|
0 |
VERSION_BUMP |
0b05002b |
| Sep 14, 2025 4:31am |
|
1 |
VERSION_BUMP |
450d2007 |
| Aug 26, 2025 10:05am |
|
1 |
VERSION_BUMP |
eed4c297 |
| Aug 26, 2025 8:23am |
|
1 |
VERSION_BUMP |
9442bdc8 |
| Dec 11, 2024 12:55am |
|
0 |
VERSION_BUMP |
24bbe7df |
| Dec 4, 2024 8:15am |
|
1 |
VERSION_BUMP |
e512569d |
| Oct 12, 2024 11:05am |
|
0 |
VERSION_BUMP |
c2437abf |
| Sep 14, 2024 5:01am |
|
0 |
VERSION_BUMP |
bf6a0899 |
|