gitsign
Security Advisories for gitsign in debian
Repackage
Low
over 1 year ago
gitsign may use incorrect Rekor entries during verification
go
github.com/sigstore/gitsign
Repackage
Moderate
over 2 years ago
Gitsign's Rekor public keys fetched from upstream API instead of local TUF client.
go
github.com/sigstore/gitsign