-
Notifications
You must be signed in to change notification settings - Fork 573
Issues: sigstore/cosign
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
CVE-2025-30204 - golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing
bug
Something isn't working
#4133
by candrews
was closed Mar 25, 2025
Manual Renewal Process for Expired root.json
question
Further information is requested
#4100
by CyberSecurityBox
was closed Mar 11, 2025
Container tag v2.4.3 is not available?
bug
Something isn't working
#4087
by BrianGorter078
was closed Feb 26, 2025
Wrong mediatype on attestation replace
bug
Something isn't working
#4076
by stgrace
was closed Feb 25, 2025
Cosign copy command requires "--only" since 2.4.2
bug
Something isn't working
#4048
by MPritsch
was closed Feb 6, 2025
tuf: failed to download 8.root.json
question
Further information is requested
#4026
by monkeysandy
was closed Feb 17, 2025
Kanidm as provider?
question
Further information is requested
#4012
by unusualevent
was closed Jan 21, 2025
Conformance Tests Failed
bug
Something isn't working
#4002
by github-actions
bot
was closed Jan 13, 2025
Clean up old images that is not in used
bug
Something isn't working
enhancement
New feature or request
#3984
by cpanato
was closed Jan 9, 2025
The Something isn't working
latest tag for the ghcr.io image contains a build that is 2 years old
bug
#3983
by gmpinder
was closed Dec 23, 2024
Overwriting remote options with only the last in a slice of remote options
bug
Something isn't working
#3981
by warrenhodg
was closed Dec 19, 2024
Cosign seems to default to docker.io
bug
Something isn't working
#3947
by john-r-swyftx
was closed Nov 29, 2024
Allow providing root.json checksum instead of a full root.json file for cosign initialize
enhancement
New feature or request
#3946
by bkabrda
was closed Jan 7, 2025
Whitelist IPs for cosign verify
question
Further information is requested
#3944
by axi92
was closed Dec 6, 2024
Warn users if fetching trusted root via TUF
enhancement
New feature or request
#3932
by steiza
was closed Nov 13, 2024
Detect if new protocol buffer bundle is being used for verification
enhancement
New feature or request
#3930
by steiza
was closed Nov 13, 2024
Signed container images push to GCP Artifact Registry are unsuable
question
Further information is requested
#3929
by lucstjean-ssc
was closed Nov 12, 2024
Support client certificates when communicating with the registry server (mTLS)
enhancement
New feature or request
#3915
by zpon
was closed Nov 6, 2024
scorecard badge goes to json api instead of the picture
bug
Something isn't working
#3911
by andy778
was closed Oct 22, 2024
SIGNATURE_SPEC.md references USAGE.md
It does so regarding offline verification using a bundle. But USAGE.md has been removed.
bug
Something isn't working
#3908
by hallyn
was closed Nov 2, 2024
Ability to send the unhashed payload for signing?
enhancement
New feature or request
#3906
by goatwu1993
was closed Oct 17, 2024
Cosign Keyless Sign OIDC Providers
enhancement
New feature or request
#3890
by alecrevangelista
was closed Sep 26, 2024
Installation link on README is broken
bug
Something isn't working
#3883
by sota1235
was closed Sep 17, 2024
Cosign timestamp verification does not work with protobuf bundle format
bug
Something isn't working
#3875
by cmurphy
was closed Sep 11, 2024
Improve error message for failed SCT verification
enhancement
New feature or request
#3798
by bkabrda
was closed Jul 26, 2024
Previous Next
ProTip!
Exclude everything labeled
bug with -label:bug.