Skip to content

AmplifySoftware/security

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 

Repository files navigation

Amplify Software — Public Security Keys

This repository publishes the public cryptographic material that lets anyone verify the authenticity and integrity of artifacts published by Amplify Software.

cosign.pub

The Cosign public key used to verify the signatures of our Docker images.

All Docker images published by Amplify Software are signed with Sigstore Cosign. You can verify an image against this public key:

cosign verify \
  --key https://raw.githubusercontent.com/AmplifySoftware/security/main/cosign.pub \
  --insecure-ignore-tlog=true \
  <image-reference>

Replace <image-reference> with the full reference of the image you want to verify. A successful verification proves the image was built and published by Amplify Software and has not been modified since signing.

Contact

Security issues: security@amplifysoft.io

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors