https://www.sigstore.dev/ The emerging standard for verifying artifacts, e.g. in... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		arccy on Oct 17, 2024 \| parent \| context \| favorite \| on: Removing PGP from PyPI (2023) https://www.sigstore.dev/ The emerging standard for verifying artifacts, e.g. in container image signing, npm, maven, etc https://blog.sigstore.dev/npm-public-beta/ https://www.sonatype.com/blog/maven-central-and-sigstore

binary132 on Oct 18, 2024 [–]

Emerging standard = not yet the standard

jacques_chester on Oct 18, 2024 | [–]

Nobody said it was. The point is that it's better.

binary132 on Oct 19, 2024 | | [–]

And my point is that “it’s better” and “new standard” are not compelling emotional directives to me after hearing them Integer.MAX times.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact