table of contents
| SIGSTORE-GO-VERIFICATION(1) | User Commands | SIGSTORE-GO-VERIFICATION(1) |
NAME¶
sigstore-go-verification - Sigstore verification tool
DESCRIPTION¶
Usage of /build/reproducible-path/sigstore-go-0.7.1/debian/tmp/usr/bin/sigstore-go-verification:¶
-artifact string
- Path to artifact to verify
-artifact-digest string
- Hex-encoded digest of artifact to verify
-artifact-digest-algorithm string
- Digest algorithm (default "sha256")
-expectedIssuer string
- The expected OIDC issuer for the signing certificate
-expectedIssuerRegex string
- The expected OIDC issuer for the signing certificate
-expectedSAN string
- The expected identity in the signing certificate's SAN extension
-expectedSANRegex string
- The expected identity in the signing certificate's SAN extension
-minBundleVersion string
- Minimum acceptable bundle version (e.g. '0.1')
-publicKey string
- Path to trusted public key
-requireCTlog
- Require Certificate Transparency log entry (default true)
-requireTimestamp
- Require either an RFC3161 signed timestamp or log entry integrated timestamp (default true)
-requireTlog
- Require Artifact Transparency log entry (Rekor) (default true)
-trustedrootJSONpath string
- Path to trustedroot JSON file (default "../trusted-root-public-good.json")
-tufRootURL string
- URL of TUF root containing trusted root JSON file
-tufTrustedRoot string
- Path to the trusted TUF root.json to bootstrap trust in the remote TUF repository
| June 2025 | sigstore-go-verification 0.7.1-2+b4 |