Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
1.
▲
Signing Git Commits – Three Ways
(github.com/sigstore)
5 points
di
5 years ago
discuss
2.
▲
Sigstore the Hard Way
(github.com/lukehinds)
4 points
ghuntley
4 years ago
2 comments
3.
▲
Container signing: Why not use blockchain?
(github.com/sigstore)
3 points
xenocratus
4 years ago
discuss
4.
▲
Rekor – Secure Supply Chain Transparency Log
(github.com/sigstore)
2 points
decodebytes
5 years ago
discuss
5.
▲
Gitsign: Keyless Git signing using Sigstore
(github.com/sigstore)
1 point
soraminazuki
a year ago
1 comment
6.
▲
Cosign on the Next Level
(github.com/sigstore)
1 point
mavercik1337
3 years ago
discuss
7.
▲
Secure Supply Chain – Transparency Log
(github.com/sigstore)
1 point
adulau
5 years ago
discuss
8.
▲
RFC for Sigstore Rubygems Signing
(github.com/rubygems)
13 points
decodebytes
4 years ago
2 comments
9.
▲
Cosigned: K8s admission controller, verify images are signed by SigStore cosign
(github.com/dlorenc)
3 points
thinkmassive
5 years ago
discuss
10.
▲
Pacman-bintrans – Experimental binary transparency for pacman via sigstore/rekor
(github.com/kpcyrd)
2 points
pabs3
4 years ago
discuss
11.
▲
Pacman-bintrans – Experimental binary transparency for pacman via sigstore/rekor
(github.com/kpcyrd)
1 point
pabs3
4 years ago
discuss
12.
▲
Sigsum vs. Sigstore a frequently asked question
(github.com/sigsum)
1 point
JoachimS
4 years ago
discuss
13.
▲
I scanned 2,500 Hugging Face models for malware/issues. Here is the data
(github.com/ArseniiBrazhnyk)
24 points
arseniibr
4 months ago
19 comments
14.
▲
MetaGenesis Core – offline verification for computational claims
(metagenesis-core.dev)
15 points
Lama9901
3 months ago
18 comments
15.
▲
Show HN: Constellation – An always encrypted Kubernetes engine
(github.com/edgelesssys)
14 points
flxflx
4 years ago
5 comments
16.
▲
Ask HN: Code signing open source windows applications?
6 points
Rodeoclash
4 years ago
3 comments
17.
▲
Show HN: Enact – A package manager for AI agent tools
(enact.tools)
6 points
keithgroves
5 months ago
2 comments
18.
▲
Show HN: Nono – Kernel-enforced sandboxing for AI agents
(nono.sh)
4 points
decodebytes
4 months ago
5 comments
19.
▲
Show HN: Driftcop – Open-source CLI SAST for "MCP rug pull attacks in AI Agents"
(github.com/sudoviz)
4 points
vinaypanghal
10 months ago
1 comment
20.
▲
ReleaseGuard – scan and harden your dist/ before it ships (open source)
3 points
Helixar
3 months ago
discuss
21.
▲
Show HN: Vett – Scan, sign, and verify AI agent skills before installing
(vett.sh)
3 points
nikon
4 months ago
discuss
22.
▲
Show HN: SafeInstall – local install-time guardrails for NPM/pnpm/bun
(safeinstall.dev)
2 points
MichaelLabitzke
2 months ago
discuss
23.
▲
Show HN: ESP CI Runner Cryptographically signed evidence for pipelines
(github.com/scanset)
2 points
scanset
5 months ago
discuss
24.
▲
Show HN: Nono – Kernel-enforced sandboxing for AI agents
(github.com/lukehinds)
1 point
decodebytes
4 months ago
discuss
25.
▲
Stop trusting torch.load() – I built a tool to scan AI models for RCE
(github.com/ArseniiBrazhnyk)
1 point
arseniibr
5 months ago
discuss
26.
▲
Show HN: Signed lockfiles for MCP servers (MCPTrust)
(github.com/mcptrust)
1 point
Dtang19
6 months ago
discuss