GitHub's Artfact Attestations guarantee the integrity of artifacts in GitHub Actions. It helps protect against supply chain attacks and unauthorized modifications.
GitHub introduced the Kubernetes Policy Controller to validate attestations within Kubernetes, enhancing security measures.
Artifact Attestations, powered by Sigstore, secure the software supply chain by linking artifacts to the build process.
GitHub's new attest-build-provenance Action and gh attestation verify command add provenance and verification capabilities to GitHub Actions workflows.
Collection
[
|
...
]