Skip to content

wg/signet

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

signet - code signing tool

signet is a command line tool for signing source code changes and arbitrary files such as build outputs. Signatures are generated in SSHSIG format and signing keys are standard SSH keys so signet is compatible with OpenSSH's ssh-keygen -Y sign | verify.

signet stores encrypted signing keys in keychains located in ~/.config/signet on Unix systems including macOS and Linux, and the user's AppData folder on Windows.

signet init -s
signet keys -c
signet sign -k <id> -n file <FILE>

Configure git to use signet to sign commits and tags:

git config user.signingkey <id>
git config gpg.format      ssh
git config gpg.ssh.program signet

git config commit.gpgsign  true
git config tag.gpgsign     true

Signing keys are encrypted with a password supplied by the user and that password can be stored in the system keyring or requested via interactive prompt when required.

About

Code signing tool

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Languages