Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
Top 1.8% dependent packages on proxy.golang.org
Top 2.3% dependent repos on proxy.golang.org
Top 3.0% forks on proxy.golang.org
proxy.golang.org : github.com/notaryproject/notation
Signing and verifying artifacts. Safeguarding the software delivery security from development to deployment.
Registry
-
Source
- Documentation
- JSON
purl: pkg:golang/github.com/notaryproject/notation
Keywords: cloud-native, cncf, container, kubernetes, sign
License: Apache-2.0
Latest release: 5 months ago
First release: over 2 years ago
Namespace: github.com/notaryproject
Dependent packages: 7
Dependent repositories: 5
Stars: 147 on GitHub
Forks: 68 on GitHub
Docker dependents: 1
Docker downloads: 32,648
See more repository details: repos.ecosyste.ms
Last synced: 19 days ago
GSA_kwCzR0hTQS01N3d4LW02MzYtZzNnOM4AA4lw
Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registryEcosystems: go
Packages: github.com/notaryproject/notation
Source: github
Published: 5 months ago
GSA_kwCzR0hTQS05bTN2LXY0cjUtcHB4N84AAzr2
Notation vulnerable to denial of service from high number of artifact signaturesEcosystems: go
Packages: github.com/notaryproject/notation
Source: github
Published: about 1 year ago
GSA_kwCzR0hTQS1ydnJ4LXJyd2gtcjlwNs4AAzr3
Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attackEcosystems: go
Packages: github.com/notaryproject/notation
Source: github
Published: about 1 year ago