FICHA · AUR

python-sigstore

sigstore is a tool for signing and verifying Python package distributions.

  • Package signing tool
  • CLI
  • LIBRARY
  • NETWORK
  • Launchable
  • Runs in terminal
official+codex · reviewed · Jun 3, 2026 description in en

Description

Release distributions can be signed and verified through the Sigstore ecosystem. Maintainers can create provenance-friendly signatures, verify Python package releases, and strengthen supply-chain workflows from the terminal or Python APIs. It may use identity providers, network services, and signing credentials during operation.

How to run

sigstore

Commands: sigstore

Permissions

Permissions not analysed for this source yet.