Updates and recent posts about Sigstore..

Posts
Description

Activity

@varbear added a new tool Arti , 6 days, 7 hours ago.

Activity

@varbear added a new tool Tor , 6 days, 8 hours ago.

News FAUN.dev() Team Trending

@kala shared an update, 6 days, 8 hours ago

FAUN.dev()

Gemini Deep Research Is Now Programmable Through a New API

#Gemini ... #Interac... #DeepSea... #financi... #automat...

The enhanced Gemini Deep Research agent is now available via API, enabling developers to integrate advanced research capabilities into applications, with the open-sourcing of DeepSearchQA for evaluating complex tasks.

Gemini Deep Research Is Now Programmable Through a New API

Activity

@kala added a new tool Vertex AI , 6 days, 8 hours ago.

Activity

@kala added a new tool Gemini 3 , 6 days, 8 hours ago.

News FAUN.dev() Team Trending

@kala shared an update, 6 days, 8 hours ago

FAUN.dev()

GitHub Copilot Adds GPT-5.2 With Long-Context and UI Generation

#GPT-5.2 #Copilot #GitHub ... #github #OpenAI

OpenAI unveils GPT-5.2 for GitHub Copilot, enhancing software engineering with improved long-context reasoning and UI generation, integrated with Microsoft Azure and NVIDIA.

GitHub Copilot Adds GPT-5.2 With Long-Context and UI Generation

News FAUN.dev() Team Trending

@kala shared an update, 6 days, 9 hours ago

FAUN.dev()

GPT-5.2 Quietly Beats Human Experts at Knowledge Work

#ChatGPT #Codex #API Pla... #GPT-5.2 #OpenAI

OpenAI releases GPT-5.2, enhancing professional tasks with improved speed and cost-effectiveness, now available for paid users in ChatGPT and via API.

OpenAI unveils GPT-5.2, the most advanced frontier model for professional work and long-running agents

Activity

@kala added a new tool GPT-5.2 , 6 days, 9 hours ago.

Story

@laura_garcia shared a post, 1 week ago

Software Developer, RELIANOID

RELIANOID at CII Delhi International Technology Summit 2025

16–17 December 2025 - New Delhi, India Our team continues a packed December schedule, and we’re excited to add another key event: the CII Delhi International Technology Summit 2025. Focused on “Accelerating the Techade”, this summit brings together industry, government, and research leaders to shape..

CII Delhi International Technology Summit relianoid

Link

@anjali shared a link, 1 week ago

Customer Marketing Manager, Last9

OTel Updates: OpenTelemetry Proposes Changes to Stability, Releases, and Semantic Conventions

OpenTelemetry proposes stability changes: stable-by-default distributions, decoupled instrumentation, and epoch releases for production deployments.

Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.

FAUN.amplify()

👋 Developers trust FAUN.dev() to stay up to date. Sponsor us and put your product, service, or event in front of thousands of highly engaged developers.!

> Sponsor

FAUN.hbc() - Humans Behind Code

🧑‍💻 Are you developing a project? Join the "Humans Behind Code" project and showcase your work to the world!

> Apply