macOS
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · Quelle: api.github.com
brew
Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für minisign in AI-Agent-Workflows.
Installation
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · Quelle: api.github.com
sudo apk add minisignAlpine Linux edge package indexes · minisign · Quelle: dl-cdn.alpinelinux.org
sudo apt install minisignDebian stable package indexes · minisign · Quelle: deb.debian.org
sudo dnf install minisignFedora Rawhide package metadata · minisign · Quelle: dl.fedoraproject.org
nix profile install nixpkgs#minisignnixpkgs package indexes · pkgs/by-name/mi/minisign/package.nix · Quelle: api.github.com
sudo pacman -S minisignArch Linux sync databases · minisign · Quelle: geo.mirror.pkgbuild.com
sudo zypper install minisignopenSUSE Tumbleweed package metadata · minisign · Quelle: download.opensuse.org
scoop install main/minisignScoop official bucket manifest trees · bucket/minisign.json · Quelle: api.github.com
winget install --id jedisct1.minisign -eWindows Package Manager source index · jedisct1.minisign · Quelle: cdn.winget.microsoft.com
Überblick
Sign files & verify signatures. Works with signify in OpenBSD
Verlauf
Minisign is Frank Denis's portable file-signing and signature-verification tool. It follows the same broad idea as OpenBSD signify: keep release signing small, scriptable, and based on public-key signatures rather than a large certificate or web-of-trust system. The project page describes it as lightweight and built around Ed25519 keys; Homebrew summarizes the package as a tool to sign files and verify signatures that works with OpenBSD signify.
Operationally, minisign creates a key pair, signs one or more files into .minisig signature files, and verifies a file using either a public-key file or a public key supplied directly on the command line. A notable part of its format is the trusted comment, which can bind metadata such as filenames, resource identifiers, timestamps, or version numbers to the signature and helps prevent downgrade-style mistakes. Its documented signature format moved toward pre-hashed Ed25519 signatures using Blake2b-512, while retaining awareness of a legacy non-prehashed format.
Minisign's ecosystem role is release-integrity plumbing: projects can publish a small public key and detached signatures without adopting a heavier package-signing infrastructure. Its packaging footprint in the input record spans Homebrew, Alpine, Debian, Fedora, MacPorts, Nix, Arch, Scoop, Ubuntu, WinGet, and openSUSE, which fits that role as a small security utility expected to be present across many operating systems.
Sicherheitslage
narrow executable package without higher-risk signals.
grün Risiko · niedrig Konfidenz · appliance
Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.
Executables
| Befehl | Art | Sichtbarkeit | Hinweis |
|---|---|---|---|
minisign | cli | globales Executable |
Aktualität
Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.
https://github.com/jedisct1/minisign
Installationsmetadaten
| Paketschlüssel | brew:minisign |
|---|---|
| Version | 0.12 |
| Paketmanager | Homebrew |
| Paketmanager-Seite | https://formulae.brew.sh/formula/minisign |
| Homepage | https://jedisct1.github.io/minisign/ |
| Repository | https://github.com/jedisct1/minisign |
| Upstream-Dokumentation | https://jedisct1.github.io/minisign |
| Lizenz | ISC |
| Quellarchiv | https://github.com/jedisct1/minisign/archive/refs/tags/0.12.tar.gz |
| Abhängigkeiten | libsodium |
| Build-Abhängigkeiten | cmake, pkgconf |
| Bottle | verfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux) |
| Homebrew post-install | nicht definiert |
| Dienst | keiner deklariert |
Registry-Fakten
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | minisign |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
Source-Datenbank-Treffer
Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.
minisign 0.12-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign
nix profile install nixpkgs#minisignminisign 0.11-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign 0.12-r2
Simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apk add minisignminisign-doc 0.12-r2
Simple tool to sign files and verify signatures (documentation)
https://jedisct1.github.io/minisign/
sudo apk add minisign-docminisign 0.12-3.fc44
A dead simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo dnf install minisignminisign 0.12-2
A dead-simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo pacman -S minisignminisign 0.12-2.3
A dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo zypper install minisignminisign
sudo port install minisignmain/minisign
scoop install main/minisignjedisct1.minisign
winget install --id jedisct1.minisign -eQuellspur
Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.
View the package source record on GitHub.