macOS
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · source: api.github.com
brew
Sign files & verify signatures. Works with signify in OpenBSD. Version 0.12 via Homebrew; verified from local package data.
install
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · source: api.github.com
sudo apk add minisignAlpine Linux edge package indexes · minisign · source: dl-cdn.alpinelinux.org
sudo apt install minisignDebian stable package indexes · minisign · source: deb.debian.org
sudo dnf install minisignFedora Rawhide package metadata · minisign · source: dl.fedoraproject.org
nix profile install nixpkgs#minisignnixpkgs package indexes · pkgs/by-name/mi/minisign/package.nix · source: api.github.com
sudo pacman -S minisignArch Linux sync databases · minisign · source: geo.mirror.pkgbuild.com
sudo zypper install minisignopenSUSE Tumbleweed package metadata · minisign · source: download.opensuse.org
scoop install main/minisignScoop official bucket manifest trees · bucket/minisign.json · source: api.github.com
winget install --id jedisct1.minisign -eWindows Package Manager source index · jedisct1.minisign · source: cdn.winget.microsoft.com
overview
Sign files & verify signatures. Works with signify in OpenBSD
history
Minisign is Frank Denis's portable file-signing and signature-verification tool. It follows the same broad idea as OpenBSD signify: keep release signing small, scriptable, and based on public-key signatures rather than a large certificate or web-of-trust system. The project page describes it as lightweight and built around Ed25519 keys; Homebrew summarizes the package as a tool to sign files and verify signatures that works with OpenBSD signify.
Operationally, minisign creates a key pair, signs one or more files into .minisig signature files, and verifies a file using either a public-key file or a public key supplied directly on the command line. A notable part of its format is the trusted comment, which can bind metadata such as filenames, resource identifiers, timestamps, or version numbers to the signature and helps prevent downgrade-style mistakes. Its documented signature format moved toward pre-hashed Ed25519 signatures using Blake2b-512, while retaining awareness of a legacy non-prehashed format.
Minisign's ecosystem role is release-integrity plumbing: projects can publish a small public key and detached signatures without adopting a heavier package-signing infrastructure. Its packaging footprint in the input record spans Homebrew, Alpine, Debian, Fedora, MacPorts, Nix, Arch, Scoop, Ubuntu, WinGet, and openSUSE, which fits that role as a small security utility expected to be present across many operating systems.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
minisign | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/jedisct1/minisign
install metadata
| Package key | brew:minisign |
|---|---|
| Version | 0.12 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/minisign |
| Homepage | https://jedisct1.github.io/minisign/ |
| Repository | https://github.com/jedisct1/minisign |
| Upstream docs | https://jedisct1.github.io/minisign |
| License | ISC |
| Source archive | https://github.com/jedisct1/minisign/archive/refs/tags/0.12.tar.gz |
| Dependencies | libsodium |
| Build dependencies | cmake, pkgconf |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | minisign |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
minisign 0.12-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign
nix profile install nixpkgs#minisignminisign 0.11-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign 0.12-r2
Simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apk add minisignminisign-doc 0.12-r2
Simple tool to sign files and verify signatures (documentation)
https://jedisct1.github.io/minisign/
sudo apk add minisign-docminisign 0.12-3.fc44
A dead simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo dnf install minisignminisign 0.12-2
A dead-simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo pacman -S minisignminisign 0.12-2.3
A dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo zypper install minisignminisign
sudo port install minisignmain/minisign
scoop install main/minisignjedisct1.minisign
winget install --id jedisct1.minisign -esource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.