macOS
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · 来源: api.github.com
安装
brew install minisignlocal Homebrew formula metadata
sudo port install minisignMacPorts ports tree · security/minisign/Portfile · 来源: api.github.com
sudo apk add minisignAlpine Linux edge package indexes · minisign · 来源: dl-cdn.alpinelinux.org
sudo apt install minisignDebian stable package indexes · minisign · 来源: deb.debian.org
sudo dnf install minisignFedora Rawhide package metadata · minisign · 来源: dl.fedoraproject.org
nix profile install nixpkgs#minisignnixpkgs package indexes · pkgs/by-name/mi/minisign/package.nix · 来源: api.github.com
sudo pacman -S minisignArch Linux sync databases · minisign · 来源: geo.mirror.pkgbuild.com
sudo zypper install minisignopenSUSE Tumbleweed package metadata · minisign · 来源: download.opensuse.org
scoop install main/minisignScoop official bucket manifest trees · bucket/minisign.json · 来源: api.github.com
winget install --id jedisct1.minisign -eWindows Package Manager source index · jedisct1.minisign · 来源: cdn.winget.microsoft.com
概览
Sign files & verify signatures. Works with signify in OpenBSD
历史
Minisign is Frank Denis's portable file-signing and signature-verification tool. It follows the same broad idea as OpenBSD signify: keep release signing small, scriptable, and based on public-key signatures rather than a large certificate or web-of-trust system. The project page describes it as lightweight and built around Ed25519 keys; Homebrew summarizes the package as a tool to sign files and verify signatures that works with OpenBSD signify.
Operationally, minisign creates a key pair, signs one or more files into .minisig signature files, and verifies a file using either a public-key file or a public key supplied directly on the command line. A notable part of its format is the trusted comment, which can bind metadata such as filenames, resource identifiers, timestamps, or version numbers to the signature and helps prevent downgrade-style mistakes. Its documented signature format moved toward pre-hashed Ed25519 signatures using Blake2b-512, while retaining awareness of a legacy non-prehashed format.
Minisign's ecosystem role is release-integrity plumbing: projects can publish a small public key and detached signatures without adopting a heavier package-signing infrastructure. Its packaging footprint in the input record spans Homebrew, Alpine, Debian, Fedora, MacPorts, Nix, Arch, Scoop, Ubuntu, WinGet, and openSUSE, which fits that role as a small security utility expected to be present across many operating systems.
安全态势
narrow executable package without higher-risk signals.
绿色 风险 · 低 置信度 · appliance
在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。
可执行文件
| 命令 | 类型 | 暴露范围 | 备注 |
|---|---|---|---|
minisign | cli | 全局可执行文件 |
新鲜度
这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。
https://github.com/jedisct1/minisign
安装元数据
| 软件包键 | brew:minisign |
|---|---|
| 版本 | 0.12 |
| 软件包管理器 | Homebrew |
| 软件包管理器页面 | https://formulae.brew.sh/formula/minisign |
| 主页 | https://jedisct1.github.io/minisign/ |
| 仓库 | https://github.com/jedisct1/minisign |
| 上游文档 | https://jedisct1.github.io/minisign |
| 许可证 | ISC |
| 源码归档 | https://github.com/jedisct1/minisign/archive/refs/tags/0.12.tar.gz |
| 依赖 | libsodium |
| 构建依赖 | cmake, pkgconf |
| Bottle | 可用 (于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux) |
| Homebrew post-install | 未定义 |
| 服务 | 未声明 |
注册表事实
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | minisign |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
源数据库匹配
匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。
minisign 0.12-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign
nix profile install nixpkgs#minisignminisign 0.11-1
Dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apt install minisignminisign 0.12-r2
Simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo apk add minisignminisign-doc 0.12-r2
Simple tool to sign files and verify signatures (documentation)
https://jedisct1.github.io/minisign/
sudo apk add minisign-docminisign 0.12-3.fc44
A dead simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo dnf install minisignminisign 0.12-2
A dead-simple tool to sign files and verify digital signatures
https://github.com/jedisct1/minisign
sudo pacman -S minisignminisign 0.12-2.3
A dead simple tool to sign files and verify signatures
https://jedisct1.github.io/minisign/
sudo zypper install minisignminisign
sudo port install minisignmain/minisign
scoop install main/minisignjedisct1.minisign
winget install --id jedisct1.minisign -e来源线索
此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。
View the package source record on GitHub.