macOS
Homebrewverified · 100%
brew install sigstorelocal Homebrew formula metadata
软件包管理器来源
平台说明
- 没有特定于此软件包的平台说明。
概览
软件包摘要
Codesigning tool for Python packages
主页
命令和别名
- sigstore
安全态势
风险级别:green
no executable entrypoint in the package index.
Risk classifier
green risk · low confidence · appliance
Why
- no executable entrypoint in the package index
Signals
- metadata:no-indexed-executables
Install behavior
- No Homebrew post-install hook is recorded in formula metadata.
- Homebrew bottle metadata is available for 6 platform targets.
- Installs with 5 runtime dependencies.
- Build metadata lists 2 build dependencies.
建议审查
在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。
可执行文件
已安装的可执行文件
| 命令 | 类型 | 暴露范围 | 备注 |
|---|---|---|---|
sigstore | cli | global executable |
新鲜度
版本和新鲜度
这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。
页面生成时间2026-06-10
管理器版本4.3.0
管理器更新时间2026-06-04
本地数据ok
上游not checked
检测到的最新版本not detected
https://github.com/sigstore/sigstore-python
- infoNo cached GitHub release or tag data was available.https://github.com/sigstore/sigstore-pythonnone confidence
安装元数据
软件包元数据
| Package key | brew:sigstore |
|---|---|
| Version | 4.3.0 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/sigstore |
| Homepage | https://github.com/sigstore/sigstore-python |
| Repository | https://github.com/sigstore/sigstore-python |
| Upstream docs | https://github.com/sigstore/sigstore-python#readme |
| License | Apache-2.0 |
| Source archive | https://files.pythonhosted.org/packages/d6/63/1e44d9964d4f47617e641bdf6ce1b883b893d95b29ff07f97a8901df6b1c/sigstore-4.3.0.tar.gz |
| Last updated | 2026-06-04T17:27:02Z |
| Pulse | updated |
| Dependencies | certifi, cryptography, openssl@3, pydantic, python@3.14 |
| Build dependencies | pkgconf, rust |
| Bottle | available (arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
Source database details
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | sigstore |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
来源线索
由仓库数据生成
此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。
使用的来源
- Geiger risk classifier
- Nucleus package database
- av.db category and tag curation
- cross-ecosystem install command graph
- package relationship graph
- package version freshness
- package-page enrichment