Sigstore CLI
code-signing for npm packages
Client for the Sigstore TUF repository
Base library for Sigstore
Sigstore bundle type
Verification of Sigstore signatures
Sigstore signing library
code-signing for npm packages
Sigstore CLI
Sigstore integration, attestations, and verification for Enact
Sigstore Rekor types
A minimal browser-only Sigstore verification library.
OCI artifact support
Mocked version of the Sigstore services
Command-line interface for Enact - the npm for AI tools
Production-grade npm supply chain vulnerability scanner. Detects 100% of 3 real May 2026 supply chain campaigns (dependency confusion, obfuscation, impersonation) with 0% false positive rate on top 1,000 npm packages.
Relay sidecar bundle launcher: detects host OS/arch, downloads the matching PyInstaller-built sidecar binary, verifies the SHA-256 digest against the signed release manifest (STEP A), verifies the Sigstore Rekor inclusion proof (STEP B), and launches the
Dagger-based execution engine for Enact tools
This is a Javascript library providing an API for github.com/sigstore/rekor: https://docs.sigstore.dev/rekor/overview/
A Node.js SDK for Sigstore Cosign
MCP server providing unified access to Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs with session management, retry logic, async job orchestration, durable job results, and cross-LLM validation.
Browser-compatible cryptography utilities.
WEBCAT CLI for creating, validating, and packaging enrollments and manifests.
A fast linter for enforcing conditional change directives in source code