Tweak the release and third-party trust policies#1187
Merged
Chainguard Guardener / Enforce - Commit Signing
succeeded
Oct 31, 2025 in 1s
Successfully verified commit signature.
| CLAIM | DESCRIPTION | |
|---|---|---|
| ✅ | Found Git signature | |
| ✅ | Validated Git signature | |
| ✅ | Validated Rekor entry | |
| ✅ | Allowed by policy |
Details
Certificate
Details
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275645520481126414987484108280496383356253833915 (0x30485f646338a5d48185ae82f2f8f6e7b2cd0abb)
Signature Algorithm: ECDSA-SHA384
Issuer: O=sigstore.dev,CN=sigstore-intermediate
Validity
Not Before: Oct 31 15:25:10 2025 UTC
Not After : Oct 31 15:35:10 2025 UTC
Subject: Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
9c:2c:01:64:4e:5f:cb:1a:28:2b:90:f3:cd:9b:f9:
0f:9c:83:12:30:bb:fa:6e:c3:78:05:84:b1:1d:3b:
ff:11
Y:
54:60:25:1c:06:5b:1c:d3:c0:ed:2a:01:9d:fb:91:
6c:d9:c2:59:97:40:2e:ed:18:0b:af:27:5a:b5:75:
4c:00
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
Code Signing
X509v3 Subject Key Identifier:
A1:E4:E7:45:57:50:12:A4:BE:59:01:57:F2:DC:EF:39:49:5D:C8:D0
X509v3 Authority Key Identifier:
keyid:DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
X509v3 Subject Alternative Name: critical
email:evan.gibler@chainguard.dev
oidcIssuer:
https://accounts.google.com
Unknown extension 1.3.6.1.4.1.57264.1.8
Signed Certificate Timestamp:
BHkAdwB1AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABmjrfZY8AAAQDAEYwRAIgT7unydu4cb8c8Q+AEVN15D0EKOMQhWNrz+FsH4zMlQcCIFbrS320BkJPH0fXIUtoeBVhLXEjtIpKauoaDO7fdxID
Signature Algorithm: ECDSA-SHA384
30:65:02:30:27:92:69:ff:00:84:28:a4:bb:0f:e4:7a:25:f7:
77:e2:55:22:ee:64:d0:77:52:07:a4:57:bb:78:b5:9f:57:ec:
8a:0f:2f:82:c7:20:86:1a:ba:dc:19:23:27:94:57:7c:02:31:
00:cd:56:68:6e:3c:f4:5d:9d:ae:96:37:19:b9:65:5e:a6:47:
6f:cd:37:4b:5c:01:be:4a:81:9c:34:53:20:11:1c:48:56:4f:
c9:08:6e:55:95:b1:bb:7d:fa:f1:aa:41:13
Rekor Entry
Details
{
"body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJlZmE1YTYxM2JlMzUxNTkzNzNmMGMzMWQ3ZWIxNzViYTA0YmNmMGFmMWVhMDc2N2IwYmRjYTkyYjBiZTZiNGYxIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJQnplcW5Xb2ovMHUyNS80K1ZKRFMveXJUS0VvSmlhL0grU2FUbVRBYmJuTUFpRUE5bjRLb3kxY0NuaTBTQys1NlVFMmxXOUpYZlhLRmR6UXp4dG10ckZHRFQ0PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXdha05EUVd4cFowRjNTVUpCWjBsVlRVVm9abHBIVFRSd1pGTkNhR0UyUXpoMmFqSTFOMHhPUTNKemQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZlRTFFVFhoTlZGVjVUbFJGZDFkb1kwNU5hbFY0VFVSTmVFMVVWWHBPVkVWM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZ1UTNkQ1drVTFabmw0YjI5TE5VUjZlbHAyTlVRMWVVUkZha00zSzIwM1JHVkJWMFVLYzFJd055OTRSbFZaUTFWalFteHpZekE0UkhSTFowZGtLelZHY3pKalNscHNNRUYxTjFKblRISjVaR0YwV0ZaTlFVdFBRMEZZWTNkblowWjZUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZ2WlZSdUNsSldaRkZGY1ZNclYxRkdXRGgwZW5aUFZXeGtlVTVCZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDB0QldVUldVakJTUVZGSUwwSkNOSGRJU1VWaFdsaGFhR0pwTlc1aFYwcHpXbGhLUVZreWFHaGhWelZ1WkZkR2VWcEROV3RhV0ZsM1MxRlpTd3BMZDFsQ1FrRkhSSFo2UVVKQlVWRmlZVWhTTUdOSVRUWk1lVGxvV1RKT2RtUlhOVEJqZVRWdVlqSTVibUpIVlhWWk1qbDBUVU56UjBOcGMwZEJVVkZDQ21jM09IZEJVV2RGU0ZGM1ltRklVakJqU0UwMlRIazVhRmt5VG5aa1Z6VXdZM2sxYm1JeU9XNWlSMVYxV1RJNWRFMUpSMHBDWjI5eVFtZEZSVUZrV2pVS1FXZFJRMEpJYzBWbFVVSXpRVWhWUVROVU1IZGhjMkpJUlZSS2FrZFNOR050VjJNelFYRktTMWh5YW1WUVN6TXZhRFJ3ZVdkRE9IQTNielJCUVVGSFlRcFBkRGxzYW5kQlFVSkJUVUZTYWtKRlFXbENVSFUyWmtveU4yaDRkbmg2ZUVRMFFWSlZNMWhyVUZGUmJ6UjRRMFpaTW5aUU5GZDNabXBOZVZaQ2QwbG5DbFoxZEV4bVlsRkhVV3M0WmxJNVkyaFRNbWcwUmxkRmRHTlRUekJwYTNCeE5taHZUVGQwT1RORlowMTNRMmRaU1V0dldrbDZhakJGUVhkTlJHRkJRWGNLV2xGSmQwbzFTbkF2ZDBORlMwdFROMFFyVWpaS1ptUXpOR3hWYVRkdFZGRmtNVWxJY0VabE4yVk1WMlpXSzNsTFJIa3JRM2g1UTBkSGNuSmpSMU5OYmdwc1JtUTRRV3BGUVhwV1dtOWlhbm93V0ZveWRXeHFZMXAxVjFabGNHdGtkbnBVWkV4WVFVY3JVMjlIWTA1R1RXZEZVbmhKVm1zdlNrTkhOVlpzWWtjM0NtWm1jbmh4YTBWVUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19",
"integratedTime": 1761924310,
"logID": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"logIndex": 659301619,
"verification": {
"inclusionProof": {
"checkpoint": "rekor.sigstore.dev - 1193050959916656506\n537474432\nOHrW9kB8EAN//j9UPJ92q0oz1oWD/LR04yF1TFg+/3A=\n\n— rekor.sigstore.dev wNI9ajBGAiEA22MBU662dBckLGpWH92IXawO7AFf1h5jR15m8jBw0y0CIQD3aYE0jPtIOaTPlr5IfRkm2ShaOwBSarmJYgeWaUgYdA==\n",
"hashes": [
"c70e39ad41612cc27b234efd6a479f94ce446d02543bb1927da70dfb2ca21ebf",
"cbe3b451838df215eae9730b48cf0525d0170557f445e4776951e7873666f9ab",
"2f0441abd4136e1ed6a62505c43716ffba772964429ecf17cdb289c22c0dfdf6",
"0a8177d20d47a6c4690e2e5897127f6d98eaa5eefe20998fe431b5b7f5b47fb5",
"36ee93d964a0b2fcb10f12cb1a92dd217901441d9cf68d13141f36ed51c36801",
"e46b15cc19977083902735241f8fdf5ffe52b40a19b0ad9ad243ea1c2d509731",
"7bd759c9e1eee81b171b5a3a23da52001c424e9ec31ea53ef1e800dc68f91a8b",
"6162ba8cb17f673b8dbdf132a1d9ecd4cc07a7d3c54175c74f9290bd55b3ccd7",
"01cdfe0d615257c58421d949bd3d8203715a00f2ac229a59619aa58ca8fe1847",
"3bfb9b71e95c6fa239d3577cc68ed201d8101776c3160271eec303558943eac9",
"88cbf3df236f3bce3e692c50d8e558e227f79287c947f1a6fbdc175027e026d2",
"d838a637c82a48c9fce218c3ab8fa0a7d164eb17d0a347b9f6231207b177ac04",
"3bff6b4991aae86b7f751bee1746905b7c3fb7c1607edb8a82fc3c1a406d82f1",
"9357202bf517f7f6a1ba3e0f84340019727b788444b0e4f2830200981919c6de",
"ca2a57b3ed97a7dafbcd428279db36809d4f9a78b60fdd5ff3e35d1038e3856b",
"de12c27e5f3f8898bb891f0c6647dfa4195d2850e78bd44ea96e4ed3cacdff85",
"e7da04154dd16a958021c06c62c5f9d6780604a021b26286d1b5117f07588005",
"239cdfc25e34b63614eaf37cac1fb582b486d47b3d777b62db0183fb71f5d65c",
"4f80ea583e36840b4dfaf5fc8ca096aa80b899e13825e908f4bc5818270fcb53"
],
"logIndex": 537397357,
"rootHash": "387ad6f6407c10037ffe3f543c9f76ab4a33d68583fcb474e321754c583eff70",
"treeSize": 537474432
},
"signedEntryTimestamp": "MEQCIDcJrkUqpFMR/03ASzcVo8eirzPtcT8l7dDmrBZXJr8bAiAaFIFlfoqWBK8TivUK6Fg3YQ7pf5ecdUHg+yhNiC5hiw=="
}
}
Loading