Skip to content

nails v0.2.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 10 May 07:27
· 1 commit to main since this release
Immutable release. Only release title and notes can be modified.
v0.2.0
eb7ec38
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Stable release bundle for v0.2.0.

  • Tag: v0.2.0
  • Commit: eb7ec38
  • Cargo version: 0.2.0
  • Canonical bundle attr: .#nails-release
  • Artifact verification: same-runner nix-store --realise --check plus two independent rebuild comparisons

Supply Chain Security

This release includes SLSA Level 3 provenance attestation (nails.intoto.jsonl).

Verify SLSA Provenance

# Install slsa-verifier
go install github.com/slsa-framework/slsa-verifier/v2/cli/slsa-verifier@latest

# Verify the release archive
slsa-verifier verify-artifact nails-*.tar.gz           --provenance-path nails.intoto.jsonl           --source-uri github.com/WitteShadovv/nails

# Verify the binary
slsa-verifier verify-artifact nails           --provenance-path nails.intoto.jsonl           --source-uri github.com/WitteShadovv/nails
Assets 8
Loading