Skip to content
This repository has been archived by the owner on Jul 18, 2023. It is now read-only.


OCI Artifacts

⚠️This repository has been archived and is no longer maintained. ⚠️

For current OCI Artifact guidance, please see:

OCI Artifacts Converges with Image and Distribution Specs

OCI Artifacts started in 2019 with PRs to the Image and the Distribution specs. In September of 2019, the TOB voted to create the New OCI Artifacts Project, generalizing the deployed container registry infrastructure to serve ecosystems of new artifacts. Artifact Authors no longer needed to create, nor host new package managers. By leveraging existing public and private registries, artifact authors benefit from the reliability, performance and security benefits users already manage.

In 2020, early supply chain security initiatives were evolving, requiring the addition of reference information to existing artifacts (#29), including signatures, Software Bill of Materials (SBOM), and new developing types.

We're happy to see the journey completed with the Image and Distribution specs formalizing the addition of OCI Artifacts and Reference Types. With the Image 1.1, and Distribution 1.1 releases, the effort has come full circle, making it time to archive the OCI Artifacts project.

The previous OCI Artifacts content is available in the pre-archive branch

Project License

Code of Conduct

This project incorporates (by reference) the OCI Code of Conduct

Governance and Releases

This project incorporated the Governance and Releases processes from the OCI project template: