|
|
|
|
|
|
by blibble
272 days ago
|
|
|
I don't see how that solves this problem as long as the attacker can delete and recreate a repository sigstore's main design goal seems to be to increase the lock-in of of "trusted" providers (the idea that Microsoft should be trusted for anything requiring any level of security is entirely ludicrous) |
|
|