Notation CLI Notary Project
Use this command to install Notation CLI:
winget install --id=NotaryProject.Notation -e A tool to sign and verify artifacts
Notation CLI
Notation CLI is a tool designed to sign and verify artifacts, ensuring secure software supply chains from development through deployment. It provides cryptographic signing support using COSE and JWS formats, allowing for the verification of any software artifact's integrity.
Key Features:
- Cryptographic Signing: Supports COSE and JWS formats, enabling robust artifact verification.
- Fine-grained Security Policies: Customizable trust policies ensure artifacts are signed by trusted identities.
- User-Friendly Integration: Simplifies signing and verification with CLI commands, while extensibility via SDK and plugins supports ecosystem integration.
- Multi-Registry Support: Works seamlessly across OCI-compliant registries, facilitating portable and immutable artifact management.
- Community-Driven Development: An open-source project with active contributions from a diverse community.
Audience & Benefits: Ideal for developers, DevSecOps engineers, and security teams aiming to enhance software delivery security. Notation CLI ensures artifacts are untampered and compliant with trust policies, fostering system integrity and compliance while supporting secure containerized environments and Kubernetes deployments.
Install via winget for seamless integration into your workflow.