actions/goreleaser-action
12
0
Fork 0
mirror of https://github.com/goreleaser/goreleaser-action.git synced 2026-05-16 15:40:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
goreleaser-action/.github/workflows
History
Carlos Alexandro Becker 4f893a457d feat: verify release checksum and cosign signature 
Download checksums.txt for the release and verify the SHA-256 of the
downloaded archive against it. When cosign is available in PATH, also
download checksums.txt.sigstore.json and verify the signature against
the goreleaser/goreleaser-pro release workflow identity. Both steps
degrade gracefully (with a warning) when the corresponding artifacts
or tooling are missing.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-18 08:59:15 -03:00
..
ci.yml feat: verify release checksum and cosign signature 2026-04-18 08:59:15 -03:00
dependabot-build.yml ci(deps): bump the actions group with 5 updates (#546) 2026-04-03 10:21:16 -03:00
test.yml ci(deps): bump the actions group with 5 updates (#546) 2026-04-03 10:21:16 -03:00
validate.yml ci(deps): bump the actions group with 5 updates (#546) 2026-04-03 10:21:16 -03:00