Open Source Insider Latest Blog Posts Related Content US court issues Google API with Java ruling Employees express high expectations of IT in world of ‘work from anywhere’ Download Current Issue The Linux Foundation announced the sigstore project this spring. Designed to improves the security of the software supply chain, sigstore is said to enable the adoption of cryptographic software signing backed by transparency log technologies. Software application development professionals will be able to securely sign software artifacts such as release files, container images and binaries. Signing materials are then stored in a tamper-proof public log. The service will be free to use for all developers and software providers, with the sigstore code and operation tooling developed by the sigstore community.