惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
N
News and Events Feed by Topic
P
Privacy International News Feed
The Hacker News
The Hacker News
Schneier on Security
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Security Latest
Security Latest
L
LINUX DO - 最新话题
阮一峰的网络日志
阮一峰的网络日志
Cisco Talos Blog
Cisco Talos Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 【当耐特】
博客园 - Franky
P
Privacy & Cybersecurity Law Blog
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
月光博客
月光博客
D
Docker
Webroot Blog
Webroot Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
W
WeLiveSecurity
S
Security Affairs
Martin Fowler
Martin Fowler
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Archives - TechRepublic
Security Archives - TechRepublic
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
B
Blog
L
Lohrmann on Cybersecurity
T
Threatpost
量子位
S
Schneier on Security
V
Visual Studio Blog
S
Securelist
T
The Exploit Database - CXSecurity.com
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
I
Intezer
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 聂微东
小众软件
小众软件
罗磊的独立博客
雷峰网
雷峰网
Recorded Future
Recorded Future

OCI Registry As Storage Blog

🚀 Announcing ORAS v1.3.0 - Elevate your artifact and registry management workflows 🚀 Announcing ORAS v1.3.0-beta.3 - Enrich formatted output of oras discover Announcing ORAS v1.2.0 - OCI Spec v1.1.0 support, formatted output, and more! Lightweight Registry with Oras OCI-Layouts and Object Storage in The Cloud ORAS Welcomes New Owners, Maintainers, and Thanks Emeritus Owners ORAS 0.15 - A Fully Functional OCI Registry Client Bundle, test and deploy Gatekeeper policies as OCI image ORAS - Looking back on 2022 and forward to 2023 ORAS 0.14 and Future - Empower Container Secure Supply Chain
ORAS Artifacts Draft Specification Release – Adding Secure Supply Chain Artifacts References
Steve Lasker · 2021-09-15 · via OCI Registry As Storage Blog

Today, the OCI Registry As Storage (ORAS) project maintainers are happy to announce the first draft release of artifacts-spec. The artifacts-spec defines how OCI distribution-based registry users can attach references to images, helm charts, and other OCI Artifacts.

Net Monitor Graph

As cloud native development continues to grow, we have seen increased community interest in evolving registries to natively store, discover, and pull a graph of supply chain artifacts. Artifact references are important for many use cases such as adding Software Bill of Materials (SBOM), security scan results, and container image signing. With the release of the artifacts specification, end-user tooling can now implement discovery that makes it feasible to determine if there are any references attached to a container image, answering the key question: “What SBOMs or signatures are associated with this container image?”

The ORAS Project was accepted in June 2021 as a Cloud Native Computing Foundation (CNCF) Sandbox project. It is important that we hear from the community as we advance the artifact-spec capability; if you maintain or are implementing a container registry, we are particularly interested in your feedback. Working together, we can improve supply chain artifact security in the cloud native ecosystem.