rustio rustio.net
47

sigstore

v0.13.0 Growing

An experimental crate to interact with sigstore

Apache-2.0 Edition 2024
GitHub ↗ crates.io ↗ Compare with…

Quick Verdict

  • !Pre-1.0: API may have breaking changes
  • โœ“Trusted by 158 crates
  • !Heavy dependency tree (62 direct deps)
  • โœ“Permissive license (Apache-2.0)

Security

Checking security advisories...
Downloads
373.8K
Dependents
158
Releases
20
Size
207KB

Deep Insights

๐Ÿ“ˆ
Strong growth momentum

45.3K downloads in the last 30 days (1.5K/day), up 21% from the previous period.

๐Ÿ”—
Moderate adoption

158 crates depend on sigstore. Reasonable ecosystem adoption, though not yet a core dependency.

๐Ÿ”ฌ
Pre-1.0 for over a year

Despite being 4+ years old, sigstore hasn't reached 1.0 yet. Expect potential API changes between versions.

๐Ÿ“ฆ
Heavy dependency tree

62 direct dependencies. Consider the impact on compile times and supply chain complexity.

๐ŸŒŸ
Used by top crates

Notable dependents include pcu, sigstore-verification, blue-build-process-management, bpfman, bpfman-api. When high-quality crates choose sigstore, it's a strong quality signal.

Health Breakdown

Maintenance 12/25

Recency, release consistency, active ratio

Quality 11/25

Yanked ratio, deps, size, maturity, features

Community 7/20

Reverse deps, ownership, ecosystem

Popularity 7/15

Downloads, momentum, growth trend

Documentation 10/15

Docs, repo, license, metadata

Download Trend

Daily downloads ยท last 90 days
1K/day avg+91%
01K2K3K12/291/162/32/213/113/28

Top Dependents

Most downloaded crates that depend on sigstore

pcu
90.1K dl 52
sigstore-verification
54.1K dl 58
blue-build-process-management
27.7K dl 55
bpfman
14.9K dl 42
bpfman-api
14.4K dl 41
elfsign
2.8K dl 36
seedwing-policy-engine
2.7K dl 39
hyper-mcp
2.0K dl 46
corvus
345 dl 46
kavach
246 dl 55

Version Adoption

v0.12.1
37%
v0.13.0
29%
v0.11.0
12%
v0.10.0
12%
v0.7.2
10%

Release Timeline

20 releases1 yankedsince 2021
J
F
M
A
M
J
J
A
S
O
N
D
2021
1
2022
9
2023
4
2024
2
2025
4
2026
Less
More|
Yanked

Feature Flags

default =["full", "native-tls"]

certfull*signwasmoauthrekorbundlecosignfulcioverifyregistrynative-tls*rustls-tlsmock-clientcached-clienttest-registrysigstore-trust-rootrustls-tls-native-roots

README

Loading README...

Maintainers

sigstore-bot
Sigstore Bot
4 crates
Dependencies
62
direct dependencies
Dependents
158
crates depend on sigstore