rustio rustio.net
56

sigstore

v0.14.0 Growing

An experimental crate to interact with sigstore

Apache-2.0 Edition 2024
GitHub ↗ crates.io ↗ Compare with…

Quick Verdict

  • โœ“Actively maintained (updated 3d ago)
  • !Pre-1.0: API may have breaking changes
  • โœ“Trusted by 187 crates
  • !Heavy dependency tree (54 direct deps)
  • โœ“Permissive license (Apache-2.0)

Security

Checking security advisories...
Downloads
526.9K
Dependents
187
Releases
21
Size
264KB

Deep Insights

๐Ÿ“ˆ
Strong growth momentum

101.0K downloads in the last 30 days (3.4K/day), up 83% from the previous period.

๐Ÿ”—
Moderate adoption

187 crates depend on sigstore. Reasonable ecosystem adoption, though not yet a core dependency.

๐Ÿ”ฌ
Pre-1.0 for over a year

Despite being 4+ years old, sigstore hasn't reached 1.0 yet. Expect potential API changes between versions.

๐Ÿ“ฆ
Heavy dependency tree

54 direct dependencies. Consider the impact on compile times and supply chain complexity.

๐ŸŒŸ
Used by top crates

Notable dependents include pcu, sigstore-verification, blue-build-process-management, bpfman, bpfman-api. When high-quality crates choose sigstore, it's a strong quality signal.

Health Breakdown

Maintenance 19/25

Recency, release consistency, active ratio

Quality 13/25

Yanked ratio, deps, size, maturity, features

Community 7/20

Reverse deps, ownership, ecosystem

Popularity 7/15

Downloads, momentum, growth trend

Documentation 10/15

Docs, repo, license, metadata

Download Trend

Daily downloads ยท last 90 days
2K/day avg+114%
02K4K6K2/263/164/34/215/95/26

Top Dependents

Most downloaded crates that depend on sigstore

pcu
91.1K dl 56
sigstore-verification
78.7K dl 59
blue-build-process-management
28.0K dl 51
bpfman
15.0K dl 51
bpfman-api
14.4K dl 51
elfsign
2.8K dl 36
seedwing-policy-engine
2.7K dl 39
hyper-mcp
2.2K dl 49
kavach
650 dl 53
upstream-rs
502 dl 50

Version Adoption

v0.13.0
50%
v0.12.1
26%
v0.11.0
9%
v0.10.0
8%
v0.7.2
7%

Release Timeline

10 releasessince 2023
J
F
M
A
M
J
J
A
S
O
N
D
2023
3
2024
2
2025
4
2026
1
Less
More

Feature Flags

default =["full", "native-tls"]

certfull*signoauthrekorbundlecosignfulcioverifyregistrynative-tls*rustls-tlsmock-clientcached-clienttest-registrysigstore-trust-roottest-remote-registry

README

Loading README...

Maintainers

sigstore-bot
Sigstore Bot
4 crates
Dependencies
54
direct dependencies
Dependents
187
crates depend on sigstore