GO-2026-4529: Cosign considered signatures valid with expired intermediate certificates when transparency log verification is skipped in github.com/sigstore/cosign

copy

package

v3.0.4 Latest Latest Go to latest Published: Jan 9, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sigstore/cosign

Links

Open Source Insights

Documentation ¶

Index ¶

func CopyCmd(ctx context.Context, regOpts options.RegistryOptions, srcImg, dstImg string, ...) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CopyCmd ¶

func CopyCmd(ctx context.Context, regOpts options.RegistryOptions, srcImg, dstImg string, sigOnly, force bool, copyOnly []string, platform string) error

CopyCmd implements the logic to copy the supplied container image and signatures. nolint

Types ¶

This section is empty.

Source Files ¶

View all Source files

copy.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL