https://marc.info/?l=openbsd-ports&m=166012227330190&w=2
Again, here's sthen@'s email and his tarball attached. g On 8/8/22 11:41, George Rosamond wrote:
ping -------- Forwarded Message -------- Subject: [NEW] security/py-in-toto Date: Tue, 2 Aug 2022 17:50:24 -0400 From: George Rosamond <geo...@ceetonetechnology.com> To: OpenBSD Ports <ports@openbsd.org>in-toto (https://in-toto.io/) is from NYU's Secure Systems Lab (https://ssl.engineering.nyu.edu/) and NJIT's Cybersecurity Research Center (https://research.njit.edu/cybersecurity/) looking to mitigate 'supply chain' issues for package management systems.from pkg/DESCR: in-toto provides a framework to protect the integrity of the software supply chain. It does so by verifying that each task in the chain is carried out as planned, by authorized personnel only, and that the product is not tampered with in transit.Haven't tinkered around with building 'layouts' yet, but thought I would submit to ports@ to see if there's any interest.There's one currently unported RUN_DEPEND security/py-securesystemslib which I'll send after this email.g
py-in-toto.tgz
Description: Binary data
