👩💻 Join our community of thousands of amazing developers!
Traditional cryptographic keys have created security issues and management overhead for software development teams for years. To address these security issues and ease the administrative burden, GitLab is partnering with Sigstore to use their command-line utility Cosign for keyless signing and verification, which can be done by adding just a few lines in a yml file. Before digging too far into the integration, though, let's take a closer look at some of the issues of traditional key management a...