awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

67 dépôts

Awesome GitHub RepositoriesCode Signing

Tools and utilities for applying digital signatures to software packages to ensure authenticity.

Distinguishing note: Focuses on the cryptographic signing process for distribution, distinct from general authentication.

Explore 67 awesome GitHub repositories matching security & cryptography · Code Signing. Refine with filters or upvote what's useful.

Awesome Code Signing GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • fastlane/fastlaneAvatar de fastlane

    fastlane/fastlane

    41,703Voir sur GitHub↗

    fastlane is a mobile DevOps framework and release automation tool designed to coordinate the building, signing, and distribution of iOS and Android applications. It functions as a build orchestrator and distribution manager that automates the delivery of mobile apps to app stores and testing environments. The project distinguishes itself through a plugin-based extension model that allows for custom action sets and a specialized system for managing developer resources. It automates the synchronization of code signing certificates and provisioning profiles and handles secure account authenticat

    Generates and renews push notification certificates, code signing certificates, and provisioning profiles for Apple platforms.

    Rubyandroidappsautomation
    Voir sur GitHub↗41,703
  • servo/servoAvatar de servo

    servo/servo

    37,170Voir sur GitHub↗

    Servo is a high-performance, memory-safe web rendering engine designed for cross-platform embedding. It provides a modular framework that allows developers to integrate web content rendering into native applications across desktop, mobile, and embedded systems. By enforcing strict process isolation and memory safety, the engine creates a secure execution environment for processing web content. The engine distinguishes itself through a task-based, parallelized architecture that decouples layout, style, and rendering processes to maximize responsiveness. It utilizes a hardware-abstracted graphi

    Applies digital signatures to software packages to ensure authenticity and security for distribution.

    Rustbrowserrustservo
    Voir sur GitHub↗37,170
  • nylas/nylas-mailAvatar de nylas

    nylas/nylas-mail

    24,740Voir sur GitHub↗

    This project is a cross-platform desktop email client built with web technologies. It serves as an extensible mail application that allows users to manage and organize email correspondence and can link to self-hosted synchronization engines to manage user data. The application is designed for extensibility through a plugin architecture and logic extension hooks, enabling the addition of custom features such as text translation, email templating, and external service integrations. It further distinguishes itself by providing a customizable interface that supports user-defined CSS styling and t

    Compiles source code into digitally signed production builds to ensure authenticity for desktop distribution.

    JavaScriptbabelelectronemail
    Voir sur GitHub↗24,740
  • phpmailer/phpmailerAvatar de PHPMailer

    PHPMailer/PHPMailer

    22,192Voir sur GitHub↗

    PHPMailer is a comprehensive library for constructing and sending complex email messages within PHP applications. It provides an object-oriented framework for building MIME-compliant emails, managing attachments, and handling multi-format content such as HTML and plain-text alternatives. The library serves as a robust interface for email dispatch, supporting both individual messaging and high-performance bulk distribution through persistent connections. The project distinguishes itself through a deep focus on secure transmission and identity verification. It integrates advanced security proto

    A toolkit for signing outgoing messages with DKIM or SMIME and validating recipient addresses to ensure integrity and prevent injection.

    PHPattachmentemailhacktoberfest
    Voir sur GitHub↗22,192
  • opa334/trollstoreAvatar de opa334

    opa334/TrollStore

    21,573Voir sur GitHub↗

    TrollStore is an application installer for iOS that enables the deployment of unsigned software on restricted mobile devices. By bypassing standard code signature verification and security sandbox requirements, it allows users to install and execute applications that originate from outside official distribution channels. The utility functions as an entitlement injection tool, modifying application metadata during installation to grant elevated system permissions. It achieves this by injecting developer certificates into software bundles and utilizing kernel-level modifications to permit the e

    Provides mechanisms for applying digital signatures to software packages to ensure authenticity and bypass standard verification.

    Objective-C
    Voir sur GitHub↗21,573
  • amark/gunAvatar de amark

    amark/gun

    19,057Voir sur GitHub↗

    Gun is a decentralized graph database and synchronization engine designed for real-time, peer-to-peer data management. It functions as a JavaScript library that enables applications to maintain consistent state across distributed nodes without relying on a central server. By utilizing conflict-free replicated data types and a gossip protocol, the system ensures that data updates propagate across the network and reconcile automatically. The project distinguishes itself through a focus on decentralized identity and security, utilizing public-key infrastructure to authenticate users and sign dat

    Ensures data integrity and verifies authorship by cryptographically signing individual data entries.

    JavaScriptartificial-intelligencebig-datablockchain
    Voir sur GitHub↗19,057
  • docker-mailserver/docker-mailserverAvatar de docker-mailserver

    docker-mailserver/docker-mailserver

    18,420Voir sur GitHub↗

    This project provides a full-stack, containerized mail server platform designed for self-hosting. It functions as a complete mail transfer agent that bundles essential services—including SMTP, IMAP, and POP3—into a unified environment. By leveraging container orchestration, it enables the deployment of private email infrastructure that handles message transport, delivery, and user management within a single, manageable service. The platform distinguishes itself through deep integration with container runtimes and robust configuration flexibility. It supports granular customization via configu

    Signs and verifies email messages using cryptographic standards like DKIM.

    Shellantispamantiviruscontainer
    Voir sur GitHub↗18,420
  • bluesky-social/social-appAvatar de bluesky-social

    bluesky-social/social-app

    18,063Voir sur GitHub↗

    This project provides a comprehensive implementation of the AT Protocol, serving as a framework for building decentralized social networking applications. It enables the creation of distributed data repositories where users maintain cryptographic ownership of their identity and content, allowing for portable accounts that can be migrated between independent servers without central authority intervention. The platform distinguishes itself by decoupling content hosting from discovery through modular algorithmic curation. Users can select third-party services to filter and organize their feeds,

    Stores user content in versioned, signed records that allow independent verification of data integrity.

    TypeScript
    Voir sur GitHub↗18,063
  • nodemailer/nodemailerAvatar de nodemailer

    nodemailer/nodemailer

    17,583Voir sur GitHub↗

    Nodemailer is a comprehensive library for Node.js applications designed to handle the composition, signing, and transmission of email messages. It provides a robust framework for constructing MIME-compliant content, managing complex attachments, and routing messages through various delivery channels, including standard SMTP servers, local mail transfer agents, and cloud-based email services. The library distinguishes itself through a modular, plugin-based transport architecture that allows for custom delivery mechanisms and environment-specific configurations. It includes advanced features fo

    Applies digital signatures to outgoing messages to ensure sender authenticity and data integrity during transit.

    JavaScriptemailemail-sendernodemailer
    Voir sur GitHub↗17,583
  • imputnet/heliumAvatar de imputnet

    imputnet/helium

    17,406Voir sur GitHub↗

    Helium is a browser engine compilation framework designed to automate the creation of custom web browser binaries from Chromium source code. It functions as a build system that manages the complex dependency toolchains and environment configurations necessary to transform raw source code into functional, cross-platform software applications. The project distinguishes itself through a structured patch-series management system, which allows developers to maintain and apply custom modifications to large-scale codebases across frequent upstream updates. This workflow ensures that specialized feat

    Integrates automated workflows to sign and notarize compiled binaries for secure distribution.

    C++browserchromiumprivacy
    Voir sur GitHub↗17,406
  • kubernetes/kopsAvatar de kubernetes

    kubernetes/kops

    16,631Voir sur GitHub↗

    kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serve

    Updates specific keypairs to be designated as the primary identity for signing operations.

    Gocncfcontainersgo
    Voir sur GitHub↗16,631
  • signalapp/signal-desktopAvatar de signalapp

    signalapp/Signal-Desktop

    16,376Voir sur GitHub↗

    Signal-Desktop is a cross-platform messaging application that provides end-to-end encrypted communication. It implements the Signal Protocol to secure messages and voice calls, ensuring that only intended recipients can access content. The application manages asynchronous key exchange and session initialization to maintain secure communication channels between parties who are not online simultaneously. The project distinguishes itself through advanced cryptographic protections, including hybrid post-quantum security that combines classical elliptic curve cryptography with lattice-based algori

    Generates digital signatures using XEdDSA to ensure the authenticity and integrity of signed content.

    TypeScript
    Voir sur GitHub↗16,376
  • electron-userland/electron-builderAvatar de electron-userland

    electron-userland/electron-builder

    14,594Voir sur GitHub↗

    electron-builder is a cross-platform build automator and packaging tool for Electron applications. It bundles source code and dependencies into platform-specific installers, portable executables, and app store formats for Windows, macOS, and Linux. The project functions as a distribution pipeline that orchestrates the signing and notarization of binaries to ensure authenticity and bypass security warnings. It also serves as an auto-update orchestrator, preparing application packages and distribution channels to support automatic background software updates. Its capability surface covers the

    Applies cryptographic digital signatures to software packages to verify authenticity on development servers or machines.

    TypeScript
    Voir sur GitHub↗14,594
  • pyinstaller/pyinstallerAvatar de pyinstaller

    pyinstaller/pyinstaller

    13,019Voir sur GitHub↗

    PyInstaller is a cross-platform binary packager and application freezer that bundles Python scripts and their dependencies into standalone executables. It allows programs to be distributed and run on target operating systems without requiring a local installation of the Python interpreter. The tool functions as a standalone executable bundler, packaging the application with all necessary modules and libraries into a single file or folder. It includes integration for digital binary signing to satisfy operating system security requirements for distributed software. The system utilizes static a

    Provides a mechanism for applying digital signatures to packaged Python binaries for security verification.

    Pythonbundlepackagepy2app
    Voir sur GitHub↗13,019
  • netbootxyz/netboot.xyzAvatar de netbootxyz

    netbootxyz/netboot.xyz

    11,855Voir sur GitHub↗

    netboot.xyz is a network-based system management platform that enables automated operating system deployment and remote system maintenance. By leveraging iPXE and standard network protocols like DHCP and TFTP, it provides a centralized infrastructure for booting installers and utility tools directly over a local network. The system is designed to facilitate unattended installations and live environment execution, allowing users to manage hardware without the need for physical installation media. The project distinguishes itself through a highly flexible, template-driven approach to boot menu

    Invokes distribution-specific UEFI shims during the boot process to verify and load signed kernels that would otherwise fail signature checks.

    Jinjaansiblebaremetalboot
    Voir sur GitHub↗11,855
  • nostr-protocol/nostrAvatar de nostr-protocol

    nostr-protocol/nostr

    11,414Voir sur GitHub↗

    Nostr is a decentralized social protocol and censorship-resistant messaging standard. It operates as a distributed event relay network where user identities are defined by public-key cryptography rather than centralized account databases. The protocol enables the exchange of cryptographically signed messages across a network of independent relays. This system allows for the broadcasting of signed notes to multiple servers to ensure content availability and permanence, while using public-key pairs to prove authorship and authenticity without a central registry. The system covers distributed c

    Broadcasts cryptographically signed records to decentralized servers to ensure content authenticity and permanence.

    Voir sur GitHub↗11,414
  • projectatomic/skopeoAvatar de projectatomic

    projectatomic/skopeo

    11,010Voir sur GitHub↗

    Skopeo is a command line utility for inspecting, copying, and managing OCI and Docker container images across registries and local storage. It functions as a container image tool and registry manager that performs these operations without requiring a background daemon to be running on the host. The tool specializes in daemonless image manipulation, allowing users to retrieve metadata, manifests, and tags from remote registries without pulling the full image locally. It provides capabilities for mirroring external repositories to internal registries for air-gapped deployments and manages the t

    Applies digital signatures to container image manifests to ensure software authenticity and integrity.

    Go
    Voir sur GitHub↗11,010
  • containers/skopeoAvatar de containers

    containers/skopeo

    10,982Voir sur GitHub↗

    Skopeo is an OCI container image manager and registry client designed for inspecting, copying, and signing container images across different registries and storage backends. It enables the manipulation of container images using direct API calls to registries, operating independently of a local container daemon or runtime. The tool provides specialized capabilities for container image mirroring and synchronization, specifically supporting the mirroring of external repositories to internal registries for air-gapped environments. It also functions as a container image signing tool, allowing for

    Enables attaching and verifying cryptographic signatures on container images to ensure content integrity.

    Go
    Voir sur GitHub↗10,982
  • thumbor/thumborAvatar de thumbor

    thumbor/thumbor

    10,501Voir sur GitHub↗

    Thumbor is a dynamic image processing service and proxy server that resizes, crops, and filters images on demand via URL parameters. It functions as a URL-based image manipulator that generates specific image versions from source assets to optimize web delivery. The system includes a smart cropping engine that uses facial feature detection and computer vision to automatically center thumbnails on the most relevant visual content. To prevent unauthorized parameter tampering and malicious requests, it employs signature-based request validation and domain-based source whitelisting. Broad capabi

    Ensures secure image delivery through signed URLs and domain-based source restrictions.

    Pythonhacktoberfest
    Voir sur GitHub↗10,501
  • containerd/nerdctlAvatar de containerd

    containerd/nerdctl

    10,172Voir sur GitHub↗

    nerdctl is a command-line tool that manages containers and images using containerd as the runtime, providing a Docker-compatible interface for container lifecycle management. It supports running containers with the same command syntax and flags as Docker, including multi-container Compose workflows, and enables rootless container execution without host kernel escalation. The tool extends beyond basic container management with several advanced distribution and security capabilities. It can start containers before full image download by fetching only metadata and on-demand layers from eStargz-f

    Signs images during push and verifies signatures on pull using cosign, ensuring image integrity and authenticity.

    Gocontainerd
    Voir sur GitHub↗10,172
Préc.123…4Suivant
  1. Home
  2. Security & Cryptography
  3. Code Signing

Explorer les sous-tags

  • Account Key RotationReplacing the primary signing keys of a ledger account using a secondary key pair. **Distinct from Signing Key Rotation:** Rotates account authorization keys for value transfer, whereas signing-key-rotation typically refers to certificates/code signing.
  • Block Signer Key RotationMechanisms for rotating blockchain block signing keys with a grace period for continuous block acceptance. **Distinct from Account Key Rotation:** Unlike account key rotation for value transfer, this specifically manages the rotation of block production signing keys.
  • Certificate SwappingReplacing existing system or application certificates with custom versions to enable unsigned code execution. **Distinct from Code Signing:** Focuses on the active replacement of certificates on the device to bypass restrictions, rather than just creating digital signatures.
  • Container Image Signing9 sous-tagsApplying digital signatures to container image manifests to ensure software authenticity. **Distinct from Code Signing:** Specific to OCI container image manifests rather than general software binaries or packages
  • Developer Certificate Signings1 sous-tagUses imported developer certificates to sign iOS apps for sideloading without requiring Just-In-Time compilation. **Distinct from JIT-Based Signing Bypasses:** Distinct from JIT-Based Signing Bypasses: relies on importing developer certificates for standard code signing, not bypassing signing via JIT.
  • Email SigningMechanisms for applying digital signatures to email messages to verify sender identity and ensure content integrity. **Distinct from Code Signing:** Distinct from Code Signing: focuses on email-specific standards like SMIME and DKIM rather than software package authenticity.
  • JIT-Based Signing BypassesLaunches unsigned iOS applications using Just-In-Time compilation to avoid Apple's code signing requirements. **Distinct from Code Signing:** Distinct from Code Signing: bypasses code signing using JIT, not applies digital signatures.
  • Secure Image DeliveryMechanisms using signed URLs and domain restrictions to protect image processing services from abuse. **Distinct from Container Image Signing:** Distinct from Container Image Signing: focuses on securing the delivery of processed image assets via URL signatures.
  • Signed Data RepositoriesSystems for storing versioned, cryptographically signed records to ensure data integrity. **Distinct from Code Signing:** Distinct from Code Signing: focuses on user-generated content records rather than software package authenticity.
  • Signing Key Rotation7 sous-tagsReplacing security certificates by issuing a signed update to maintain the trust chain. **Distinct from Code Signing:** A specific lifecycle operation of code signing used to recover from lost private keys.