Skip to content

Latest commit

 

History

History
53 lines (41 loc) · 1.92 KB

README.md

File metadata and controls

53 lines (41 loc) · 1.92 KB

The Symfony binary is a must-have tool when developing Symfony applications on your local machine. It provides:

Installation

Read the installation instructions on symfony.com.

Signature Verification

Symfony binaries are signed using cosign, which is part of sigstore. Signatures can be verified as follows (OS and architecture omitted for clarity):

$ COSIGN_EXPERIMENTAL=1 cosign verify-blob --signature symfony-cli.sig symfony-cli
tlog entry verified with uuid: "2b7ca2bfb7ee09114a15d60761c2a0a8c97f07cc20c02e635a92ba137a08a6de" index: 1261963
Verified OK

The above uses the (currently experimental) keyless signing method. Alternatively, one can verify the signature by also providing the certificate:

$ cosign verify-blob --cert symfony-cli.pem --signature symfony-cli.sig symfony-cli
Verified OK

Security Issues

If you discover a security vulnerability, please follow our disclosure procedure.