Join us

ContentUpdates and recent posts about Sigstore..
Link
@kaptain shared a link, 1 day, 3 hours ago
FAUN.dev()

Open source maintainership in the age of AI

Kubernetes maintainers accept AI-assisted contributions when contributors disclose AI use, understand the code, and own the change. Maintainers test AI review tools to help them sort issues and pull requests... read more  

Link
@kaptain shared a link, 1 day, 3 hours ago
FAUN.dev()

OTel and mesh-derived metrics: A 2026 reference

A blog post by Mesut Oezdil, a DevOps Engineer from Buoyant, discusses how Linkerd's proxy provides network layer metrics with zero changes to application code. The post showcases the overlap and differences between mesh-derived metrics and OpenTelemetry metrics, along with the integration pattern t.. read more  

OTel and mesh-derived metrics: A 2026 reference
Link
@kaptain shared a link, 1 day, 3 hours ago
FAUN.dev()

Introducing the Cluster API plugin for Headlamp

Headlamp is an open-source, extensible Kubernetes SIG UI project designed to let you explore, manage, and debug cluster resources directly from a browser. Cluster API (CAPI) is a Kubernetes sub-project that brings declarative, Kubernetes-style APIs to cluster lifecycle management. It lets platform t.. read more  

Introducing the Cluster API plugin for Headlamp
Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

Everything a Senior Engineer Needs to Know About What's Inside an LLM

The shift from RNNs totransformerssolved sequential bottlenecks and long-range decay issues withself-attention. Transformers use encoding, decoding, and tokenization to process sequences efficiently and accurately. This evolution led to models like GPT, which excel at tasks with minimal fine-tuning .. read more  

Everything a Senior Engineer Needs to Know About What's Inside an LLM
Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

GLM-5.2 vs Claude Opus

After a head-to-head coding test, you can use GLM-5.2 as a low-cost open-weights coding model and choose Opus when you need stronger correctness, faster responses, or visual self-checking... read more  

GLM-5.2 vs Claude Opus
Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

The Problem is Prompt Debt

Teams create prompt debt when they hand-tune prompts. They turn natural-language instructions into fragile specs, spend more time adjusting wording, and tie the application to one model... read more  

The Problem is Prompt Debt
Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

Cisco Bets On WideField Security Acquisition To Tackle Agentic AI Security Gap

Cisco executives plan to acquire WideField Security so Cisco teams can add identity and session telemetry to agentic AI security operations... read more  

Cisco Bets On WideField Security Acquisition To Tackle Agentic AI Security Gap
Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

AI's Affordability Crisis

The AI platforms are running the drug-dealer's algorithm, with subsidies resulting in overwhelming demand for their products. Estimates show that the cost of generating tokens ranges from $8 to $14 to generate $1 in revenue. Companies transitioning to token-based pricing have seen significant increa.. read more  

Link
@kala shared a link, 1 day, 3 hours ago
FAUN.dev()

Model Size Scaling in 2023-2031

Token generation speed is constrained by the speed at which the relevant HBM can be read, depending on model size and pipeline setup. Model sizes feasible for each year between 2023 and 2031 range from 10T in 2026 to 1.4 quadrillion in 2031, with pretraining compute and HBM specifications playing es.. read more  

Link
@devopslinks shared a link, 1 day, 3 hours ago
FAUN.dev()

How we migrated a live routing system using AI-assisted refactoring

Datadog says engineers can use AI-assisted refactoring for critical migrations when they own the data model and use tests to limit each rewrite to one method. Engineers should keep system design and optimization in human hands... read more  

How we migrated a live routing system using AI-assisted refactoring
Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.