notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)Want a good monitor light? See my photosAll times are UTC		 Ukraine

Bot filter coming soon

To deter bots pegging the database CPU to 100%, a bot testing filter to be added to the website. This should not affect newsfeeds etc. Anubis seems light-weight - it is already in use within the FreeBSD Project. This notice is just a heads up in case you see something odd. This notice will be updated after Anubis is installed.

Port details
rekor Software Supply Chain Transparency Log (client only)
1.3.10_2 security on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout Package not present on quarterly.This port was created during this quarter. It will be in the next quarterly branch but not the current one.
Maintainer: bofh@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2025-05-04 18:50:05
Last Update: 2025-06-06 20:00:53
Commit Hash: 94be418
License: APACHE20
WWW:
https://www.sigstore.dev/
Description:
Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. Rekor will enable software maintainers and build systems to record signed metadata to an immutable record. Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's lifecycle. The Rekor project provides a restful API based server for validation and a transparency log for storage. A CLI application is available to make and verify entries, query the transparency log for inclusion proof, integrity verification of the transparency log or retrieval of entries by either public key or artifact. Rekor fulfils the signature transparency role of sigstore's software signing infrastructure. However, Rekor can be run on its own and is designed to be extensible to working with different manifest schemas and PKI tooling.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
Dependency lines:
  • rekor-client>0:security/rekor
To install the port:
cd /usr/ports/security/rekor/ && make install clean
To add the package, run one of these commands:
  • pkg install security/rekor
  • pkg install rekor-client
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: rekor-client
Package flavors (<flavor>: <package>)
  • client: rekor-client
  • server: rekor-server
distinfo:
TIMESTAMP = 1746289423 SHA256 (go/security_rekor/rekor-v1.3.10/v1.3.10.mod) = 788c563e936db5816de40e7ff4a7f58ffa8d184fbe99842eec058da0d3b8f65d SIZE (go/security_rekor/rekor-v1.3.10/v1.3.10.mod) = 11137

Expand this list (2 items)

Collapse this list.

SHA256 (go/security_rekor/rekor-v1.3.10/v1.3.10.zip) = 6a65d2c266a8ac2351061716142c9cb373abec19c892d4b5c0c83e21bf2b3789 SIZE (go/security_rekor/rekor-v1.3.10/v1.3.10.zip) = 1193215

Collapse this list.

Packages (timestamps in pop-ups are UTC):
rekor-client
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.3.10_21.3.10_2-1.3.101.3.10_2---
FreeBSD:13:quarterly--------
FreeBSD:14:latest1.3.101.3.10_2-1.3.101.3.10_2---
FreeBSD:14:quarterly--------
FreeBSD:15:latest1.3.101.3.10_1n/a1.3.10n/a---
 

rekor-server
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.3.10_21.3.10_2-1.3.101.3.10_2---
FreeBSD:13:quarterly--------
FreeBSD:14:latest1.3.101.3.10_2-1.3.101.3.10_2---
FreeBSD:14:quarterly--------
FreeBSD:15:latest1.3.101.3.10_1n/a1.3.10n/a---
 

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. go124 : lang/go124
Fetch dependencies:
  1. go124 : lang/go124
There are no ports dependent upon this port
Configuration Options:
No options to configure
Options name:
security_rekor
USES:
cpe go:1.24,modules zip
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://proxy.golang.org/github.com/sigstore/rekor/@v/
Collapse this list.

Number of commits found: 3

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.3.10_2
06 Jun 2025 20:00:53
commit hash: 94be418de3de0b9beea03165f868b89b524b2c23commit hash: 94be418de3de0b9beea03165f868b89b524b2c23commit hash: 94be418de3de0b9beea03165f868b89b524b2c23commit hash: 94be418de3de0b9beea03165f868b89b524b2c23 files touched by this commit		 Adam Weinberger (adamw) search for other commits by this committer 
various: Bump PORTREVISION after go124-1.24.4 update
1.3.10_1
21 May 2025 19:58:15
commit hash: 0bdd2ad334c94bfa4d976a8dde6e0ebc432f2a52commit hash: 0bdd2ad334c94bfa4d976a8dde6e0ebc432f2a52commit hash: 0bdd2ad334c94bfa4d976a8dde6e0ebc432f2a52commit hash: 0bdd2ad334c94bfa4d976a8dde6e0ebc432f2a52 files touched by this commit		 Adam Weinberger (adamw) search for other commits by this committer 
go: Bump go124-dependent ports

Earlier I bumped the default Go to 1.24. Ports that specify a lower
version will still build with those lower version (for now), so they
don't need a bumping. Instead I'm bumping anything that (now) has go124
as a dependency.
1.3.10
04 May 2025 18:44:56
commit hash: fd18edcfedc3e98872e5a066702568bfa4bdc799commit hash: fd18edcfedc3e98872e5a066702568bfa4bdc799commit hash: fd18edcfedc3e98872e5a066702568bfa4bdc799commit hash: fd18edcfedc3e98872e5a066702568bfa4bdc799 files touched by this commit		 Muhammad Moinur Rahman (bofh) search for other commits by this committer 
security/rekor: New port

Software Supply Chain Transparency Log

Rekor's goals are to provide an immutable tamper resistant ledger of
metadata generated within a software projects supply chain. Rekor will
enable software maintainers and build systems to record signed metadata
to an immutable record.  Other parties can then query said metadata to
enable them to make informed decisions on trust and non-repudiation of
an object's lifecycle.

The Rekor project provides a restful API based server for validation and
a transparency log for storage. A CLI application is available to make
and verify entries, query the transparency log for inclusion proof,
integrity verification of the transparency log or retrieval of entries
by either public key or artifact.

Rekor fulfils the signature transparency role of sigstore's software
signing infrastructure. However, Rekor can be run on its own and is
designed to be extensible to working with different manifest schemas and
PKI tooling.

WWW: https://www.sigstore.dev/

Number of commits found: 3
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
openh264Jun 22
clamavJun 20
clamavJun 20
chromiumJun 19
ungoogled-chromiumJun 19
navidromeJun 18
chromiumJun 17
chromiumJun 17
firefoxJun 17
ungoogled-chromiumJun 17
ungoogled-chromiumJun 17
firefoxJun 15
firefox-esrJun 15
thunderbirdJun 15
webminJun 15

15 vulnerabilities affecting 243 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2025-06-24 08:54:37 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 33391
Broken 142
Deprecated 277
Ignore 258
Forbidden 0
Restricted 2
No CDROM 1
Vulnerable 31
Expired 15
Set to expire 219
Interactive 0
new 24 hours 4
new 48 hours12
new 7 days77
new fortnight98
new month180
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2025 Dan Langille. All rights reserved.