Please report security vulnerabilities privately via GitHub's security advisories or by emailing openstef@lfenergy.org. Do not open public issues for security-sensitive reports. We aim to acknowledge reports within five working days.
Every OpenSTEF release is cryptographically signed with Sigstore keyless signing. There is no long-lived private key: each signature uses an ephemeral key bound to the GitHub Actions release workflow's OIDC identity, with the signing certificate issued by Fulcio and recorded in the public Rekor transparency log. This means there is no public key to download — verification proves the artifact was published by our release workflow.
Two channels are signed:
- PyPI — every distribution carries a PEP 740 attestation, displayed and verified by PyPI on upload.
- GitHub Releases — each artifact ships with a
.sigstore.jsonbundle for offline verification.
pip verifies attestations automatically when downloading from PyPI. To check
explicitly:
pip download openstef --no-deps -d ./dist
uvx pypi-attestations verify pypi --repo OpenSTEF/openstef dist/openstef-*.whlDownload the artifact and its .sigstore.json bundle from the
Releases page, then:
uvx sigstore verify identity \
--cert-identity-regexp 'release-v4.yaml@refs/tags/v4' \
--cert-oidc-issuer https://token.actions.githubusercontent.com \
openstef-*.whlA successful run confirms the artifact was signed by the OpenSTEF release workflow. The signing private key is ephemeral and never stored, so it is never present on PyPI, GitHub Releases, or any distribution site.