Developer site k2gl.com launches eight tools for supply-chain and identity formats
The website k2gl.com has added a tools section featuring eight web-based utilities focused on software supply-chain and digital identity formats. The tools include a Sigstore bundle inspector, an in-toto provenance viewer, a SLSA DSSE debugger, and a Composer attestation checker for verifying dependencies. Additional tools cover SD-JWT token debugging per RFC 9901, SSH signature verification for both OpenSSH modes, and a PEM-to-JWK key converter supporting RSA, EC, and Ed25519 formats. The site is built on open-source PHP with a FrankenPHP backend, and the tools are designed to process data client-side to address privacy concerns around pasting real tokens. Users can access the full tools index at k2gl.com or navigate directly to specific utilities for dependency verification.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in