k2gl member since: Oct 20, 2022
k2gl's packages
-
-
PHP
k2gl/array-reader
Tiny, zero-dependency typed reader for mixed arrays (decoded JSON, CSV rows, config, request payloads) with strict and lenient access.
-
PHP
k2gl/dsse
Faithful, zero-dependency PHP implementation of DSSE (Dead Simple Signing Envelope): PAE encoding, envelope (de)serialization, and pluggable signers/verifiers.
-
PHP
k2gl/entity-exist
Checks if there is at least one row with the required field in the database, for example, a row with the same identifier
-
-
PHP
k2gl/in-toto-attestation
Faithful, typed PHP implementation of the in-toto Attestation Framework (Statement v1): build, sign and verify attestations over k2gl/dsse.
-
-
PHP
k2gl/pragmatic-franken
Pragmatic FrankenPHP — PHP 8.5 / Symfony 8 starter: Vertical Slices + CQRS over Messenger, FrankenPHP worker mode, real prod image, agent-ready docs
-
PHP
k2gl/sigstore-verify
Offline, fail-closed PHP verifier for Sigstore bundles: Fulcio certificate chain, DSSE or message signature, Rekor v1/v2 transparency-log proof, RFC 3161 timestamp, certificate transparency and identity policy. Passes the official sigstore-conformance suite.
-
PHP
k2gl/slsa-provenance
Faithful, typed PHP implementation of the SLSA Provenance v1 and v0.2 predicates, built on k2gl/in-toto-attestation.
-
PHP
k2gl/tuf
The Update Framework (TUF) client for PHP: a minimal, fail-closed metadata verifier and updater for securely distributed trust roots, such as Sigstore's.