Skip to content

gojiplus/notary

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
public
public
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package.json
package.json
 
 
wrangler.toml
wrangler.toml
 
 

Repository files navigation

Notary: PyPI Digital Attestation Shield Generation Service

Example: https://notarypy.soodoku.workers.dev/badge/pydantic/2.7.2/pydantic-2.7.2-py3-none-any.whl

Uses the PyPI Integrity API, e.g., https://pypi.org/integrity/ethnicolr/0.14.0/ethnicolr-0.14.0-py3-none-any.whl/provenance, and produces a Shields Badge based on that.

NotaryPy Badge Generator

A badge generator for Python package attestations on PyPI, deployed as a Cloudflare Worker.

What it does

This service generates badges that indicate whether a Python package on PyPI has provenance attestations. It uses Shields.io to render the badges and provides a simple API endpoint to check attestation status.

Usage

Add a badge to your README by using this URL format:

![PyPI Attestation](https://notarypy.soodoku.workers.dev/badge/PACKAGE_NAME/VERSION/FILENAME)

For example:

![PyPI Attestation](https://notarypy.soodoku.workers.dev/badge/pydantic/2.7.2/pydantic-2.7.2-py3-none-any.whl)

Badge States

  • Verified (green): Package has provenance attestations
  • None (red): Package does not have provenance attestations

Development

Prerequisites

Local Development

  1. Clone this repository
  2. Install dependencies: 
    npm install
  3. Run the worker locally: 
    npm run dev
  4. Test the badge endpoint at http://localhost:8787/badge/pydantic/2.7.2/pydantic-2.7.2-py3-none-any.whl

Deployment

Deploy to Cloudflare Workers:

npm run deploy

License

MIT

Made with ❤️ by GojiPlus

About

PyPI Attestation Shield Generation Service

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages