{
  "$type": "site.standard.document",
  "description": "TUF, in-toto, and Sigstore only look pointless while nothing is on fire",
  "path": "/2026/05/24/signing-is-for-the-bad-days.html",
  "publishedAt": "2026-05-24T10:00:00.000Z",
  "site": "at://did:plc:q3moczhdry2263q35ffqqzs5/site.standard.publication/3mnkktcb4vt2j",
  "tags": [
    "supply-chain",
    "security",
    "package-managers"
  ],
  "title": "Signing is for the bad days"
}