The Seedwing Proxy is a stateless proxy that sits between a build pipeline and any upstream repository contributing to the build.
By applying a build-specific policy, the Seedwing Proxy will allow or disallow access to the upstream artifacts based upon signatures in Sigstore
, and possibly In-Toto
in the future.
Despite its name, this is not a web/http proxy in the conventional sense. It behaves as a local registry, proxying requests for software artifacts to an actual repository and returning them only if they match a given policy.
In .cargo/config
:
[source.seedwing]
registry = "http://localhost:8181/crates-io/"
[source.crates-io]
replace-with = "seedwing"