Add message for sigstore-go as an alternative for cosign signing API

Signed-off-by: Zach Steindler <[email protected]>
sigstore · Jun 27, 2024 · e92b4b7 · e92b4b7
1 parent 7661f55
commit e92b4b7
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/content/sigstore-go-v04.md b/content/sigstore-go-v04.md
@@ -13,6 +13,6 @@ draft = false
 
 sigstore-go is used in several open source projects like the [SLSA verifier](https://github.com/slsa-framework/slsa-verifier), the [GitHub CLI](https://github.com/cli/cli), and [Stacklok Minder](https://github.com/stacklok/minder).
 
-Cosign and sigstore-go are similar in that they are both written in Go, but the main differences are that sigstore-go is not a full-fledged CLI, and that it supports the [protobuf bundle format](https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_bundle.proto). We're hopeful that cosign will use sigstore-go in the near future to add protobuf bundle support.
+Cosign and sigstore-go are similar in that they are both written in Go, but the main differences are that sigstore-go is not a full-fledged CLI, and that it supports the [protobuf bundle format](https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_bundle.proto). We're hopeful that cosign will use sigstore-go in the near future to add protobuf bundle support. If you use cosign's API to sign things (other than containers), try sigstore-go as a lighter weight and more user friendly alternative.
 
 Give it a try and let us know your feedback! There may be minor interface changes between now and the upcoming v1.0.0 release.