Project Status

Wardex is active and shipping.

This page is maintained by the Wardex team. Unlike SaaS uptime dashboards (which don't apply to a self-hosted product), it tracks what actually matters for operators: release cadence, signing keys, open CVE advisories and supply-chain incidents.

Current

At a glance

Releases

✓ Shipping

Tagged releases published to GitHub with SHA-256 and cosign signatures.

Open CVEs

0

No open security advisories against Wardex code at this time.

Supply-chain incidents

0

No compromised dependencies, key loss or release-infrastructure incidents.

SBOM

✓ Published

CycloneDX SBOM attached to every tagged release.

Releases

Recent activity

Loading recent releases from GitHub…

View all releases on GitHub →

Trust

Verifying a release

cosign key

ed25519 / published in repo under
deploy/cosign.pub

Every release is signed with the committed public key. Verify with cosign verify-blob.

Checksums

SHA256SUMS per release
signed with cosign

Download the SHA256SUMS file, verify its cosign signature, then verify each binary against it.

SBOM

wardex-<version>.cdx.json

CycloneDX JSON attached to every release. Scan with grype or trivy sbom.

Security contact

Responsible disclosure

Security reports: please email mip@gmx.biz or open a GitHub Security Advisory. We follow coordinated disclosure with a 90-day default window and CVE assignment for confirmed issues.