dpndncY

Every decision is a DSSE envelope over an in-toto v1 Statement.

Three predicateType URIs, each with a versioned JSON schema.

Executable docs ship with the install
The full reference for this topic — configuration files, code samples, CLI flags, API endpoints — ships inside every dpndncY installation so it always matches your installed version. This public-preview page lists what the in-product docs cover.

In the in-product docs

  • https://dpndncy.io/scan/v1 — scan finding payload
  • https://dpndncy.io/firewall/v1 — firewall verdict payload
  • https://dpndncy.io/agent/runtime-trace/v1 — runtime trace summary
  • DSSE envelope shape and base64url encoding
  • Signature algorithm: RS256 (RSASSA-PKCS1-v1_5 + SHA-256)