这是 image.re8ch.com 的独立产品页。Harbor 继续作为 OCI 流量的事实源,本页只解释会员申请、镜像签名、SBOM、扫描和租户安全发布路径。

Three public signals, not a security spreadsheet.

Public registry data stays anonymous and compressed into the only numbers the product page needs: scale, signing coverage, and release compliance.

Images--Built artifacts across anonymous projects.
Signed--Digest-level signature coverage.
Compliance--Scan, signature, SBOM and policy gate score.

The artifact lifecycle is the product.

Source becomes a layered image cube, then receives a scan beam, signature ribbon, SBOM pages, and a final policy gate before promotion.

Source Code → Production

Loading snapshot

One proof section, tuned for trust.

Live anonymous data summarizes supply-chain quality without exposing project names, repository tags, user accounts, IP addresses or robot credentials.

Open the anonymous Registry live case.

The raw public snapshot is available for inspection when you want the data behind the animation.

View JSON