Skip to content

Commit

Permalink
update to @sigstore/protobuf-specs@0.3.0 (#1011)
Browse files Browse the repository at this point in the history 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
  • Loading branch information
@bdehamer
bdehamer authored Feb 13, 2024
1 parent 33647fd commit 555dd8e
Show file tree
Hide file tree
Showing 26 changed files with 784 additions and 71 deletions.
11 changes: 11 additions & 0 deletions .changeset/chilly-pugs-grow.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
"@sigstore/bundle": patch
"@sigstore/conformance": patch
"sigstore": patch
"@sigstore/mock": patch
"@sigstore/sign": patch
"@sigstore/tuf": patch
"@sigstore/verify": patch
---

Bump @sigstore/protobuf-specs from 0.2.1 to 0.3.0
5 changes: 5 additions & 0 deletions .changeset/chilly-swans-applaud.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@sigstore/bundle": minor
---

Support for validating v0.3 bundles
5 changes: 5 additions & 0 deletions .changeset/seven-countries-ring.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@sigstore/verify": minor
---

Support for verifying v0.3 bundles
40 changes: 20 additions & 20 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/bundle/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
"provenance": true
},
"dependencies": {
"@sigstore/protobuf-specs": "^0.2.1"
"@sigstore/protobuf-specs": "^0.3.0"
},
"engines": {
"node": "^16.14.0 || >=18.0.0"
Expand Down
170 changes: 170 additions & 0 deletions packages/bundle/src/__tests__/__snapshots__/serialized.test.ts.snap
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP

exports[`bundleToJSON SerializedDSSEBundle (v0.3) matches the snapshot 1`] = `
{
"dsseEnvelope": {
"payload": "cGF5bG9hZA==",
"payloadType": "application/vnd.in-toto+json",
"signatures": [
{
"keyid": "keyid",
"sig": "c2lnbmF0dXJl",
},
],
},
"mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.3",
"verificationMaterial": {
"certificate": {
"rawBytes": "Y2VydGlmaWNhdGU=",
},
"timestampVerificationData": {
"rfc3161Timestamps": [
{
"signedTimestamp": "c2lnbmVkVGltZXN0YW1w",
},
],
},
"tlogEntries": [
{
"canonicalizedBody": "Ym9keQ==",
"inclusionPromise": {
"signedEntryTimestamp": "aW5jbHVzaW9uUHJvbWlzZQ==",
},
"inclusionProof": {
"checkpoint": {
"envelope": "checkpoint",
},
"hashes": [
"aGFzaA==",
],
"logIndex": "0",
"rootHash": "cm9vdEhhc2g=",
"treeSize": "0",
},
"integratedTime": "2021-01-01T00:00:00Z",
"kindVersion": {
"kind": "kind",
"version": "version",
},
"logId": {
"keyId": "bG9nSWQ=",
},
"logIndex": "0",
},
],
},
}
`;

exports[`bundleToJSON SerializedDSSEBundle matches the snapshot 1`] = `
{
"dsseEnvelope": {
"payload": "cGF5bG9hZA==",
"payloadType": "application/vnd.in-toto+json",
"signatures": [
{
"keyid": "keyid",
"sig": "c2lnbmF0dXJl",
},
],
},
"mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1",
"verificationMaterial": {
"timestampVerificationData": {
"rfc3161Timestamps": [
{
"signedTimestamp": "c2lnbmVkVGltZXN0YW1w",
},
],
},
"tlogEntries": [
{
"canonicalizedBody": "Ym9keQ==",
"inclusionPromise": {
"signedEntryTimestamp": "aW5jbHVzaW9uUHJvbWlzZQ==",
},
"inclusionProof": {
"checkpoint": {
"envelope": "checkpoint",
},
"hashes": [
"aGFzaA==",
],
"logIndex": "0",
"rootHash": "cm9vdEhhc2g=",
"treeSize": "0",
},
"integratedTime": "2021-01-01T00:00:00Z",
"kindVersion": {
"kind": "kind",
"version": "version",
},
"logId": {
"keyId": "bG9nSWQ=",
},
"logIndex": "0",
},
],
"x509CertificateChain": {
"certificates": [
{
"rawBytes": "Y2VydGlmaWNhdGU=",
},
],
},
},
}
`;

exports[`bundleToJSON SerializedMessageSignatureBundle matches the snapshot 1`] = `
{
"mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1",
"messageSignature": {
"messageDigest": {
"algorithm": "SHA2_256",
"digest": "ZGlnZXN0",
},
"signature": "c2lnbmF0dXJl",
},
"verificationMaterial": {
"publicKey": {
"hint": "pki-hint",
},
"timestampVerificationData": {
"rfc3161Timestamps": [
{
"signedTimestamp": "c2lnbmVkVGltZXN0YW1w",
},
],
},
"tlogEntries": [
{
"canonicalizedBody": "Ym9keQ==",
"inclusionPromise": {
"signedEntryTimestamp": "aW5jbHVzaW9uUHJvbWlzZQ==",
},
"inclusionProof": {
"checkpoint": {
"envelope": "checkpoint",
},
"hashes": [
"aGFzaA==",
],
"logIndex": "0",
"rootHash": "cm9vdEhhc2g=",
"treeSize": "0",
},
"integratedTime": "2021-01-01T00:00:00Z",
"kindVersion": {
"kind": "kind",
"version": "version",
},
"logId": {
"keyId": "bG9nSWQ=",
},
"logIndex": "0",
},
],
},
}
`;
4 changes: 4 additions & 0 deletions packages/bundle/src/__tests__/index.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import { fromPartial } from '@total-typescript/shoehorn';
import {
BUNDLE_V01_MEDIA_TYPE,
BUNDLE_V02_MEDIA_TYPE,
BUNDLE_V03_MEDIA_TYPE,
Bundle,
BundleLatest,
BundleV01,
Expand All @@ -43,6 +44,7 @@ import {
assertBundle,
assertBundleLatest,
assertBundleV01,
assertBundleV02,
bundleFromJSON,
bundleToJSON,
envelopeFromJSON,
Expand Down Expand Up @@ -148,6 +150,7 @@ describe('public interface', () => {
expect(assertBundle).toBeDefined();
expect(assertBundleLatest).toBeDefined();
expect(assertBundleV01).toBeDefined();
expect(assertBundleV02).toBeDefined();
});

it('exports serialization functions', () => {
Expand All @@ -160,6 +163,7 @@ describe('public interface', () => {
it('exports constants', () => {
expect(BUNDLE_V01_MEDIA_TYPE).toBeDefined();
expect(BUNDLE_V02_MEDIA_TYPE).toBeDefined();
expect(BUNDLE_V03_MEDIA_TYPE).toBeDefined();
});

it('exports errors', () => {
Expand Down
Loading

0 comments on commit 555dd8e

Please sign in to comment.