diff --git a/cli/slsa-verifier/main_regression_test.go b/cli/slsa-verifier/main_regression_test.go index cf961c322..475d840cc 100644 --- a/cli/slsa-verifier/main_regression_test.go +++ b/cli/slsa-verifier/main_regression_test.go @@ -1523,9 +1523,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder short runner name", @@ -1541,9 +1541,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 short runner name", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner"), err: serrors.ErrorInvalidBuilderID, }, { @@ -1558,8 +1558,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 no builder", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.5"), - pkgName: PointerTo("gundam-visor"), + pkgVersion: pointerTo("1.0.5"), + pkgName: pointerTo("gundam-visor"), err: serrors.ErrorInvalidBuilderID, }, { @@ -1575,9 +1575,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch builder", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted2"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted2"), err: serrors.ErrorNotSupported, }, { @@ -1591,8 +1591,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 no package name", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder no package version", @@ -1605,8 +1605,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 no package version", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder mismatch source", @@ -1621,9 +1621,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch source", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visorS", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchSource, }, { @@ -1638,9 +1638,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch package version", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.2"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.2"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchPackageVersion, }, { @@ -1655,9 +1655,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch package name", artifact: "gundam-visor-cli-v1-tag.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visorS"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visorS"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchPackageName, }, { @@ -1672,9 +1672,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "invalid signature provenance npm CLI v1", artifact: "gundam-visor-cli-v1-tag-invalidsigprov.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorInvalidSignature, }, { @@ -1689,9 +1689,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "invalid signature publish npm CLI v1", artifact: "gundam-visor-cli-v1-tag-invalidsigpub.tgz", source: "github.com/ramonpetgrave64/gundam-visor", - pkgVersion: PointerTo("1.0.1"), - pkgName: PointerTo("gundam-visor"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("1.0.1"), + pkgName: pointerTo("gundam-visor"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorInvalidSignature, }, // npm CLI with main branch. @@ -1707,9 +1707,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgVersion: PointerTo("2.3.1"), - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("2.3.1"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder short runner name", @@ -1725,9 +1725,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 short runner name", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgVersion: PointerTo("2.3.1"), - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner"), + pkgVersion: pointerTo("2.3.1"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner"), err: serrors.ErrorInvalidBuilderID, }, { @@ -1742,8 +1742,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 no builder", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgVersion: PointerTo("2.3.1"), - pkgName: PointerTo("sigstore"), + pkgVersion: pointerTo("2.3.1"), + pkgName: pointerTo("sigstore"), err: serrors.ErrorInvalidBuilderID, }, { @@ -1759,9 +1759,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch builder", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgVersion: PointerTo("2.3.1"), - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted2"), + pkgVersion: pointerTo("2.3.1"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted2"), err: serrors.ErrorNotSupported, }, { @@ -1774,9 +1774,9 @@ func Test_runVerifyNpmPackage(t *testing.T) { { name: "valid npm CLI builder v1 no package name", artifact: "provenance-npm-test-cli-v1-prega.tgz", - pkgVersion: PointerTo("2.3.1"), + pkgVersion: pointerTo("2.3.1"), source: "github.com/sigstore/sigstore-js", - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder no package version", @@ -1789,8 +1789,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 no package version", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), }, { name: "valid npm CLI builder mismatch source", @@ -1803,8 +1803,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch source", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js2", - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchSource, }, { @@ -1819,8 +1819,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch package version", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgVersion: PointerTo("2.3.2"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgVersion: pointerTo("2.3.2"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchPackageVersion, }, { @@ -1835,8 +1835,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "valid npm CLI builder v1 mismatch package name", artifact: "provenance-npm-test-cli-v1-prega.tgz", source: "github.com/sigstore/sigstore-js", - pkgName: PointerTo("sigstore2"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("sigstore2"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorMismatchPackageName, }, { @@ -1851,8 +1851,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "invalid signature provenance npm CLI v1", artifact: "provenance-npm-test-cli-v1-prega-invalidsigprov.tgz", source: "github.com/sigstore/sigstore-js", - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorInvalidSignature, }, { @@ -1867,8 +1867,8 @@ func Test_runVerifyNpmPackage(t *testing.T) { name: "invalid signature publish npm CLI v1", artifact: "provenance-npm-test-cli-v1-prega-invalidsigpub.tgz", source: "github.com/sigstore/sigstore-js", - pkgName: PointerTo("sigstore"), - builderID: PointerTo("https://github.com/actions/runner/github-hosted"), + pkgName: pointerTo("sigstore"), + builderID: pointerTo("https://github.com/actions/runner/github-hosted"), err: serrors.ErrorInvalidSignature, }, // OSSF builder.