cernont/pyrofetes-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

avancement planning

Browse Source
This commit is contained in:
timothe
2026-05-26 11:58:39 +02:00
parent 619a2b240a
commit 150b97cd2e
4892 changed files with 99214 additions and 429382 deletions
Download Patch File Download Diff File Expand all files Collapse all files
node_modules/sigstore/README.md
Generated Vendored
+4 -4
View File
@@ -12,7 +12,7 @@ and verify any file.
## Prerequisites
- Node.js version >= 18.17.0
- Node.js version ^20.17.0 || >=22.9.0
## Installation
@@ -182,7 +182,7 @@ as well as the verification material necessary to verify the signature.
### verify(bundle[, payload][, options])
Verifies the signature in the supplied bundle.
Verifies the signature in the supplied bundle. Returns a `Signer` object containing the public key and identity information from the verification.
- `bundle` `<Bundle>`: The Sigstore bundle containing the signature to be verified and the verification material necessary to verify the signature.
- `payload` `<Buffer>`: The bytes of the artifact over which the signature was created. Only necessary when the `sign` function was used to generate the signature since the Bundle does not contain any information about the artifact which was signed. Not required when the `attest` function was used to generate the Bundle.
@@ -190,8 +190,8 @@ Verifies the signature in the supplied bundle.
- `ctLogThreshold` `<number>`: The number of certificate transparency logs on which the signing certificate must appear. Defaults to `1`.
- `tlogThreshold` `<number>`: The number of transparency logs on which the signature must appear. Defaults to `1`.
- `certificateIssuer` `<string>`: Value that must appear in the signing certificate's issuer extension (OID 1.3.6.1.4.1.57264.1.1). Not verified if no value is supplied.
- `certificateIdentityEmail` `<string>`: Email address which must appear in the signing certificate's Subject Alternative Name (SAN) extension. Must be specified in conjunction with the `certificateIssuer` option. Takes precedence over the `certificateIdentityURI` option. Not verified if no value is supplied.
- `certificateIdentityURI` `<string>`: URI which must appear in the signing certificate's Subject Alternative Name (SAN) extension. Must be specified in conjunction with the `certificateIssuer` option. Ignored if the `certificateIdentityEmail` option is set. Not verified if no value is supplied.
- `certificateIdentityEmail` `<string>`: Email address expected in the signing certificate's Subject Alternative Name (SAN) extension. The value is matched as a regular expression against the SAN; for exact matching, use an anchored pattern (e.g. `^user@example\\.com$`). Must be specified in conjunction with the `certificateIssuer` option. Takes precedence over the `certificateIdentityURI` option. Not verified if no value is supplied.
- `certificateIdentityURI` `<string>`: URI expected in the signing certificate's Subject Alternative Name (SAN) extension. The value is matched as a regular expression against the SAN; for exact matching, use an anchored pattern (e.g. `^https://github\\.com/owner/repo$`). Must be specified in conjunction with the `certificateIssuer` option. Ignored if the `certificateIdentityEmail` option is set. Not verified if no value is supplied.
- `certificateOIDs` `<Object>`: A collection of OID/value pairs which must be present in the certificate's extension list. Not verified if no value is supplied.
- `keySelector` `<Function>`: Callback invoked to retrieve the public key (as either `string` or `Buffer`) necessary to verify the bundle signature. Not used when the signature was generated from a Fulcio-issued signing certificate.
- `hint` `<String>`: The hint from the bundle used to identify the the signing key.