@docker/actions-toolkit 0.72.0 → 0.73.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/lib/cosign/cosign.js +2 -4
  2. package/lib/cosign/cosign.js.map +1 -1
  3. package/lib/sigstore/sigstore.d.ts +4 -2
  4. package/lib/sigstore/sigstore.js +83 -57
  5. package/lib/sigstore/sigstore.js.map +1 -1
  6. package/lib/types/sigstore/sigstore.d.ts +2 -0
  7. package/package.json +7 -7
package/lib/cosign/cosign.js CHANGED
@@ -162,13 +162,11 @@ class Cosign {
162
162
  if (!bundlePayload && obj && obj.mediaType === bundle_1.BUNDLE_V03_MEDIA_TYPE) {
163
163
  bundlePayload = obj;
164
164
  }
165
- if (bundlePayload && signatureManifestDigest) {
165
+ if (bundlePayload && (signatureManifestDigest || signatureManifestFallbackDigest)) {
166
+ errors = undefined; // clear errors if we have both payload and manifest digest
166
167
  break;
167
168
  }
168
169
  }
169
- if (!errors && !bundlePayload) {
170
- throw new Error(`Cannot find signature bundle from cosign command output: ${logs}`);
171
- }
172
170
  return {
173
171
  bundle: bundlePayload,
174
172
  signatureManifestDigest: signatureManifestDigest || signatureManifestFallbackDigest,
package/lib/cosign/cosign.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cosign.js","sourceRoot":"","sources":["../../src/cosign/cosign.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,6CAAyE;AAEzE,kCAA6B;AAC7B,+CAAiC;AACjC,sDAA+D;AAkB/D,MAAa,MAAM;IAKjB,YAAY,IAAiB;QAC3B,IAAI,CAAC,OAAO,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,QAAQ,CAAC;QACzC,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC;IAC5B,CAAC;IAEY,WAAW;;YACtB,MAAM,EAAE,GAAY,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,EAAE;gBAC7D,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC;iBACC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,IAAI,CAAC,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC/D,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC3B,CAAC,CAAC;iBACD,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEY,OAAO;;YAClB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBAC5E,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,UAAU,CAAC;YAClD,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;KAAA;IAEY,YAAY;;YACvB,MAAM,WAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACnD,YAAY,EAAE,KAAK;aACpB,CAAC,CAAC;QACL,CAAC;KAAA;IAEY,gBAAgB,CAAC,KAAa,EAAE,OAAgB;;YAC3D,MAAM,GAAG,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9C,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,IAAI,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;YAC/E,IAAI,CAAC,KAAK,CAAC,2BAA2B,GAAG,eAAe,KAAK,KAAK,GAAG,EAAE,CAAC,CAAC;YACzE,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAC,kBAAkB,CAAC,IAAY;QAC3C,IAAI,uBAA2C,CAAC;QAChD,IAAI,+BAAmD,CAAC;QACxD,IAAI,aAA2C,CAAC;QAChD,IAAI,MAA6C,CAAC;QAElD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjD,SAAS;YACX,CAAC;YAED,8DAA8D;YAC9D,IAAI,GAAQ,CAAC;YACb,IAAI,CAAC;gBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;YAAC,WAAM,CAAC;gBACP,SAAS;YACX,CAAC;YAED,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9D,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YACtB,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAC,uBAAuB,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChG,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,8BAAqB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAChF,uBAAuB,GAAG,EAAE,CAAC,MAAM,CAAC;gBACtC,CAAC;qBAAM,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,mCAAuB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACzF,+BAA+B,GAAG,EAAE,CAAC,MAAM,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,aAAa,IAAI,GAAG,IAAI,GAAG,CAAC,SAAS,KAAK,8BAAqB,EAAE,CAAC;gBACrE,aAAa,GAAG,GAAuB,CAAC;YAC1C,CAAC;YAED,IAAI,aAAa,IAAI,uBAAuB,EAAE,CAAC;gBAC7C,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,4DAA4D,IAAI,EAAE,CAAC,CAAC;QACtF,CAAC;QAED,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,uBAAuB,EAAE,uBAAuB,IAAI,+BAA+B;YACnF,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AAxHD,wBAwHC"}
1
+ {"version":3,"file":"cosign.js","sourceRoot":"","sources":["../../src/cosign/cosign.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,oDAAsC;AACtC,6CAAyE;AAEzE,kCAA6B;AAC7B,+CAAiC;AACjC,sDAA+D;AAkB/D,MAAa,MAAM;IAKjB,YAAY,IAAiB;QAC3B,IAAI,CAAC,OAAO,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,QAAQ,CAAC;QACzC,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC;IAC5B,CAAC;IAEY,WAAW;;YACtB,MAAM,EAAE,GAAY,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,EAAE;gBAC7D,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC;iBACC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACV,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,IAAI,CAAC,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC/D,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,OAAO,GAAG,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC3B,CAAC,CAAC;iBACD,KAAK,CAAC,KAAK,CAAC,EAAE;gBACb,IAAI,CAAC,KAAK,CAAC,6BAA6B,KAAK,EAAE,CAAC,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEL,IAAI,CAAC,KAAK,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;IAEY,OAAO;;YAClB,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACvB,CAAC;YACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBAC5E,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;oBAC/C,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,UAAU,CAAC;YAClD,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;KAAA;IAEY,YAAY;;YACvB,MAAM,WAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACnD,YAAY,EAAE,KAAK;aACpB,CAAC,CAAC;QACL,CAAC;KAAA;IAEY,gBAAgB,CAAC,KAAa,EAAE,OAAgB;;YAC3D,MAAM,GAAG,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,CAAC,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9C,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,IAAI,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;YAC/E,IAAI,CAAC,KAAK,CAAC,2BAA2B,GAAG,eAAe,KAAK,KAAK,GAAG,EAAE,CAAC,CAAC;YACzE,OAAO,GAAG,CAAC;QACb,CAAC;KAAA;IAEM,MAAM,CAAC,kBAAkB,CAAC,IAAY;QAC3C,IAAI,uBAA2C,CAAC;QAChD,IAAI,+BAAmD,CAAC;QACxD,IAAI,aAA2C,CAAC;QAChD,IAAI,MAA6C,CAAC;QAElD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjD,SAAS;YACX,CAAC;YAED,8DAA8D;YAC9D,IAAI,GAAQ,CAAC;YACb,IAAI,CAAC;gBACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;YAAC,WAAM,CAAC;gBACP,SAAS;YACX,CAAC;YAED,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9D,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YACtB,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAC,uBAAuB,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChG,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,8BAAqB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAChF,uBAAuB,GAAG,EAAE,CAAC,MAAM,CAAC;gBACtC,CAAC;qBAAM,IAAI,CAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,YAAY,MAAK,mCAAuB,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACzF,+BAA+B,GAAG,EAAE,CAAC,MAAM,CAAC;gBAC9C,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,aAAa,IAAI,GAAG,IAAI,GAAG,CAAC,SAAS,KAAK,8BAAqB,EAAE,CAAC;gBACrE,aAAa,GAAG,GAAuB,CAAC;YAC1C,CAAC;YAED,IAAI,aAAa,IAAI,CAAC,uBAAuB,IAAI,+BAA+B,CAAC,EAAE,CAAC;gBAClF,MAAM,GAAG,SAAS,CAAC,CAAC,2DAA2D;gBAC/E,MAAM;YACR,CAAC;QACH,CAAC;QAED,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,uBAAuB,EAAE,uBAAuB,IAAI,+BAA+B;YACnF,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AArHD,wBAqHC"}
package/lib/sigstore/sigstore.d.ts CHANGED
@@ -25,9 +25,11 @@ export declare class Sigstore {
25
25
  private readonly imageTools;
26
26
  constructor(opts?: SigstoreOpts);
27
27
  signAttestationManifests(opts: SignAttestationManifestsOpts): Promise<Record<string, SignAttestationManifestsResult>>;
28
- verifySignedManifests(opts: VerifySignedManifestsOpts, signed: Record<string, SignAttestationManifestsResult>): Promise<Record<string, VerifySignedManifestsResult>>;
28
+ verifySignedManifests(signedManifestsResult: Record<string, SignAttestationManifestsResult>, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
29
+ verifyImageAttestations(image: string, opts: VerifySignedManifestsOpts): Promise<Record<string, VerifySignedManifestsResult>>;
30
+ verifyImageAttestation(attestationRef: string, opts: VerifySignedManifestsOpts): Promise<VerifySignedManifestsResult>;
29
31
  signProvenanceBlobs(opts: SignProvenanceBlobsOpts): Promise<Record<string, SignProvenanceBlobsResult>>;
30
- verifySignedArtifacts(opts: VerifySignedArtifactsOpts, signed: Record<string, SignProvenanceBlobsResult>): Promise<Record<string, VerifySignedArtifactsResult>>;
32
+ verifySignedArtifacts(signedArtifactsResult: Record<string, SignProvenanceBlobsResult>, opts: VerifySignedArtifactsOpts): Promise<Record<string, VerifySignedArtifactsResult>>;
31
33
  private signingEndpoints;
32
34
  private static noTransparencyLog;
33
35
  private static getProvenanceBlobs;
package/lib/sigstore/sigstore.js CHANGED
@@ -96,6 +96,7 @@ class Sigstore {
96
96
  for (const attestationDigest of attestationDigests) {
97
97
  const attestationRef = `${imageName}@${attestationDigest}`;
98
98
  yield core.group(`Signing attestation manifest ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
99
+ var _a;
99
100
  // prettier-ignore
100
101
  const cosignArgs = [
101
102
  'sign',
@@ -123,7 +124,8 @@ class Sigstore {
123
124
  throw new Error(`Cosign sign command failed with errors:\n${errorMessages}`);
124
125
  }
125
126
  else {
126
- throw new Error(`Cosign sign command failed with exit code ${execRes.exitCode}`);
127
+ // prettier-ignore
128
+ throw new Error(`Cosign sign command failed with: ${(_a = execRes.stderr.trim().split(/\r?\n/).filter(line => line.length > 0).pop()) !== null && _a !== void 0 ? _a : 'unknown error'}`);
127
129
  }
128
130
  }
129
131
  const parsedBundle = Sigstore.parseBundle((0, bundle_1.bundleFromJSON)(signResult.bundle));
@@ -142,71 +144,95 @@ class Sigstore {
142
144
  return result;
143
145
  });
144
146
  }
145
- verifySignedManifests(opts, signed) {
147
+ verifySignedManifests(signedManifestsResult, opts) {
146
148
  return __awaiter(this, void 0, void 0, function* () {
147
- var _a;
148
149
  const result = {};
150
+ for (const [attestationRef, signedRes] of Object.entries(signedManifestsResult)) {
151
+ yield core.group(`Verifying signature of ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
152
+ const verifyResult = yield this.verifyImageAttestation(attestationRef, {
153
+ noTransparencyLog: opts.noTransparencyLog || !signedRes.tlogID,
154
+ certificateIdentityRegexp: opts.certificateIdentityRegexp,
155
+ retries: opts.retries
156
+ });
157
+ core.info(`Signature manifest verified: https://oci.dag.dev/?image=${signedRes.imageName}@${verifyResult.signatureManifestDigest}`);
158
+ result[attestationRef] = verifyResult;
159
+ }));
160
+ }
161
+ return result;
162
+ });
163
+ }
164
+ verifyImageAttestations(image, opts) {
165
+ return __awaiter(this, void 0, void 0, function* () {
166
+ const result = {};
167
+ const attestationDigests = yield this.imageTools.attestationDigests(image);
168
+ if (attestationDigests.length === 0) {
169
+ throw new Error(`No attestation manifests found for ${image}`);
170
+ }
171
+ const imageName = image.split(':', 1)[0];
172
+ for (const attestationDigest of attestationDigests) {
173
+ const attestationRef = `${imageName}@${attestationDigest}`;
174
+ const verifyResult = yield this.verifyImageAttestation(attestationRef, opts);
175
+ core.info(`Signature manifest verified: https://oci.dag.dev/?image=${imageName}@${verifyResult.signatureManifestDigest}`);
176
+ result[attestationRef] = verifyResult;
177
+ }
178
+ return result;
179
+ });
180
+ }
181
+ verifyImageAttestation(attestationRef, opts) {
182
+ return __awaiter(this, void 0, void 0, function* () {
183
+ var _a, _b;
149
184
  const retries = (_a = opts.retries) !== null && _a !== void 0 ? _a : 15;
150
185
  if (!(yield this.cosign.isAvailable())) {
151
186
  throw new Error('Cosign is required to verify signed manifests');
152
187
  }
188
+ // prettier-ignore
189
+ const cosignArgs = [
190
+ 'verify',
191
+ '--experimental-oci11',
192
+ '--new-bundle-format',
193
+ '--certificate-oidc-issuer', 'https://token.actions.githubusercontent.com',
194
+ '--certificate-identity-regexp', opts.certificateIdentityRegexp
195
+ ];
196
+ if (opts.noTransparencyLog) {
197
+ // skip tlog verification but still verify the signed timestamp
198
+ cosignArgs.push('--use-signed-timestamps', '--insecure-ignore-tlog');
199
+ }
153
200
  let lastError;
154
- for (const [attestationRef, signedRes] of Object.entries(signed)) {
155
- yield core.group(`Verifying signature of ${attestationRef}`, () => __awaiter(this, void 0, void 0, function* () {
156
- // prettier-ignore
157
- const cosignArgs = [
158
- 'verify',
159
- '--experimental-oci11',
160
- '--new-bundle-format',
161
- '--certificate-oidc-issuer', 'https://token.actions.githubusercontent.com',
162
- '--certificate-identity-regexp', opts.certificateIdentityRegexp
163
- ];
164
- if (!signedRes.tlogID) {
165
- // skip tlog verification but still verify the signed timestamp
166
- cosignArgs.push('--use-signed-timestamps', '--insecure-ignore-tlog');
167
- }
168
- core.info(`[command]cosign ${[...cosignArgs, attestationRef].join(' ')}`);
169
- for (let attempt = 0; attempt < retries; attempt++) {
170
- const execRes = yield exec_1.Exec.getExecOutput('cosign', ['--verbose', ...cosignArgs, attestationRef], {
171
- ignoreReturnCode: true,
172
- silent: true,
173
- env: Object.assign({}, process.env, {
174
- COSIGN_EXPERIMENTAL: '1'
175
- })
176
- });
177
- const verifyResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
178
- if (execRes.exitCode === 0) {
179
- result[attestationRef] = {
180
- cosignArgs: cosignArgs,
181
- signatureManifestDigest: verifyResult.signatureManifestDigest
182
- };
183
- lastError = undefined;
184
- core.info(`Signature manifest verified: https://oci.dag.dev/?image=${signedRes.imageName}@${verifyResult.signatureManifestDigest}`);
185
- break;
201
+ core.info(`[command]cosign ${[...cosignArgs, attestationRef].join(' ')}`);
202
+ for (let attempt = 0; attempt < retries; attempt++) {
203
+ const execRes = yield exec_1.Exec.getExecOutput('cosign', ['--verbose', ...cosignArgs, attestationRef], {
204
+ ignoreReturnCode: true,
205
+ silent: true,
206
+ env: Object.assign({}, process.env, {
207
+ COSIGN_EXPERIMENTAL: '1'
208
+ })
209
+ });
210
+ const verifyResult = cosign_1.Cosign.parseCommandOutput(execRes.stderr.trim());
211
+ if (execRes.exitCode === 0) {
212
+ return {
213
+ cosignArgs: cosignArgs,
214
+ signatureManifestDigest: verifyResult.signatureManifestDigest
215
+ };
216
+ }
217
+ else {
218
+ if (verifyResult.errors && verifyResult.errors.length > 0) {
219
+ const errorMessages = verifyResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
220
+ lastError = new Error(`Cosign verify command failed with errors:\n${errorMessages}`);
221
+ if (verifyResult.errors.some(e => e.code === 'MANIFEST_UNKNOWN')) {
222
+ core.info(`Cosign verify command failed with MANIFEST_UNKNOWN, retrying attempt ${attempt + 1}/${retries}...\n${errorMessages}`);
223
+ yield new Promise(res => setTimeout(res, Math.pow(2, attempt) * 100));
186
224
  }
187
225
  else {
188
- if (verifyResult.errors && verifyResult.errors.length > 0) {
189
- const errorMessages = verifyResult.errors.map(e => `- [${e.code}] ${e.message} : ${e.detail}`).join('\n');
190
- lastError = new Error(`Cosign verify command failed with errors:\n${errorMessages}`);
191
- if (verifyResult.errors.some(e => e.code === 'MANIFEST_UNKNOWN')) {
192
- core.info(`Cosign verify command failed with MANIFEST_UNKNOWN, retrying attempt ${attempt + 1}/${retries}...\n${errorMessages}`);
193
- yield new Promise(res => setTimeout(res, Math.pow(2, attempt) * 100));
194
- }
195
- else {
196
- throw lastError;
197
- }
198
- }
199
- else {
200
- throw new Error(`Cosign verify command failed: ${execRes.stderr}`);
201
- }
226
+ throw lastError;
202
227
  }
203
228
  }
204
- }));
205
- }
206
- if (lastError) {
207
- throw lastError;
229
+ else {
230
+ // prettier-ignore
231
+ throw new Error(`Cosign verify command failed with: ${(_b = execRes.stderr.trim().split(/\r?\n/).filter(line => line.length > 0).pop()) !== null && _b !== void 0 ? _b : 'unknown error'}`);
232
+ }
233
+ }
208
234
  }
209
- return result;
235
+ throw lastError;
210
236
  });
211
237
  }
212
238
  signProvenanceBlobs(opts) {
@@ -256,13 +282,13 @@ class Sigstore {
256
282
  return result;
257
283
  });
258
284
  }
259
- verifySignedArtifacts(opts, signed) {
285
+ verifySignedArtifacts(signedArtifactsResult, opts) {
260
286
  return __awaiter(this, void 0, void 0, function* () {
261
287
  const result = {};
262
288
  if (!(yield this.cosign.isAvailable())) {
263
289
  throw new Error('Cosign is required to verify signed artifacts');
264
290
  }
265
- for (const [provenancePath, signedRes] of Object.entries(signed)) {
291
+ for (const [provenancePath, signedRes] of Object.entries(signedArtifactsResult)) {
266
292
  const baseDir = path_1.default.dirname(provenancePath);
267
293
  yield core.group(`Verifying signature bundle ${signedRes.bundlePath}`, () => __awaiter(this, void 0, void 0, function* () {
268
294
  for (const subject of signedRes.subjects) {
@@ -275,7 +301,7 @@ class Sigstore {
275
301
  '--certificate-oidc-issuer', 'https://token.actions.githubusercontent.com',
276
302
  '--certificate-identity-regexp', opts.certificateIdentityRegexp
277
303
  ];
278
- if (!signedRes.tlogID) {
304
+ if (opts.noTransparencyLog || !signedRes.tlogID) {
279
305
  // if there is no tlog entry, we skip tlog verification but still verify the signed timestamp
280
306
  cosignArgs.push('--use-signed-timestamps', '--insecure-ignore-tlog');
281
307
  }
package/lib/sigstore/sigstore.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAExB,oDAAsC;AACtC,6CAA8D;AAC9D,yCAAuI;AAEvI,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAeoC;AAOpC,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACxG,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;wBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;4BAC5E,kBAAkB;4BAClB,MAAM,UAAU,GAAG;gCACnB,MAAM;gCACN,OAAO;gCACP,iBAAiB,EAAE,gBAAgB;gCACnC,2BAA2B,EAAE,SAAS;gCACtC,qBAAqB;gCACrB,sBAAsB;6BACvB,CAAC;4BACA,IAAI,iBAAiB,EAAE,CAAC;gCACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;4BACzC,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;gCAC/F,gBAAgB,EAAE,IAAI;gCACtB,MAAM,EAAE,IAAI;gCACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;oCAClC,mBAAmB,EAAE,GAAG;iCACzB,CAEA;6BACF,CAAC,CAAC;4BACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;4BACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;gCAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;gCAC/E,CAAC;qCAAM,CAAC;oCACN,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gCACnF,CAAC;4BACH,CAAC;4BACD,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;4BAC7E,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gCACxB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;4BACjG,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;4BACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,YAAY,KACf,SAAS,EAAE,SAAS,GACrB,CAAC;wBACJ,CAAC,CAAA,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAsD;;;YACxH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,kBAAkB;oBAClB,MAAM,UAAU,GAAG;wBACjB,QAAQ;wBACR,sBAAsB;wBACtB,qBAAqB;wBACrB,2BAA2B,EAAE,6CAA6C;wBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;qBAChE,CAAC;oBACF,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;wBACtB,+DAA+D;wBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;oBACvE,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;oBAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;wBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;4BAC/F,gBAAgB,EAAE,IAAI;4BACtB,MAAM,EAAE,IAAI;4BACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;gCAClC,mBAAmB,EAAE,GAAG;6BACzB,CAA4B;yBAC9B,CAAC,CAAC;wBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;wBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;4BAC3B,MAAM,CAAC,cAAc,CAAC,GAAG;gCACvB,UAAU,EAAE,UAAU;gCACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;6BAC/D,CAAC;4BACF,SAAS,GAAG,SAAS,CAAC;4BACtB,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;4BACpI,MAAM;wBACR,CAAC;6BAAM,CAAC;4BACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gCAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;gCACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;oCACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;oCACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;gCACxE,CAAC;qCAAM,CAAC;oCACN,MAAM,SAAS,CAAC;gCAClB,CAAC;4BACH,CAAC;iCAAM,CAAC;gCACN,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;4BACrE,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,SAAS,CAAC;YAClB,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CACvC;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBAClD,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;4BACxB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;wBACvH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BAC1E,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,YAAY,KACf,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,IAA+B,EAAE,MAAiD;;YACnH,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BACtB,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,MAAM,CAAO,WAAW,CAAC,QAAkB,EAAE,SAAoB,EAAE,OAAgB,EAAE,OAAgB;;YAC3G,MAAM,SAAS,GAAc,EAAE,CAAC;YAEhC,MAAM,MAAM,GAAG,IAAI,mBAAY,CAAC;gBAC9B,gBAAgB,EAAE,IAAI,wBAAiB,CAAC,UAAU,CAAC;gBACnD,aAAa,EAAE,SAAS,CAAC,SAAS;gBAClC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CACZ,IAAI,mBAAY,CAAC;oBACf,YAAY,EAAE,SAAS,CAAC,QAAQ;oBAChC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,IAAI,CACZ,IAAI,iBAAU,CAAC;oBACb,UAAU,EAAE,SAAS,CAAC,YAAY;oBAClC,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,wBAAiB,CAAC,EAAC,MAAM,EAAE,SAAS,EAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,MAAc;QACvC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,OAAO,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AAlVD,4BAkVC"}
1
+ {"version":3,"file":"sigstore.js","sourceRoot":"","sources":["../../src/sigstore/sigstore.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAuC;AACvC,4CAAoB;AACpB,gDAAwB;AAExB,oDAAsC;AACtC,6CAA8D;AAC9D,yCAAuI;AAEvI,6CAAwC;AACxC,kCAA6B;AAC7B,sCAAiC;AACjC,qDAAgD;AAEhD,mDAA8F;AAC9F,yDAeoC;AAOpC,MAAa,QAAQ;IAInB,YAAY,IAAmB;QAC7B,IAAI,CAAC,MAAM,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,KAAI,IAAI,eAAM,EAAE,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU,KAAI,IAAI,uBAAU,EAAE,CAAC;IACzD,CAAC;IAEY,wBAAwB,CAAC,IAAkC;;YACtE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,MAAM,GAAmD,EAAE,CAAC;YAClE,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBACrE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAE7E,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBACxC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACxG,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;wBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,gCAAgC,cAAc,EAAE,EAAE,GAAS,EAAE;;4BAC5E,kBAAkB;4BAClB,MAAM,UAAU,GAAG;gCACjB,MAAM;gCACN,OAAO;gCACP,iBAAiB,EAAE,gBAAgB;gCACnC,2BAA2B,EAAE,SAAS;gCACtC,qBAAqB;gCACrB,sBAAsB;6BACvB,CAAC;4BACF,IAAI,iBAAiB,EAAE,CAAC;gCACtB,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;4BACzC,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;4BAC1E,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;gCAC/F,gBAAgB,EAAE,IAAI;gCACtB,MAAM,EAAE,IAAI;gCACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;oCAClC,mBAAmB,EAAE,GAAG;iCACzB,CAEA;6BACF,CAAC,CAAC;4BACH,MAAM,UAAU,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;4BACpE,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;gCAC1B,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oCACtD,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACxG,MAAM,IAAI,KAAK,CAAC,4CAA4C,aAAa,EAAE,CAAC,CAAC;gCAC/E,CAAC;qCAAM,CAAC;oCACN,kBAAkB;oCAClB,MAAM,IAAI,KAAK,CAAC,oCAAoC,MAAA,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,mCAAI,eAAe,EAAE,CAAC,CAAC;gCACvJ,CAAC;4BACH,CAAC;4BACD,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAA,uBAAc,EAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;4BAC7E,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gCACxB,IAAI,CAAC,IAAI,CAAC,uCAAuC,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;4BACjG,CAAC;4BACD,IAAI,CAAC,IAAI,CAAC,6DAA6D,cAAc,EAAE,CAAC,CAAC;4BACzF,MAAM,CAAC,cAAc,CAAC,mCACjB,YAAY,KACf,SAAS,EAAE,SAAS,GACrB,CAAC;wBACJ,CAAC,CAAA,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAmD,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9F,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,qBAAqE,EAAE,IAA+B;;YACvI,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAChF,MAAM,IAAI,CAAC,KAAK,CAAC,0BAA0B,cAAc,EAAE,EAAE,GAAS,EAAE;oBACtE,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE;wBACrE,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,MAAM;wBAC9D,yBAAyB,EAAE,IAAI,CAAC,yBAAyB;wBACzD,OAAO,EAAE,IAAI,CAAC,OAAO;qBACtB,CAAC,CAAC;oBACH,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,CAAC,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;oBACpI,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC;gBACxC,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,uBAAuB,CAAC,KAAa,EAAE,IAA+B;;YACjF,MAAM,MAAM,GAAgD,EAAE,CAAC;YAE/D,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC3E,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;gBACnD,MAAM,cAAc,GAAG,GAAG,SAAS,IAAI,iBAAiB,EAAE,CAAC;gBAC3D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;gBAC7E,IAAI,CAAC,IAAI,CAAC,2DAA2D,SAAS,IAAI,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC;gBAC1H,MAAM,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC;YACxC,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,sBAAsB,CAAC,cAAsB,EAAE,IAA+B;;;YACzF,MAAM,OAAO,GAAG,MAAA,IAAI,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,kBAAkB;YAClB,MAAM,UAAU,GAAG;gBACjB,QAAQ;gBACR,sBAAsB;gBACtB,qBAAqB;gBACrB,2BAA2B,EAAE,6CAA6C;gBAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;aAChE,CAAC;YACF,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC3B,+DAA+D;gBAC/D,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;YACvE,CAAC;YAED,IAAI,SAA4B,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,UAAU,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;gBACnD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,GAAG,UAAU,EAAE,cAAc,CAAC,EAAE;oBAC/F,gBAAgB,EAAE,IAAI;oBACtB,MAAM,EAAE,IAAI;oBACZ,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,GAAG,EAAE;wBAClC,mBAAmB,EAAE,GAAG;qBACzB,CAA4B;iBAC9B,CAAC,CAAC;gBACH,MAAM,YAAY,GAAG,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBACtE,IAAI,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;oBAC3B,OAAO;wBACL,UAAU,EAAE,UAAU;wBACtB,uBAAuB,EAAE,YAAY,CAAC,uBAAwB;qBAC/D,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,IAAI,YAAY,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC1D,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1G,SAAS,GAAG,IAAI,KAAK,CAAC,8CAA8C,aAAa,EAAE,CAAC,CAAC;wBACrF,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,CAAC;4BACjE,IAAI,CAAC,IAAI,CAAC,wEAAwE,OAAO,GAAG,CAAC,IAAI,OAAO,QAAQ,aAAa,EAAE,CAAC,CAAC;4BACjI,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;wBACxE,CAAC;6BAAM,CAAC;4BACN,MAAM,SAAS,CAAC;wBAClB,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,kBAAkB;wBAClB,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAA,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,mCAAI,eAAe,EAAE,CAAC,CAAC;oBACzJ,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,SAAS,CAAC;QAClB,CAAC;KAAA;IAEY,mBAAmB,CAAC,IAA6B;;YAC5D,MAAM,MAAM,GAA8C,EAAE,CAAC;YAC7D,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;oBAC9C,MAAM,IAAI,KAAK,CAAC,4FAA4F,CAAC,CAAC;gBAChH,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBAChE,IAAI,CAAC,IAAI,CAAC,oCAAoC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;gBAErE,MAAM,eAAe,GAAG,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1D,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;oBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,EAAE,GAAS,EAAE;;wBAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBAChC,MAAM,UAAU,GAAG,cAAI,CAAC,IAAI,CAAC,cAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAA,IAAI,CAAC,IAAI,mCAAI,YAAY,gBAAgB,CAAC,CAAC;wBAC5F,MAAM,QAAQ,GAAG,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC1B,IAAI,CAAC,OAAO,CAAC,mCAAmC,CAAC,iBAAiB,CAAC,CAAC;4BACpE,OAAO;wBACT,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CACvC;4BACE,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,0BAAwB;yBAC/B,EACD,SAAS,CACV,CAAC;wBACF,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBAClD,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;wBACzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;4BAC/B,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;4BACzE,IAAI,CAAC,IAAI,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,WAAW,GAAG,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;4BACxB,IAAI,CAAC,IAAI,CAAC,6DAA6D,qBAAU,aAAa,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;wBACvH,CAAC;wBACD,IAAI,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;wBACvD,YAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;4BAC1E,QAAQ,EAAE,OAAO;yBAClB,CAAC,CAAC;wBACH,MAAM,CAAC,CAAC,CAAC,mCACJ,YAAY,KACf,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,GACnB,CAAC;oBACJ,CAAC,CAAA,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6CAA8C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACzF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEY,qBAAqB,CAAC,qBAAgE,EAAE,IAA+B;;YAClI,MAAM,MAAM,GAAgD,EAAE,CAAC;YAC/D,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAChF,MAAM,OAAO,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,KAAK,CAAC,8BAA8B,SAAS,CAAC,UAAU,EAAE,EAAE,GAAS,EAAE;oBAChF,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;wBACzC,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;wBACtD,IAAI,CAAC,IAAI,CAAC,6BAA6B,YAAY,EAAE,CAAC,CAAC;wBACvD,kBAAkB;wBAClB,MAAM,UAAU,GAAG;4BACjB,yBAAyB;4BACzB,qBAAqB;4BACrB,2BAA2B,EAAE,6CAA6C;4BAC1E,+BAA+B,EAAE,IAAI,CAAC,yBAAyB;yBAChE,CAAA;wBACD,IAAI,IAAI,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;4BAChD,6FAA6F;4BAC7F,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;wBACvE,CAAC;wBACD,MAAM,OAAO,GAAG,MAAM,WAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC,GAAG,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE;4BAClH,gBAAgB,EAAE,IAAI;yBACvB,CAAC,CAAC;wBACH,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC;4BACvD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClC,CAAC;wBACD,MAAM,CAAC,YAAY,CAAC,GAAG;4BACrB,UAAU,EAAE,SAAS,CAAC,UAAU;4BAChC,UAAU,EAAE,UAAU;yBACvB,CAAC;oBACJ,CAAC;gBACH,CAAC,CAAA,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEO,gBAAgB,CAAC,iBAA2B;QAClD,iBAAiB,GAAG,QAAQ,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,+BAA+B,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACvF,OAAO;YACL,SAAS,EAAE,qBAAU;YACrB,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAS;YACnD,YAAY,EAAE,wBAAa;SAC5B,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,iBAAiB,CAAC,iBAA2B;;QAC1D,OAAO,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,MAAA,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,0CAAE,OAAO,CAAC;IACzE,CAAC;IAEO,MAAM,CAAC,kBAAkB,CAAC,IAA6B;QAC7D,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;QAC3E,IAAI,YAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,OAAO,EAAC,CAAC,gBAAgB,CAAC,EAAE,YAAE,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAC,CAAC;QACjE,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,EAAE,EAAC,aAAa,EAAE,IAAI,EAAC,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9M,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACjF,MAAM,CAAC,CAAC,CAAC,GAAG,YAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC9E,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAY;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAE3C,CAAC;QACF,OAAO,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,MAAM,CAAO,WAAW,CAAC,QAAkB,EAAE,SAAoB,EAAE,OAAgB,EAAE,OAAgB;;YAC3G,MAAM,SAAS,GAAc,EAAE,CAAC;YAEhC,MAAM,MAAM,GAAG,IAAI,mBAAY,CAAC;gBAC9B,gBAAgB,EAAE,IAAI,wBAAiB,CAAC,UAAU,CAAC;gBACnD,aAAa,EAAE,SAAS,CAAC,SAAS;gBAClC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CACZ,IAAI,mBAAY,CAAC;oBACf,YAAY,EAAE,SAAS,CAAC,QAAQ;oBAChC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,IAAI,CACZ,IAAI,iBAAU,CAAC;oBACb,UAAU,EAAE,SAAS,CAAC,YAAY;oBAClC,OAAO,EAAE,OAAO;oBAChB,KAAK,EAAE,OAAO;iBACf,CAAC,CACH,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,wBAAiB,CAAC,EAAC,MAAM,EAAE,SAAS,EAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC;KAAA;IAEO,MAAM,CAAC,WAAW,CAAC,MAAc;QACvC,IAAI,SAAiB,CAAC;QACtB,QAAQ,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YAClD,KAAK,sBAAsB;gBACzB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;gBAC9F,MAAM;YACR,KAAK,aAAa;gBAChB,SAAS,GAAG,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC;gBACrE,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,wBAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC;QAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,OAAO;YACL,OAAO,EAAE,IAAA,qBAAY,EAAC,MAAM,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,QAAQ,EAAE;YACnC,MAAM,EAAE,MAAM;SACf,CAAC;IACJ,CAAC;CACF;AA7WD,4BA6WC"}
package/lib/types/sigstore/sigstore.d.ts CHANGED
@@ -39,6 +39,7 @@ export interface SignAttestationManifestsResult extends ParsedBundle {
39
39
  }
40
40
  export interface VerifySignedManifestsOpts {
41
41
  certificateIdentityRegexp: string;
42
+ noTransparencyLog?: boolean;
42
43
  retries?: number;
43
44
  }
44
45
  export interface VerifySignedManifestsResult {
@@ -56,6 +57,7 @@ export interface SignProvenanceBlobsResult extends ParsedBundle {
56
57
  }
57
58
  export interface VerifySignedArtifactsOpts {
58
59
  certificateIdentityRegexp: string;
60
+ noTransparencyLog?: boolean;
59
61
  }
60
62
  export interface VerifySignedArtifactsResult {
61
63
  bundlePath: string;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@docker/actions-toolkit",
3
- "version": "0.72.0",
3
+ "version": "0.73.0",
4
4
  "description": "Toolkit for Docker (GitHub) Actions",
5
5
  "scripts": {
6
6
  "build": "tsc",
@@ -45,14 +45,14 @@
45
45
  "registry": "https://registry.npmjs.org/"
46
46
  },
47
47
  "dependencies": {
48
- "@actions/artifact": "^5.0.1",
49
- "@actions/cache": "^5.0.1",
50
- "@actions/core": "^2.0.1",
48
+ "@actions/artifact": "^5.0.2",
49
+ "@actions/cache": "^5.0.2",
50
+ "@actions/core": "^2.0.2",
51
51
  "@actions/exec": "^2.0.0",
52
- "@actions/github": "^6.0.1",
53
- "@actions/http-client": "^3.0.0",
52
+ "@actions/github": "^7.0.0",
53
+ "@actions/http-client": "^3.0.1",
54
54
  "@actions/io": "^2.0.0",
55
- "@actions/tool-cache": "^2.0.2",
55
+ "@actions/tool-cache": "^3.0.0",
56
56
  "@azure/storage-blob": "^12.29.1",
57
57
  "@octokit/core": "^5.2.2",
58
58
  "@octokit/plugin-rest-endpoint-methods": "^10.4.1",