@sigstore/bundle
Advanced tools
Comparing version 2.2.0 to 2.3.0
@@ -6,2 +6,3 @@ /// <reference types="node" /> | ||
keyHint?: string; | ||
singleCertificate?: boolean; | ||
}; | ||
@@ -8,0 +9,0 @@ type MessageSignatureBundleOptions = { |
@@ -24,3 +24,5 @@ "use strict"; | ||
return { | ||
mediaType: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
mediaType: options.singleCertificate | ||
? bundle_1.BUNDLE_V03_MEDIA_TYPE | ||
: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
content: { | ||
@@ -43,3 +45,5 @@ $case: 'messageSignature', | ||
return { | ||
mediaType: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
mediaType: options.singleCertificate | ||
? bundle_1.BUNDLE_V03_MEDIA_TYPE | ||
: bundle_1.BUNDLE_V02_MEDIA_TYPE, | ||
content: { | ||
@@ -76,8 +80,16 @@ $case: 'dsseEnvelope', | ||
if (options.certificate) { | ||
return { | ||
$case: 'x509CertificateChain', | ||
x509CertificateChain: { | ||
certificates: [{ rawBytes: options.certificate }], | ||
}, | ||
}; | ||
if (options.singleCertificate) { | ||
return { | ||
$case: 'certificate', | ||
certificate: { rawBytes: options.certificate }, | ||
}; | ||
} | ||
else { | ||
return { | ||
$case: 'x509CertificateChain', | ||
x509CertificateChain: { | ||
certificates: [{ rawBytes: options.certificate }], | ||
}, | ||
}; | ||
} | ||
} | ||
@@ -84,0 +96,0 @@ else { |
@@ -5,3 +5,4 @@ import type { Bundle as ProtoBundle, InclusionProof as ProtoInclusionProof, MessageSignature as ProtoMessageSignature, TransparencyLogEntry as ProtoTransparencyLogEntry, VerificationMaterial as ProtoVerificationMaterial } from '@sigstore/protobuf-specs'; | ||
export declare const BUNDLE_V02_MEDIA_TYPE = "application/vnd.dev.sigstore.bundle+json;version=0.2"; | ||
export declare const BUNDLE_V03_MEDIA_TYPE = "application/vnd.dev.sigstore.bundle+json;version=0.3"; | ||
export declare const BUNDLE_V03_LEGACY_MEDIA_TYPE = "application/vnd.dev.sigstore.bundle+json;version=0.3"; | ||
export declare const BUNDLE_V03_MEDIA_TYPE = "application/vnd.dev.sigstore.bundle.v0.3+json"; | ||
type DsseEnvelopeContent = Extract<ProtoBundle['content'], { | ||
@@ -46,2 +47,9 @@ $case: 'dsseEnvelope'; | ||
}; | ||
export type BundleWithSingleCertificate = Bundle & { | ||
verificationMaterial: Bundle['verificationMaterial'] & { | ||
content: Extract<VerificationMaterial['content'], { | ||
$case: 'certificate'; | ||
}>; | ||
}; | ||
}; | ||
export type BundleWithPublicKey = Bundle & { | ||
@@ -48,0 +56,0 @@ verificationMaterial: Bundle['verificationMaterial'] & { |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0; | ||
exports.isBundleWithDsseEnvelope = exports.isBundleWithMessageSignature = exports.isBundleWithPublicKey = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = void 0; | ||
exports.BUNDLE_V01_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.1'; | ||
exports.BUNDLE_V02_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.2'; | ||
exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3'; | ||
exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle+json;version=0.3'; | ||
exports.BUNDLE_V03_MEDIA_TYPE = 'application/vnd.dev.sigstore.bundle.v0.3+json'; | ||
// Type guards for bundle variants. | ||
@@ -8,0 +9,0 @@ function isBundleWithCertificateChain(b) { |
export { toDSSEBundle, toMessageSignatureBundle } from './build'; | ||
export { BUNDLE_V01_MEDIA_TYPE, BUNDLE_V02_MEDIA_TYPE, BUNDLE_V03_MEDIA_TYPE, isBundleWithCertificateChain, isBundleWithDsseEnvelope, isBundleWithMessageSignature, isBundleWithPublicKey, } from './bundle'; | ||
export { BUNDLE_V01_MEDIA_TYPE, BUNDLE_V02_MEDIA_TYPE, BUNDLE_V03_LEGACY_MEDIA_TYPE, BUNDLE_V03_MEDIA_TYPE, isBundleWithCertificateChain, isBundleWithDsseEnvelope, isBundleWithMessageSignature, isBundleWithPublicKey, } from './bundle'; | ||
export { ValidationError } from './error'; | ||
@@ -7,3 +7,3 @@ export { bundleFromJSON, bundleToJSON, envelopeFromJSON, envelopeToJSON, } from './serialized'; | ||
export type { Envelope, PublicKeyIdentifier, RFC3161SignedTimestamp, Signature, TimestampVerificationData, X509Certificate, X509CertificateChain, } from '@sigstore/protobuf-specs'; | ||
export type { Bundle, BundleLatest, BundleV01, BundleWithCertificateChain, BundleWithDsseEnvelope, BundleWithMessageSignature, BundleWithPublicKey, InclusionProof, MessageSignature, TLogEntryWithInclusionPromise, TLogEntryWithInclusionProof, TransparencyLogEntry, VerificationMaterial, } from './bundle'; | ||
export type { Bundle, BundleLatest, BundleV01, BundleWithCertificateChain, BundleWithDsseEnvelope, BundleWithMessageSignature, BundleWithPublicKey, BundleWithSingleCertificate, InclusionProof, MessageSignature, TLogEntryWithInclusionPromise, TLogEntryWithInclusionProof, TransparencyLogEntry, VerificationMaterial, } from './bundle'; | ||
export type { SerializedBundle, SerializedEnvelope } from './serialized'; |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.isBundleV01 = exports.assertBundleV02 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0; | ||
exports.isBundleV01 = exports.assertBundleV02 = exports.assertBundleV01 = exports.assertBundleLatest = exports.assertBundle = exports.envelopeToJSON = exports.envelopeFromJSON = exports.bundleToJSON = exports.bundleFromJSON = exports.ValidationError = exports.isBundleWithPublicKey = exports.isBundleWithMessageSignature = exports.isBundleWithDsseEnvelope = exports.isBundleWithCertificateChain = exports.BUNDLE_V03_MEDIA_TYPE = exports.BUNDLE_V03_LEGACY_MEDIA_TYPE = exports.BUNDLE_V02_MEDIA_TYPE = exports.BUNDLE_V01_MEDIA_TYPE = exports.toMessageSignatureBundle = exports.toDSSEBundle = void 0; | ||
/* | ||
@@ -25,2 +25,3 @@ Copyright 2023 The Sigstore Authors. | ||
Object.defineProperty(exports, "BUNDLE_V02_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V02_MEDIA_TYPE; } }); | ||
Object.defineProperty(exports, "BUNDLE_V03_LEGACY_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V03_LEGACY_MEDIA_TYPE; } }); | ||
Object.defineProperty(exports, "BUNDLE_V03_MEDIA_TYPE", { enumerable: true, get: function () { return bundle_1.BUNDLE_V03_MEDIA_TYPE; } }); | ||
@@ -27,0 +28,0 @@ Object.defineProperty(exports, "isBundleWithCertificateChain", { enumerable: true, get: function () { return bundle_1.isBundleWithCertificateChain; } }); |
@@ -77,3 +77,4 @@ "use strict"; | ||
if (b.mediaType === undefined || | ||
!b.mediaType.startsWith('application/vnd.dev.sigstore.bundle+json;version=')) { | ||
(!b.mediaType.match(/^application\/vnd\.dev\.sigstore\.bundle\+json;version=\d\.\d/) && | ||
!b.mediaType.match(/^application\/vnd\.dev\.sigstore\.bundle\.v\d\.\d+json/))) { | ||
invalidValues.push('mediaType'); | ||
@@ -80,0 +81,0 @@ } |
{ | ||
"name": "@sigstore/bundle", | ||
"version": "2.2.0", | ||
"version": "2.3.0", | ||
"description": "Sigstore bundle type", | ||
@@ -30,3 +30,3 @@ "main": "dist/index.js", | ||
"dependencies": { | ||
"@sigstore/protobuf-specs": "^0.3.0" | ||
"@sigstore/protobuf-specs": "^0.3.1" | ||
}, | ||
@@ -33,0 +33,0 @@ "engines": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
40797
632