We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Description
@bdehamer recently added a trusted_root.json (https://github.com/sigstore/root-signing/blob/main/targets/trusted_root.json) that includes all trusted targets along with their metadata (like log ID).
The functions GetRoots(), GetIntermediates() and GetRekorPubs() should all be migrated to using this target file.
GetRoots()
GetIntermediates()
GetRekorPubs()
This does not require an API change!
Unfortunately, I cannot do this, but filing this issue because eventually clients should be relying on this target, and not in the individual files.
@znewman01 for sigstore-go tracking
cc @jku @haydentherapper
The text was updated successfully, but these errors were encountered:
We should also use the newly added expiration information and stop relying on the usage metadata for active vs expired.
Sorry, something went wrong.
No branches or pull requests
Description
@bdehamer recently added a trusted_root.json (https://github.com/sigstore/root-signing/blob/main/targets/trusted_root.json) that includes all trusted targets along with their metadata (like log ID).
The functions
GetRoots()
,GetIntermediates()
andGetRekorPubs()
should all be migrated to using this target file.This does not require an API change!
Unfortunately, I cannot do this, but filing this issue because eventually clients should be relying on this target, and not in the individual files.
@znewman01 for sigstore-go tracking
cc @jku @haydentherapper
The text was updated successfully, but these errors were encountered: