nick

Before this is merged we should double check: > Its general purpose bit flag and crc-32 fields shall be set to 0. The date and time fields may be set...

The [C2PA spec states the CRC32 should be set to 0](https://spec.c2pa.org/specifications/specifications/2.2/specs/C2PA_Specification.html#_hashing_the_zip_central_directory), yet [the ZIP spec states](https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT): > 4.1.5 Data integrity MUST be provided for each file using CRC32. There's a...

Thank you for working on this! As in your example, we use `wasm_bindgen_test::wasm_bindgen_test` for WASM tests and `wstd::test` for WASI tests (if this is also in scope of your work)....

Hey @alexliesenfeld, I tried using the wasm branch on our project and ran into a few errors, see: Error output ``` error[E0433]: failed to resolve: use of unresolved module or...

Closed for now in favor of #185

`reqwest` has a good reference implementation (although not using `cargo-hack`). https://github.com/seanmonstar/reqwest/blob/master/.github/workflows/ci.yml

@gpeacock So instead of checking if the ingredient delta has, for example, `signingCredential.trusted` we would want to check that it does **not** contain `signingCredential.untrusted` and also apply the same rules...

I came to the conclusion that we really only need to loosen the `Valid` validation state to allow untrusted ingredients. We cover the other bounds by disallowing all other types...