Pritesh Bandi

Some examples of inappropriate errors: ### Missing trustpolicy.json file ``` ➜ notation git:(main) ✗ ./notation verify $IMAGE Resolved artifact tag `v1` to digest `sha256:36ca4d6834ed680362327811238b97c687e77c5cf4a04a74d0853d3c0c17e059` before verification. Warning: The resolved digest...

--debug for both sign and verify should also emit signature either in plain text(for jws) or and encoded format(for cose).

11/17: Create new issue for sign and verify output, specially when signing and verifying with tag.

Discuss with Yi and probably close it if the work is already done

> The omission of media type may expose the content to attacks similar to how files are exploited. How? Notation should not try to interpret/decode the content being singed because...

The user needs to configure trust-store and trust-policy to start using verify operation. 1. Default policy would differ from usecase to usecase. E.g. during build time, customers might want to...

Reopening as are still inappropriate error messages - [x] Notation not properly throwing the error from the plugin. The error is coming from [this line](https://github.com/notaryproject/notation-go/blob/180ad994fe8092a0b6f282358397fc42d928b07f/plugin/plugin.go#L174). stderr needs to be converted...

Test result with notation rc2 build ``` ➜ notation git:(main) ✗ ./notation cert generate-test Error: missing certificate common_name ➜ notation git:(main) ✗ echo $? 1 ➜ notation git:(main) ✗ ./notation...

Apart from below error everything looks to be fixed > > Error: open /Users/pritesb/Library/Application Support/notation/trustpolicy.json: no such file or directory > > @priteshbandi Is there any concern/suggestion regarding this error...

Issue is fixed https://github.com/notaryproject/notation-go/blob/8c3ed9217dc8025983f64a5510249a94dc009a86/plugin/plugin.go#L166-L177