protobuf-specs
protobuf-specs copied to clipboard
sigstore
Protocol Buffer specifications
This needs careful review/consideration from someone who understands the protobuf wire format better than I do 🙂: 1. Are there any wire format consequences to removing this `optional`? 2. If...
In practice, the `PublicKey` message is used in settings that require direct access to the `raw_bytes`, with the assumption that it isn't missing. https://github.com/sigstore/protobuf-specs/blob/2c9be05fb6720b5e07b5c96e99524abed9e0d14b/protos/sigstore_common.proto#L147-L155 We should be able to drop...
``` message Signature { // Signature itself. (In JSON, this is encoded as base64.) // REQUIRED. bytes sig = 1; // *Unauthenticated* hint identifying which public key was used. //...
Related to #261 Related to https://github.com/sigstore/rekor/issues/1943 I'm considering whether the RekorBundle struct would make more sense as bytes (like the `canonicalized body`), with the tradeoff of readability, so I may...
https://github.com/astral-sh/uv currently fails to install protobuf-specs: https://github.com/theupdateframework/tuf-on-ci/issues/205 * uv does not accept pre-releases without an explicit `--prerelease=allow` * this project depends on betterproto 2.0.0b6 It's been about four years since...
Based on the discussion about [verifying the SET](https://github.com/sigstore/rekor/issues/1943#issuecomment-1968352634), I'm opening this issue to add a canonicalized RekorBundle to the TLE, to be used by Rekor in its CLI output. The...
May close https://github.com/sigstore/protobuf-specs/issues/244 #### Summary Make sure that docker does not run as root when building protobuf files. #### Release Note N/A #### Documentation N/A
This would be a full generalization of #245: the `TrustRoot` as currently specified contains a 2D list (a list of CAs, each with one or more cert "chains"), which is...
Currently we cut new package releases when a tag is created. The problem is that tags can be created based on commits that are not off main, meaning they are...
There is a permissions error when trying to read the lock generated during rust codegen. This appears to surface after the rust codegen is complete and a later step accesses...