Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

attest

package

Go to main page

Versions in this module

v0

v0.6.3

Aug 12, 2025

v0.6.2

Aug 6, 2025

Changes in this version

+ const ExpectedIssuer

+ const ExpectedSan

+ const OldExpectedSan

+ const VsaPredicateType

+ const VsaVerifierId

+ var DefaultVerifierOptions = VerificationOptions

+ func CreateUnsignedSourceVsa(repoUri, ref, commit string, verifiedLevels slsa.SourceVerifiedLevels, ...) (string, error)

+ func Debugf(format string, args ...any)

+ func DoesSubjectIncludeCommit(statement *spb.Statement, commit string) bool

+ func GetSourceProvPred(statement *spb.Statement) (*provenance.SourceProvenancePred, error)

+ func GetSourceRefsForCommit(vsaStatement *spb.Statement, commit string) ([]string, error)

+ func GetSubjectForCommit(statement *spb.Statement, commit string) *spb.ResourceDescriptor

+ func GetTagProvPred(statement *spb.Statement) (*provenance.TagProvenancePred, error)

+ func GetVsa(ctx context.Context, ghc *ghcontrol.GitHubConnection, verifier Verifier, ...) (*spb.Statement, *vpb.VerificationSummary, error)

+ func Sign(data string) (string, error)

+ func StatementToString(stmt *spb.Statement) string

+ type BndVerifier struct

+ Options VerificationOptions

+ func NewBndVerifier(options VerificationOptions) *BndVerifier

+ func (bv *BndVerifier) Verify(data string) (*verify.VerificationResult, error)

+ type BundleReader struct

+ func NewBundleReader(reader *bufio.Reader, verifier Verifier) *BundleReader

+ func (br *BundleReader) ReadStatement(matcher StatementMatcher) (*spb.Statement, error)

+ type ProvenanceAttestor struct

+ func NewProvenanceAttestor(gh_connection *ghcontrol.GitHubConnection, verifier Verifier) *ProvenanceAttestor

+ func (pa ProvenanceAttestor) CreateSourceProvenance(ctx context.Context, prevAttPath, commit, prevCommit, ref string) (*spb.Statement, error)

+ func (pa ProvenanceAttestor) CreateTagProvenance(ctx context.Context, commit, ref, actor string) (*spb.Statement, error)

+ func (pa ProvenanceAttestor) GetProvenance(ctx context.Context, commit, ref string) (*spb.Statement, *provenance.SourceProvenancePred, error)

+ type StatementMatcher func(*spb.Statement) bool

+ func MatchesTypeAndCommit(predicateType, commit string) StatementMatcher

+ func MatchesTypeCommitAndRef(predicateType, commit, targetRef string) StatementMatcher

+ type VerificationOptions struct

+ ExpectedIssuer string

+ ExpectedSan string

+ type Verifier interface

+ Verify func(data string) (*verify.VerificationResult, error)

+ func GetDefaultVerifier() Verifier