From d1c4bf7dd9f02a50c851c74df7dd9ae8cb759609 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Tue, 25 Mar 2025 08:24:52 -0600
Subject: [PATCH] comment

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 pkg/cmd/attestation/verify/attestation.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/cmd/attestation/verify/attestation.go b/pkg/cmd/attestation/verify/attestation.go
index c09b433b0..6dd855bbc 100644
--- a/pkg/cmd/attestation/verify/attestation.go
+++ b/pkg/cmd/attestation/verify/attestation.go
@@ -10,6 +10,8 @@ import (
 )
 
 func getAttestations(o *Options, a artifact.DigestedArtifact) ([]*api.Attestation, string, error) {
+	// Fetch attestations from GitHub API within this if block since predicate type
+	// filter is done when the API is called
 	if o.FetchAttestationsFromGitHubAPI() {
 		params := api.FetchParams{
 			Digest:        a.DigestWithAlg(),
@@ -29,6 +31,8 @@ func getAttestations(o *Options, a artifact.DigestedArtifact) ([]*api.Attestatio
 		return attestations, msg, nil
 	}
 
+	// Fetch attestations from local bundle or OCI registry
+	// Predicate type filtering is done after the attestations are fetched
 	var attestations []*api.Attestation
 	var err error
 	var errMsg string