STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

448 commits

Author SHA1 Message Date
Pavel Dostál
20e4d25147 Add missing //go:build integration tag to verify_integration_test.go 
The four tests in this file (TestVerifyIntegration,
TestVerifyIntegrationCustomIssuer, TestVerifyIntegrationReusableWorkflow,
TestVerifyIntegrationReusableWorkflowSignerWorkflow) call
NewLiveSigstoreVerifier which requires network access to Sigstore and
GitHub TUF servers. Unlike the other integration test files in this
package (attestation_integration_test.go, sigstore_integration_test.go,
inspect_integration_test.go), this file was missing the //go:build
integration tag, causing these tests to run during a regular
'go test ./...' and fail in network-isolated build environments.
 2026-04-28 18:20:23 +02:00
William Martin
17776cafc1 Apply review feedback 
- Harden SpawnSendTelemetry against relative executable paths
- Use io.Copy for telemetry subprocess stdin write
- Clean up GH_TELEMETRY/DO_NOT_TRACK help text
- Fall back to built-in defaults (NoOp telemetry) on config load failure

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-04-17 12:28:52 +02:00
William Martin
3ed389d664 Disable telemetry for GHES 2026-04-17 11:50:24 +02:00
Sebastiaan van Stijn
6868d273ec
replace github.com/golang/snappy with klauspost/compress/snappy 
The github.com/golang/snappy repository was archived and is no longer
maintained. klauspost/compress provides a drop-in replacement, which
is actively maintained, and the klauspost/compress module is already
an existing (indirect) dependency.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2026-03-26 22:58:08 +01:00
William Martin
c51769c977 Record agentic invocations in User-Agent header 
Detect which AI coding agent is invoking gh by checking well-known
environment variables and include the agent name in the User-Agent
header sent to GitHub APIs.

Supported agents: Codex, Gemini CLI, Copilot CLI, OpenCode,
Claude Code, and Amp. Generic AI_AGENT env var is also supported
with validation to prevent header injection.

Fixes github/cli#1111

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-03-24 19:58:37 +01:00
Babak K. Shandiz
05986e4cb3
chore: apply go fix to remove deprecated // +build tags 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-10-30 21:10:45 +00:00
Trevor Rosen
0b1b5feff1
Merge pull request #11989 from cli/copilot/fix-gh-attestation-verification 
Fix gh attestation verify to work when Public Good Instance of Sigstore is unavailable
 2025-10-24 16:57:36 -05:00
Trevor Rosen
b808612769 Remove skipped tests 
Signed-off-by: Trevor Rosen <trevrosen@github.com>
 2025-10-24 13:45:16 -05:00
Trevor Rosen
b6013cf409 Make verifier choice more explicit 
Signed-off-by: Trevor Rosen <trevrosen@github.com>
 2025-10-24 13:42:58 -05:00
Brian DeHamer
b7cea1d935
test fixup 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2025-10-22 08:56:13 -07:00
copilot-swe-agent[bot]
74ac20671c Update release verify commands to use sentinel value 
Co-authored-by: bdehamer <398027+bdehamer@users.noreply.github.com>
 2025-10-22 15:26:36 +00:00
copilot-swe-agent[bot]
b27889b76b Make PGI verifier initialization non-fatal to allow GitHub attestation verification 
Co-authored-by: trevrosen <1402+trevrosen@users.noreply.github.com>
 2025-10-22 15:03:21 +00:00
Eugene
9e54a6242b
Update pkg/cmd/attestation/api/client.go 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-23 11:05:41 -04:00
ejahnGithub
3ba03e3200 add initiator_type for attestations 2025-09-23 10:59:07 -04:00
Kyle Kelly
30994ddc5b Remove mention of public preview in trustedroot.go 2025-09-02 23:42:03 +00:00
Brian DeHamer
53cae592f6
refactor to simplify implementation 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
 2025-06-05 10:35:21 -07:00
ejahnGithub
56f8877097 update the artifact and bundle for testing 2025-05-30 13:31:23 -07:00
ejahnGithub
4b1108734c debug windows env 2025-05-30 12:18:23 -07:00
ejahnGithub
8e6ed6eb38 improve test 2025-05-30 09:30:05 -07:00
ejahnGithub
3b17318ee4 fix test 2025-05-30 08:31:07 -07:00
Eugene
15b7692f1a
Merge branch 'trunk' into eugene/release-verify 2025-05-30 08:20:42 -07:00
ejahnGithub
71c2361dfc add unit test 2025-05-30 08:17:21 -07:00
Meredith Lancaster
f2f769c23a Merge branch 'trunk' into gh-attestation-tuf-client-retry 2025-05-27 10:14:35 -06:00
Meredith Lancaster
a154ff5cfa replace deprecated func 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-27 09:38:46 -06:00
Meredith Lancaster
dcca4b2940 replace deprecated type 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-27 09:34:35 -06:00
ejahnGithub
81f1017fa2 removed unused file 2025-05-23 15:33:43 -04:00
ejahnGithub
3108d99208 added the unit test 2025-05-23 15:31:33 -04:00
ejahnGithub
0a6ce2bb74 clean up the code 2025-05-20 18:35:40 -04:00
ejahnGithub
510ce73d6e wip 2025-05-16 14:22:45 -04:00
ejahnGithub
3a6e42f73f init 2025-05-15 17:21:13 -04:00
Meredith Lancaster
75f72bcf93 use constructor 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-08 14:22:05 -06:00
Meredith Lancaster
c0701c89c8 include http client in verifier setup 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 17:22:17 -06:00
Meredith Lancaster
3637f5aa26 add missing http client field in sigstoreConfig 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 17:11:18 -06:00
Meredith Lancaster
ec5f108aa9 simplify test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 16:47:14 -06:00
Meredith Lancaster
456e641679 alphabetize fields 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 16:43:28 -06:00
Meredith Lancaster
1c28a7aded move live inspect test to integration test file 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 16:43:17 -06:00
Meredith Lancaster
874c1b967a fetch http client from factory 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 16:42:43 -06:00
Meredith Lancaster
9092a43f20 set custom fetcher in options 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 16:41:32 -06:00
Meredith Lancaster
6b226754fd pass http client for use with tuf 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-05-07 09:18:43 -06:00
Meredith Lancaster
c5a2defec8 Merge branch 'trunk' into gh-attestation-tuf-client-retry 2025-05-07 08:50:51 -06:00
Meredith Lancaster
050c68c13b
Merge branch 'trunk' into move-predicate-type-filtering 2025-04-30 14:14:42 -06:00
Meredith Lancaster
fcd23dc657 create fetcher with custom http client and retry options 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-24 08:55:57 -06:00
Meredith Lancaster
139e82c68c Revert "temporarily skip non-failing tests" 
This reverts commit de8778797f.
 2025-04-09 07:23:17 -06:00
Meredith Lancaster
de8778797f temporarily skip non-failing tests 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 19:09:52 -06:00
Meredith Lancaster
29080dc70a reorganize func 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 16:40:52 -06:00
Meredith Lancaster
d63e2830e0 clean up unneeded sigstore verifier fields 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 16:35:17 -06:00
Meredith Lancaster
a535cfdbfc flip verifier choice logic 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 16:28:56 -06:00
Meredith Lancaster
366485155e initiate custom verifiers when the sgistore verifier is created 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 16:23:37 -06:00
Meredith Lancaster
323ea74733 add public good and github verifiers as fields for repeated use instead of creating a new one for every attestation 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 15:40:55 -06:00
Meredith Lancaster
35ec7f251c replace sigstore-go test bundle func 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2025-04-08 15:20:51 -06:00