Verify an installed npm package's SLSA manifest and return a handle
for per-addon provenance verification. Manifest-level checks run once;
the returned handle reuses them across every addon file the caller
feeds in, so call verifyPackage once and verifyAddonFromFile for
each .node binary the host is about to load.
Verify an installed npm package's SLSA manifest and return a handle for per-addon provenance verification. Manifest-level checks run once; the returned handle reuses them across every addon file the caller feeds in, so call
verifyPackageonce andverifyAddonFromFilefor each.nodebinary the host is about to load.