Type Alias PackageProvenance

Source
Expand description

Provenance handle returned by verifyPackage.

type PackageProvenance = {
    packageName: string;
    runInvocationURI: string;
    sourceCommit: string;
    sourceRef: string;
    sourceRepo: string;
    verifyAddonBySha256(sha256: string): Promise<void>;
    verifyAddonFromFile(filePath: string): Promise<void>;
}

Properties§

packageName
runInvocationURI
sourceCommit
sourceRef
sourceRepo

Methods§

verifyAddonBySha256

Verify a single native-addon binary whose sha256 the caller already has.

verifyAddonFromFile

Hash the file at filePath and verify its attestation against this provenance.