v0.0.28

Changed

• Upgraded sigstore dependency to >=4.0.0. Since version 4.0.0,
  sigstore supports signing using the new Rekor v2 instance, which
  will become the default in the future. We force the version to 1,
  so any attestations created with pypi-attestations==0.0.28 will
  still contain Rekor v1 entries.
• Repository has been moved to the pypi GitHub org. The new URL
  is https://github.com/pypi/pypi-attestations.

v0.0.27

Fixed

• Verification now compares the distribution filenames of artifacts
  and attestations by parsing them first and comparing its components
  (i.e. normalized name, version, tags) instead of doing a filename
  string comparison. This fixes an issue where verification would fail
  due to the artifact filename having the wheel tags in a different
  order than the ones in the attestation.
  (#127)

v0.0.26

Fixed

• This library no longer enforces distribution name "ultranormalization,"
  which went above the requirements specified in PEP 740
  (#124)

v0.0.25

Fixed

• Make the GooglePublisher type and APIs public
  (#117)

v0.0.24

Added

• The GooglePublisher type has been added to support
  Google Cloud-based Trusted Publishers
  (#114)

v0.0.23

Added

• The CLI has a new subcommand convert, which takes a Sigstore bundle
  and converts it to a PEP 740 attestation.

Changed

• The Attestation.verify(...) API has been changed to accept an offline
  parameter that, when True, disables TUF refreshes.
• The CLI verify commands now also accept an --offline flag that disables
  TUF refreshes. Additionally, when used with the verify pypi subcommand, the
  --offline flag enforces that the distribution and provenance file arguments
  must be local file paths.

Fixed

• Fixed a bug where GitHubPublisher policy verification would fail
  if the Source Repository Ref or Source Repository Digest claim
  was missing from the attestation's certificate. We require at least
  one of the two claims, but not necessarily both
  (#109)

v0.0.22

Changed

• The inspect subcommand now ignores inputs that don't match *.attestation,
  rather than failing on them
  (#93)

Added

• The CLI subcommand verify attestation now supports .slsa.attestation
  files. When verifying an artifact, both .publish.attestation and
  .slsa.attestation files are used (if present).
• The CLI subcommand verify pypi now supports a friendlier
  syntax to specify the artifact to verify. The artifact can now be
  specified with a pypi: prefix followed by the filename, e.g:
  pypi:sampleproject-1.0.0.tar.gz. The old way (passing
  the direct URL) is still supported.
• The CLI subcommand verify pypi now supports passing the local paths
  to the artifact and its provenance file, allowing the user to verify
  files already downloaded from PyPI. The artifact path is passed as
  usual, whereas the provenance file path is passed using the
  --provenance-file option.

v0.0.21

Changed

• The CLI entrypoint is now pypi-attestations
  (#82)
• The CLI verify subcommand has been changed to verify attestation,
  as in pypi-attestations verify attestation --identity ...
  (#82)

Added

• The CLI has a new subcommand verify pypi, which takes a URL to a
  PyPI distribution (either a wheel or a source distribution) and a
  GitHub/GitLab repository. The command verifies the distribution by
  downloading it and its provenance from PyPI, verifying them using
  sigstore and checking that the repository matches the one in the
  PyPI provenance file.
  (#82)

v0.0.20

Changed

• Explicitly support sigstore-python 3.6
  (#79)

v0.0.19

Fixed

• Corrective release for 0.0.18