Rename `install` command's --verify option to --verify-signatures

Shopify / ruby-sigstore

Rubygems sigstore signing plugin

Apache License 2.0

7 stars 6 forks source link

Rename `install` command's --verify option to --verify-signatures #54

Closed rochlefebvre closed 2 years ago

rochlefebvre commented 2 years ago

TODO: rebase once #53 has merged

Quick follow up to #50. Note that in https://github.com/Shopify/ruby-sigstore/issues/35#issuecomment-996765248 we had decided to go with gem install --signing-policy as a way to find & validate signatures. However, in this PR, we're going with gem install --verify-signatures.

Until we have a better idea about how policies will work, --verify-signatures is clearer for end users. We can definitely revisit this later anyway.

jchestershopify commented 2 years ago

@aellispierce and I did a local rebase. There were no conflicts with main, so we're going to merge this as-is.