Closed debasishbsws closed 9 months ago
I am signing the commits using gitsign following https://docs.sigstore.dev/signing/gitsign/ Why the cert are not getting verified? Is there anything I should look on?
Is it because of https://github.com/chainguard-dev/gobump/blob/b10c54a40ba783d7dd7aec4127dc809b22d7f3d3/.chainguard/source.yaml#L9
And I need to have chainguard.dev
email account that matches with the regex?
chainguard-enforce docs is not clear.
/cc @hectorj2f
thanks @debasishbsws! I merged your PR.
Refactored the error handling to use
fmt.Errorf
instead oflog.Println
andos.Exit
. This allows to return errors from the RunE function, which is a more idiomatic approach in Cobra applications.I've updated the README to reflect the changes in how the
--packages
and--replaces
works now.