Right now the slsa-verifier does various validations depending on the type of builder that was identified from the provenance.
However, it would be quite handy if in a verbose mode, the type of validations that are performed are also printed and whether they succeed or fail, or what the expected value would be if it differs from the encountered one.
Furthermore, I would love to have an option to print the provenance in a human readable form regardless if verification succeeds.
If verification fails, there is no way to display the provenance to potentially catch the problem easily.
Right now the slsa-verifier does various validations depending on the type of builder that was identified from the provenance.
However, it would be quite handy if in a verbose mode, the type of validations that are performed are also printed and whether they succeed or fail, or what the expected value would be if it differs from the encountered one.
Furthermore, I would love to have an option to print the provenance in a human readable form regardless if verification succeeds.
If verification fails, there is no way to display the provenance to potentially catch the problem easily.