There's a distinction to be made between the signer and the builder for sigstore-based CLIs (npm). We currently have two builders allowed for npm verification: github-hosted and self-hosted. This is giving a false sense of security, because this value (in the cert) only guarantees the runner on which signing took place, not the actual build.
There's a distinction to be made between the signer and the builder for sigstore-based CLIs (npm). We currently have two builders allowed for npm verification:
github-hostedandself-hosted. This is giving a false sense of security, because this value (in the cert) only guarantees the runner on which signing took place, not the actual build.I'm wondering if we should remove this distinction altogether to avoid mis-leading users. We would have a single builder id we accept, which is the generic "https://github.com/actions/runner" instead of accepting of https://github.com/slsa-framework/slsa-verifier/blob/f09d99f91c9055367d9f26d8785b6c56fab9dfc4/verifiers/internal/gha/slsaprovenance/common/builders.go#L18-L20
There is a similar problem with our generators. Except that we don't expose github-hosted vs self-hosted now. And we can fix this problem by resolving https://github.com/slsa-framework/slsa-github-generator/issues/1868
@ramonpetgrave64