Part of the reason we don't already do that is so that we can verify that everything in the provenance can be matched with equivalent values in the fulcio certificates of github actions provenances. And
When you Unmarshall in the typical way, unspecified fields are lost. Still, it's nicer to have a schema, and so we may be able to use json.RawMessage to preserve unspecified filds when Unmarshalling, so that we can still check the provenance for extra data.
Similar to how the GCB provenances are fully parsed with a struct, we should do the same for Github Actions Provenances
Part of the reason we don't already do that is so that we can verify that everything in the provenance can be matched with equivalent values in the fulcio certificates of github actions provenances. And
When you Unmarshall in the typical way, unspecified fields are lost. Still, it's nicer to have a schema, and so we may be able to use json.RawMessage to preserve unspecified filds when Unmarshalling, so that we can still check the provenance for extra data.