search

trailofbits / pypi-attestations

A library to convert between Sigstore Bundles and PEP 740 Attestation objects
https://trailofbits.github.io/pypi-attestations
Apache License 2.0
1 stars 1 forks source link

remove Verifier param from verify() API #62

Open woodruffw opened 2 hours ago

woodruffw commented 2 hours ago

WIP; see https://github.com/trailofbits/pypi-attestations/issues/55#issuecomment-2406897303 for motivating context.

This removes a foreign type by instead constructing the Verifier under the hood within verify().