A library to convert between Sigstore Bundles and PEP-740 Attestation objects

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trailofbits from gravatar.com trailofbits

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: Trail of Bits
  • Requires: Python >=3.9
Classifiers

Project description

PyPI Attestation Models

CI PyPI version Packaging status

A library to convert between Sigstore Bundles and PEP-740 Attestation objects

Installation

python -m pip install pypi-attestation-models

Usage

See the full API documentation here.

from pathlib import Path
from pypi_attestation_models import pypi_to_sigstore, sigstore_to_pypi, Attestation
from sigstore.models import Bundle

# Sigstore Bundle -> PEP 740 Attestation object
bundle_path = Path("test_package-0.0.1-py3-none-any.whl.sigstore")
with bundle_path.open("rb") as f:
    sigstore_bundle = Bundle.from_json(f.read())
attestation_object = sigstore_to_pypi(sigstore_bundle)
print(attestation_object.model_dump_json())


# PEP 740 Attestation object -> Sigstore Bundle
attestation_path = Path("attestation.json")
with attestation_path.open("rb") as f:
    attestation = Attestation.model_validate_json(f.read())
bundle = pypi_to_sigstore(attestation)
print(bundle.to_json())

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trailofbits from gravatar.com trailofbits

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: Trail of Bits
  • Requires: Python >=3.9
Classifiers

Release history Release notifications | RSS feed

0.0.5

0.0.4

0.0.4a2 pre-release

0.0.4a1 pre-release

0.0.3

0.0.2

0.0.1

0.0.1rc2 pre-release

This version

0.0.1rc1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pypi_attestation_models-0.0.1rc1.tar.gz (7.5 kB view details)

Uploaded Source

Built Distribution

pypi_attestation_models-0.0.1rc1-py3-none-any.whl (7.7 kB view details)

Uploaded Python 3

File details

Details for the file pypi_attestation_models-0.0.1rc1.tar.gz.

File metadata

File hashes

Hashes for pypi_attestation_models-0.0.1rc1.tar.gz
Algorithm Hash digest
SHA256 8c48f46c0e4fa446fcf14114b200a579d48fde0714f1f950423a85f25ff80d2c
MD5 39f91a893f0317259ab478c81e931018
BLAKE2b-256 f61d991603a7371182cc27f499e4f825896813f488906e3b758c807543136ca2

See more details on using hashes here.

File details

Details for the file pypi_attestation_models-0.0.1rc1-py3-none-any.whl.

File metadata

File hashes

Hashes for pypi_attestation_models-0.0.1rc1-py3-none-any.whl
Algorithm Hash digest
SHA256 3a341b9162f2905283966752b9021fdf9b519912bc61f0e0298f982287a96a8c
MD5 ed16d906e7f847d9b2a9d8c34c9ba81b
BLAKE2b-256 0471650a0489c2befc29bc58d571e01cd2307c5868c675855f16d6b9182a2e8b

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page