A library to convert between Sigstore Bundles and PEP-740 Attestation objects
Project description
PyPI Attestation Models
A library to convert between Sigstore Bundles and PEP-740 Attestation objects
Installation
python -m pip install pypi-attestation-models
Usage
See the full API documentation here.
from pathlib import Path
from pypi_attestation_models import pypi_to_sigstore, sigstore_to_pypi, Attestation
from sigstore.models import Bundle
# Sigstore Bundle -> PEP 740 Attestation object
bundle_path = Path("test_package-0.0.1-py3-none-any.whl.sigstore")
with bundle_path.open("rb") as f:
sigstore_bundle = Bundle.from_json(f.read())
attestation_object = sigstore_to_pypi(sigstore_bundle)
print(attestation_object.model_dump_json())
# PEP 740 Attestation object -> Sigstore Bundle
attestation_path = Path("attestation.json")
with attestation_path.open("rb") as f:
attestation = Attestation.model_validate_json(f.read())
bundle = pypi_to_sigstore(attestation)
print(bundle.to_json())
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for pypi_attestation_models-0.0.1rc1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8c48f46c0e4fa446fcf14114b200a579d48fde0714f1f950423a85f25ff80d2c |
|
MD5 | 39f91a893f0317259ab478c81e931018 |
|
BLAKE2b-256 | f61d991603a7371182cc27f499e4f825896813f488906e3b758c807543136ca2 |
Close
Hashes for pypi_attestation_models-0.0.1rc1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3a341b9162f2905283966752b9021fdf9b519912bc61f0e0298f982287a96a8c |
|
MD5 | ed16d906e7f847d9b2a9d8c34c9ba81b |
|
BLAKE2b-256 | 0471650a0489c2befc29bc58d571e01cd2307c5868c675855f16d6b9182a2e8b |