Skip to content

v0.0.4

Latest
Latest

Choose a tag to compare

View all tags
@AprilNEA AprilNEA released this 05 Jun 06:16
· 3 commits to master since this release
v0.0.4
d9b2872
This commit was signed with the committer’s verified signature.
AprilNEA Xuan Zhang
GPG key ID: 80384D1232DF8242
Verified
Learn about vigilant mode.

Fail-closed update verification

Adds a Verification policy to EngineConfig so consumers can require update artifacts to be verified, instead of the previous best-effort behaviour that silently skipped checks when an input was missing.

  • Verification::BestEffort (default) — unchanged, backwards-compatible.
  • Off / Checksum / Signature / Strict — opt-in policies.
  • Under Signature/Strict, an unverifiable release is rejected at check() (before being surfaced as available) and again at download(). New Error::VerificationRequired.
  • A blank sha256/signature is treated as absent (not verified against an empty value), and an empty fetched signature body fails closed.

Refs #1 (PRs #2).

Assets 2
Loading