Skip to content

ci: build attestation + strict cargo-vet#65

Merged
avrabe merged 1 commit intomainfrom
ci/attestation-strict-vet
Mar 21, 2026
Merged

ci: build attestation + strict cargo-vet#65
avrabe merged 1 commit intomainfrom
ci/attestation-strict-vet

Conversation

@avrabe
Copy link
Copy Markdown
Contributor

@avrabe avrabe commented Mar 21, 2026

Sigstore attestation on release, strict cargo-vet, binary in release assets.

🤖 Generated with Claude Code

- Build provenance attestation via actions/attest-build-provenance@v2
  (Sigstore-signed SLSA provenance, verifiable via gh attestation verify)
- Release job now includes Playwright in needs chain
- Release binary included in GitHub release assets
- cargo-vet made strict (no fallback warning — hard fail on unaudited)
- Release job permissions: contents, id-token, attestations

Refs: REQ-012

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@avrabe avrabe merged commit 1047a31 into main Mar 21, 2026
@avrabe avrabe deleted the ci/attestation-strict-vet branch March 21, 2026 18:11
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 21, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant