Skip to content

Graphorin API reference v0.7.0


Graphorin API reference / @graphorin/security / / SkillTrustRoot

Interface: SkillTrustRoot

Defined in: packages/security/src/supply-chain/signature.ts:246

Operator trust root for skill signatures (D4 / security-01). At least one leg must be non-empty to trust anything. allowSigstore (default true) exempts sigstore-resolved keys (their identity/issuer were already checked by the verifier).

W-026: the publishers leg counts ONLY for keys resolved through the well-known channel, whose URL host is verified to be the publisher's domain (or a subdomain). The frontmatter publisher string is NOT covered by the signature - anyone can claim any publisher - so an inline key can never satisfy this leg (self-sign + claim publisher: trusted.example.com used to pass). Inline keys require the fingerprints leg.

Stable

Properties

PropertyModifierTypeDescriptionDefined in
allowSigstore?readonlybooleanTrust sigstore-resolved keys without a fingerprint/publisher entry. Default true.packages/security/src/supply-chain/signature.ts:257
fingerprints?readonlyreadonly string[]Trusted key fingerprints (sha256:<hex>; matching is fold-normalised).packages/security/src/supply-chain/signature.ts:248
publishers?readonlyreadonly string[]Trusted publisher DNS names. Satisfied only by well-known-resolved keys whose URL host equals the publisher (or is its subdomain) - control of the HTTPS endpoint on the publisher's domain is the one channel that can vouch for the unsigned publisher string (W-026).packages/security/src/supply-chain/signature.ts:255