gazagnaire.org / ocaml-scitt
Supply Chain Integrity, Transparency, and Trust (IETF SCITT)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

ocaml-linkedin: apply dune fmt

Pure formatting changes from `dune fmt`: doc comment placement moves
from above the binding to below it for `type`s, multi-line `match`
expressions collapse onto one line where they fit, and infix operator
applications pick up spaces (`Soup.($?)` -> `Soup.( $? )`). No
semantic changes.

Thomas Gazagnaire d6f65aa3 1cbe7cd7

+34 -7
+23 -7
README.md
··· 14 14 15 15 ## Installation 16 16 17 + Install the core package with opam: 18 + 19 + ```sh 20 + $ opam install scitt 17 21 ``` 18 - opam install scitt 19 - opam install scitt-atp # for AT Proto MST backend 20 - opam install atp-lexicon-scitt # for AT Proto lexicon types 22 + 23 + Optional packages provide the AT Proto backend and lexicon types: 24 + 25 + ```sh 26 + $ opam install scitt-atp # for AT Proto MST backend 27 + $ opam install atp-lexicon-scitt # for AT Proto lexicon types 28 + ``` 29 + 30 + If opam cannot find the packages, they may not yet be released in the public 31 + `opam-repository`. Add the overlay repository, then install the packages you 32 + need: 33 + 34 + ```sh 35 + $ opam repo add samoht https://tangled.org/gazagnaire.org/opam-overlay.git 36 + $ opam update 37 + $ opam install scitt 21 38 ``` 22 39 23 40 ## Quick Start 24 41 25 42 ```ocaml 26 43 (* Create a transparency service with RFC 9162 VDS *) 27 - let vds = Scitt.Vds_rfc9162.in_memory () in 44 + let vds = Scitt.Vds_rfc9162.in_memory () 28 45 let ts = 29 46 Scitt.Transparency_service.v ~service_id:"my-ts" ~vds 30 47 ~algorithm:Cose.Algorithm.ES256 ··· 38 55 ~subject:"sha256:abcdef..." ~content_type:"application/spdx+json" 39 56 ~payload:sbom_json 40 57 in 41 - let signed = Scitt.Signed_statement.sign ~key:issuer_key statement in 58 + let signed = Scitt.Signed_statement.sign ~key:issuer_key statement 42 59 let receipt = 43 60 Scitt.Transparency_service.register ts ~issuer_key:issuer_public_key signed 44 61 in 45 62 46 63 (* Create and verify a transparent statement *) 47 - let transparent = Scitt.Transparent_statement.v signed [ receipt ] in 48 - match 64 + let transparent = Scitt.Transparent_statement.v signed [ receipt ]match 49 65 Scitt.Transparent_statement.verify 50 66 ~ts_keys:(fun ~service_id:_ -> Some ts_public_key) 51 67 ~issuer_key transparent
+1
atp-lexicon-scitt.opam
··· 16 16 "ocaml" {>= "5.1"} 17 17 "dune" {>= "3.21" & >= "3.21"} 18 18 "json" {>= "0.1.0"} 19 + "mdx" {with-test} 19 20 "odoc" {with-doc} 20 21 ] 21 22 build: [
+4
dune
··· 1 1 (env 2 2 (dev 3 3 (flags :standard %{dune-warnings}))) 4 + 5 + (mdx 6 + (files README.md) 7 + (libraries scitt scitt-atp))
+4
dune-project
··· 1 1 (lang dune 3.21) 2 + (using mdx 0.4) 2 3 (name scitt) 3 4 4 5 (generate_opam_files true) ··· 36 37 (odoc :with-doc) 37 38 eio 38 39 sqlite 40 + (mdx :with-test) 39 41 loc)) 40 42 41 43 (package ··· 55 57 (digestif (>= 1.2.0)) 56 58 (ohex (>= 0.2)) 57 59 (alcotest :with-test) 60 + (mdx :with-test) 58 61 (odoc :with-doc))) 59 62 60 63 (package ··· 70 73 (ocaml (>= 5.1)) 71 74 (dune (>= 3.21)) 72 75 (json (>= 0.1.0)) 76 + (mdx :with-test) 73 77 (odoc :with-doc)))
+1
scitt-atp.opam
··· 20 20 "digestif" {>= "1.2.0"} 21 21 "ohex" {>= "0.2"} 22 22 "alcotest" {with-test} 23 + "mdx" {with-test} 23 24 "odoc" {with-doc} 24 25 ] 25 26 build: [
+1
scitt.opam
··· 31 31 "odoc" {with-doc} 32 32 "eio" 33 33 "sqlite" 34 + "mdx" {with-test} 34 35 "loc" 35 36 ] 36 37 build: [