Skip to content

fix: remove broken ssh_keys dependency and add info module #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
avrabe merged 6 commits into from
Jan 5, 2026
Merged

fix: remove broken ssh_keys dependency and add info module #26

avrabe merged 6 commits into from
Jan 5, 2026

Conversation

@avrabe
Copy link
Contributor

@avrabe avrabe commented Jan 4, 2026

Summary

  • Remove ssh_keys import and related functions (from_openssh, from_any) that referenced a non-existent dependency, fixing CI build failure
  • Add signature info module backported from wasmsign2
  • Clean up CLI Cargo.toml (remove unused uri_encode dep)

Test plan

  • cargo check passes locally
  • CI passes (ubuntu + macos)

avrabe and others added 6 commits January 4, 2026 21:29
@avrabe @claude
fix: remove broken ssh_keys dependency and add info module
aba5746 
- Remove ssh_keys import and related functions (from_openssh, from_any)
  that referenced a non-existent dependency, fixing CI build failure
- Add signature info module backported from wasmsign2
- Clean up CLI Cargo.toml (remove unused uri_encode dep)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@avrabe
fix: use explicit PEM format for key loading
2584eee 
Replace insert_any_file with insert_pem_file to follow wsc security
policy: no automatic key format detection (each parser is an attack
surface). Users must use explicit format loaders.

Adds convenience methods:
- PublicKey::from_pem_file(), from_der_file()
- PublicKeySet::insert_pem_file(), insert_file()
@avrabe
fix: update BUILD.bazel deps (remove ssh-keys, add tracing)
b39a6f4
@avrabe
fix: remove from_any and from_openssh from component
fb2a044 
Component now uses explicit format parsing (WSC bytes, DER, PEM)
per security policy. OpenSSH format not supported - users must
convert keys to PEM first.
@avrabe
fix: remove stale uri_encode dep from CLI BUILD.bazel
f7415ee
@avrabe
fix: update Sigstore certificate pins (2026-01-05)
28060e8 
Fulcio and Rekor TLS certificates have rotated. Updated pins:
- fulcio.sigstore.dev: b856b7083ffae114...
- rekor.sigstore.dev: 1d1d8295591c131c...

Previous pins kept for rotation grace period.
@avrabe avrabe merged commit 3707d8a into main Jan 5, 2026
9 checks passed
@avrabe avrabe deleted the fix/ssh-keys-removal branch January 5, 2026 16:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@avrabe