Change default signature filename to claims.jsonl#591
Open
ralphbean wants to merge 3 commits intosigstore:mainfrom
Open
Change default signature filename to claims.jsonl#591ralphbean wants to merge 3 commits intosigstore:mainfrom
ralphbean wants to merge 3 commits intosigstore:mainfrom
Conversation
ralphbean
force-pushed
the
change-default-signature-filename
branch
from
c77fcc1 to
11ed8c3
Compare
Member
mihaimaruseac
left a comment
mihaimaruseac
left a comment
There was a problem hiding this comment.
I think that for a period we should support both model.sig (with just the signature) and claims.jsonl (which can contain anything).
More important though, I think we should signal in README and everywhere else that claims.jsonl is appended to (#592 is a step in that direction, but verification should still iterate over all claims to find which one can be verified rather than just the last?)
I'll look more over these over the break / in the new year.
Member
mihaimaruseac
added
the
discusion pending
ralphbean
force-pushed
the
change-default-signature-filename
branch
from
11ed8c3 to
7cc9dca
Compare
ralphbean
added a commit
to ralphbean/model-transparency
that referenced
this pull request
Apr 9, 2026
Documents approach to address review feedback on PR sigstore#591 regarding: - Backward compatibility support for model.sig during transition - Multi-claim verification strategy for claims.jsonl files The design covers format detection, deprecation warnings, and verification logic that iterates through all claims to find one that verifies successfully. Assisted-by: Claude Sonnet 4.5 <noreply@anthropic.com> Signed-off-by: Ralph Bean <rbean@redhat.com>
ralphbean
force-pushed
the
change-default-signature-filename
branch
from
7cc9dca to
48092db
Compare
Update the CLI default and all documentation examples to use claims.jsonl as the default signature filename, aligning with the OMS format convention for bundled attestations. The default can still be overridden with --signature. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Ralph Bean <rbean@redhat.com>
Support both legacy model.sig (single JSON) and new claims.jsonl (JSONL) formats during a deprecation period: - Add SignatureFormat enum and format detection functions - Add read_all() to iterate over all claims in JSONL files - JSONL write appends; legacy .sig overwrites with deprecation warning - Verification tries each claim newest-to-oldest, succeeds on first match - Add design document and tests for format detection, deprecation warnings, and JSONL append behavior Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Ralph Bean <rbean@redhat.com>
ralphbean
force-pushed
the
change-default-signature-filename
branch
from
48092db to
ce8d43b
Compare
Signing now reports whether the signature file was created or appended to. Verification with multi-claim JSONL files now reports which line matched. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Ralph Bean <rbean@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
model.sigtoclaims.jsonlto align with OMS bundled attestation conventions (see How do we recommend that OMS signatures and other attestations be named in a model repository? #587)model.sig(single JSON) and newclaims.jsonl(JSONL) formats are supported during a deprecation periodSignatureFormatenum and format detection auto-detects file format based on extension and contentclaims.jsonlappends new claims; legacy.sigoverwrites with a deprecation warning--signatureCLI optionTest plan
format_compat_test.pycovers format detection, deprecation warnings, and JSONL append behaviormodel_signing signproducesclaims.jsonlby defaultmodel_signing verifyreads bothmodel.sigandclaims.jsonl--signature model.sigoverride still worksRelates to #587
🤖 Generated with Claude Code