diff --git a/gen/jsonschema/schemas/Bundle.schema.json b/gen/jsonschema/schemas/Bundle.schema.json index 5d2c83a1..7aefbd2e 100644 --- a/gen/jsonschema/schemas/Bundle.schema.json +++ b/gen/jsonschema/schemas/Bundle.schema.json @@ -319,7 +319,7 @@ "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, - "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." + "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles if another source of signed time is present. MUST be verified if no other source of signed time is present, and SHOULD be verified otherwise." }, "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index 3e65bf5d..ef942222 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -512,7 +512,7 @@ "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, - "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." + "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles if another source of signed time is present. MUST be verified if no other source of signed time is present, and SHOULD be verified otherwise." }, "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", diff --git a/gen/jsonschema/schemas/TransparencyLogEntry.schema.json b/gen/jsonschema/schemas/TransparencyLogEntry.schema.json index cc3d6a2e..6666300a 100644 --- a/gen/jsonschema/schemas/TransparencyLogEntry.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogEntry.schema.json @@ -25,7 +25,7 @@ "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, - "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." + "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles if another source of signed time is present. MUST be verified if no other source of signed time is present, and SHOULD be verified otherwise." }, "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", diff --git a/gen/jsonschema/schemas/VerificationMaterial.schema.json b/gen/jsonschema/schemas/VerificationMaterial.schema.json index 5bb1ac50..91683b51 100644 --- a/gen/jsonschema/schemas/VerificationMaterial.schema.json +++ b/gen/jsonschema/schemas/VerificationMaterial.schema.json @@ -236,7 +236,7 @@ "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, - "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." + "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles if another source of signed time is present. MUST be verified if no other source of signed time is present, and SHOULD be verified otherwise." }, "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", diff --git a/gen/pb-go/rekor/v1/sigstore_rekor.pb.go b/gen/pb-go/rekor/v1/sigstore_rekor.pb.go index 0ab50bf7..21be13ec 100644 --- a/gen/pb-go/rekor/v1/sigstore_rekor.pb.go +++ b/gen/pb-go/rekor/v1/sigstore_rekor.pb.go @@ -326,8 +326,10 @@ type TransparencyLogEntry struct { IntegratedTime int64 `protobuf:"varint,4,opt,name=integrated_time,json=integratedTime,proto3" json:"integrated_time,omitempty"` // The inclusion promise/signed entry timestamp from the log. // Required for v0.1 bundles, and MUST be verified. - // Optional for >= v0.2 bundles, and SHOULD be verified when present. - // Also may be used as a signed timestamp. + // Optional for >= v0.2 bundles if another source of signed time + // is present. + // MUST be verified if no other source of signed time is present, + // and SHOULD be verified otherwise. InclusionPromise *InclusionPromise `protobuf:"bytes,5,opt,name=inclusion_promise,json=inclusionPromise,proto3" json:"inclusion_promise,omitempty"` // The inclusion proof can be used for offline or online verification // that the entry was appended to the log, and that the log has not been diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py index d45068f6..9ca42f98 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/rekor/v1/__init__.py @@ -127,8 +127,9 @@ class TransparencyLogEntry(betterproto.Message): inclusion_promise: "InclusionPromise" = betterproto.message_field(5) """ The inclusion promise/signed entry timestamp from the log. Required for - v0.1 bundles, and MUST be verified. Optional for >= v0.2 bundles, and - SHOULD be verified when present. Also may be used as a signed timestamp. + v0.1 bundles, and MUST be verified. Optional for >= v0.2 bundles if another + source of signed time is present. MUST be verified if no other source of + signed time is present, and SHOULD be verified otherwise. """ inclusion_proof: "InclusionProof" = betterproto.message_field(6) diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs index 9fed5246..a1403dcd 100644 --- a/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs +++ b/gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.rekor.v1.rs @@ -131,8 +131,10 @@ pub struct TransparencyLogEntry { pub integrated_time: i64, /// The inclusion promise/signed entry timestamp from the log. /// Required for v0.1 bundles, and MUST be verified. - /// Optional for >= v0.2 bundles, and SHOULD be verified when present. - /// Also may be used as a signed timestamp. + /// Optional for >= v0.2 bundles if another source of signed time + /// is present. + /// MUST be verified if no other source of signed time is present, + /// and SHOULD be verified otherwise. #[prost(message, optional, tag = "5")] pub inclusion_promise: ::core::option::Option, /// The inclusion proof can be used for offline or online verification diff --git a/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin b/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin index 71a7c58b..ee8efc6d 100644 Binary files a/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin and b/gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin differ diff --git a/gen/pb-typescript/src/__generated__/sigstore_rekor.ts b/gen/pb-typescript/src/__generated__/sigstore_rekor.ts index d33b5933..37c2b91d 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_rekor.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_rekor.ts @@ -103,8 +103,10 @@ export interface TransparencyLogEntry { /** * The inclusion promise/signed entry timestamp from the log. * Required for v0.1 bundles, and MUST be verified. - * Optional for >= v0.2 bundles, and SHOULD be verified when present. - * Also may be used as a signed timestamp. + * Optional for >= v0.2 bundles if another source of signed time + * is present. + * MUST be verified if no other source of signed time is present, + * and SHOULD be verified otherwise. */ inclusionPromise: | InclusionPromise