profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/shibumi/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Christian Rebischke shibumi @archlinux Germany https://shibumi.dev Site Reliability Engineer and member of Arch Linux Security Team and Arch Linux Trusted User

in-toto/in-toto-golang 29

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.

shibumi/cifs-exporter 11

SMB/CIFS Prometheus Exporter

shibumi/batteryd 7

The smallest battery daemon ever!

shibumi/Arch-Linux-Catapult 4

Arch Linux Catapult (ALC) catapults your favourite Arch Linux image on your machine

kgizdov/arch-installer 3

WIP: An installer for Arch Linux

shibumi/bachelor-thesis 2

My bachelor-thesis at TU Clausthal

shibumi/ansible-systemd-conf 1

Ansible role to setup systemd configs, networkd, timers and more

shibumi/aoc2019 1

Advent of Code 2019

shibumi/bachelor-kolloquium 1

The slides for my bachelor defense

shibumi/base16-qterminal 1

base16-qterminal colorschemes

delete branch shibumi/in-toto.io

delete branch : shibumi/fix-joys-name

delete time in 2 days

issue commenteldadru/ksniff

Context was not found for specified context

Hi, I get the same error .. looks like this is still open :(

CezarManea

comment created time in 3 days

PullRequestReviewEvent

pull request commentin-toto/in-toto-golang

refactored github issue templates

@adityasaky done.. I think the channel link should work..

shibumi

comment created time in 5 days

push eventshibumi/in-toto-golang

Christian Rebischke

commit sha f131ee4b86b7803aec88eacf7bad3127b1ff93fa

refactored github issue templates

view details

push time in 5 days

PR opened in-toto/in-toto.io

fix: Joy's firstname

@adityasaky @SantiagoTorres this fixes Joy's firstname. Sorry for not attaching it in the first place.

CC: @joyliu-q

+1 -1

0 comment

1 changed file

pr created time in 5 days

push eventshibumi/in-toto.io

Christian Rebischke

commit sha a27138d49535e1ec303ba25a4cc2d0c3ef6bd9e5

fix: Joy's firstname

view details

push time in 5 days

create barnchshibumi/in-toto.io

branch : shibumi/fix-joys-name

created branch time in 5 days

pull request commentin-toto/in-toto-golang

fix: add nil/len guards for RunCommand

This PR is missing more tests for the InTotoRun function. Right now I am only testing the RunCommand func. We might want to test link creation for an empty CmdArgs parameter as well

shibumi

comment created time in 7 days

pull request commentin-toto/in-toto-golang

Add error returns if command invalid in RunCommand #124

@u5surf do you want to adopt my PR in https://github.com/in-toto/in-toto-golang/pull/126/files? My PR is missing more tests for the InTotoRun() function (testing link generation for empty cmdArgs). Do you want to work further on this or shall I? :)

u5surf

comment created time in 7 days

PullRequestReviewEvent

Pull request review commentin-toto/in-toto-golang

Add error returns if command invalid in RunCommand #124

 command execution. */ func RunCommand(cmdArgs []string, runDir string) (map[string]interface{}, error) { +	if cmdArgs == nil || len(cmdArgs) == 0 {

It is actually not that easy.. this would lead to an error if cmdArgs is empty. The in-toto python implementation allows empty cmdArgs, hence we need a fix in both functions. Like here: https://github.com/in-toto/in-toto-golang/pull/126/files

u5surf

comment created time in 7 days

PR opened in-toto/in-toto-golang

fix: add nil/len guards for RunCommand

Please fill in the fields below to submit a pull request. The more information that is provided, the better.

Fixes issue #: #124

Description of pull request:

Please verify and check that the pull request fulfills the following requirements:

  • [X] Tests have been added for the bug fix or new feature
  • [ ] Docs have been added for the bug fix or new feature
+29 -3

0 comment

2 changed files

pr created time in 7 days

pull request commentin-toto/in-toto-golang

Add error returns if command invalid in RunCommand #124

Hi @u5surf sorry, I just realized we were working on the same PR at the same time :D

u5surf

comment created time in 7 days

create barnchshibumi/in-toto-golang

branch : shibumi/fix-124

created branch time in 7 days

issue commentin-toto/docs

Differences between the in-toto implementations and the specification

By the way. The same applies to the "expected_command" field in the layout file.

shibumi

comment created time in 7 days

issue openedin-toto/docs

Differences between the Golang and the Python implementation

While investigating https://github.com/in-toto/in-toto-golang/issues/124 I think I have found a bug in our specification.

The question is: What happens when the "command" section in the link file is empty? (Vice versa with "expected_command" for the layout file).

In our Golang implementation such case looks like this right now:

{
  "signed": {
    "_type": "link",
    "name": "write-code",
    "materials": {},
    "products": {
      "foo.py": {
        "sha256": "74dc3727c6e89308b39e4dfedf787e37841198b1fa165a27c013544a60502549"
      }
    },
    "byproducts": {},
    "command": [],
    "environment": {}
  },
  "signatures": [ ]
}

Our python implementation has the following link:

 
{
 "signatures": [],
 "signed": {
  "_type": "link",
  "byproducts": {},
  "command": [],
  "environment": {},
  "materials": {},
  "name": "write-code",
  "products": {
   "foo.py": {
    "sha256": "74dc3727c6e89308b39e4dfedf787e37841198b1fa165a27c013544a60502549"
   }
  }
 }
}

These two are pretty much the same (thank god, that's good!).

Out in-toto specification is different to our implementations, though. In our specification we define the field "command" as string not as an array of strings. See: https://github.com/in-toto/docs/blob/master/in-toto-spec.md#44-file-formats-namekeyid-prefixlink

Is it safe to fix this in the specification or do we need to change our implementations? We did not reach in-toto 1.0 yet..

created time in 7 days

push eventshibumi/in-toto-golang

Mikhail Swift

commit sha 31b889b97d898f343cb7c6b3c1ef092dbe5f5506

ITE7 Prototype Implementation This is a prototype implementation of ITE7 as drafted and proposed at: https://github.com/in-toto/ITE/pull/21 * Adds the concept of certificate constraints. This allows layout creators to define the shape of a X509 certificate that is allowed to act as a functionary for each step of a layout. * Adds roots and intermediate CAs to the layout. This allows layout creators to define the chain of trust that a X509 certificate must fall within to act as a functionary. * Adds the leaf certificate to signatures. This will need to be updated to be compatible with DSSE if ITE5 is accepted into the specficiation.

view details

Mikhail Swift

commit sha 51a13ebe94e1bb1536a3ca017c05a7ca4968e6af

Adds documentation for IntotoRecordStart and InTotoRecordStop

view details

Mikhail Swift

commit sha 14bf1e27773073911f63abbbba9556589159c97a

Add alice's private key

view details

Mikhail Swift

commit sha 31d8c0a7300ef1dc112170f0ac56507e4d2d86f9

Add tests for new functions in ITE7

view details

Mikhail Swift

commit sha 1d85a01113460f0f2e76109935174db2af1a2afb

Add tests covering validation of signed links with certificates

view details

Christian Rebischke

commit sha d055e07529722aff6b7126bf361e9e333a879102

Add support for Go 1.17 and deprecate Go 1.15

view details

Christian Rebischke

commit sha f1dfffc0013b7e84db100ddaa1d22dd7e277a40b

migrate to go:build, deprecate +build

view details

Aditya Sirish

commit sha c5f26a70ffad45d405f08bc480ba3a1cd8db87e6

Merge pull request #120 from shibumi/shibumi/add-go-1.17-support Add support for Go 1.17 and deprecate Go 1.15

view details

Christian Rebischke

commit sha 1a8378e1f7f6b24efab9a1d8f717f4f66fed89b2

simplify code via gofmt -w -s

view details

Aditya Sirish

commit sha 48fefbd4d6d594b659f82d9e8d70c6bf59872d5a

Merge pull request #121 from shibumi/shibumi/simplify-code simplify code via gofmt -w -s

view details

Mikhail Swift

commit sha ea0f11feec8d4d0875a3ce595972af269e48c6a2

ITE7: Make new fields optional This commit will make the new fields added by ITE7 optional. This allows the golang version to load and verify layouts and links created by versions of in-toto that adhere to the 0.9 specification.

view details

Mikhail Swift

commit sha 234eeb66fd932dc8016128f06ede4b168ef0853b

fix typos in go doc comments

view details

Aditya Sirish

commit sha 02b98c8d4e2220c5fa5b992f39cd167986cede78

Merge pull request #119 from boxboat/ite7/cert-constraints

view details

push time in 7 days

delete branch shibumi/in-toto.io

delete branch : shibumi/add-more-news-artifacts

delete time in 7 days

pull request commentin-toto/in-toto-golang

dsse: transfer the dsse part into a new repo

Thanks for picking this up, @shibumi! Let me cut v0.1.0 of go-sslib though.

Here we go: https://github.com/secure-systems-lab/go-securesystemslib/releases/tag/v0.1.0

cutting a new release for it is a good idea. Makes it easier to pinpoint it. Good idea!

We should also start adding Maintainers.md files etc in the go-securesystemslib repository.

shibumi

comment created time in 8 days

Pull request review commentin-toto/in-toto-golang

refactored github issue templates

+---+name: Mentorship request+about: Interested in getting involved, but want some guidance? Submit a mentorship+request!+title: Mentorship request for <your-name>+labels: mentorship+assignees: ''++---++<!--+If you're new to the project, welcome!++In addition to filling out this mentorship request, consider joining the+in-toto slack community and introducing yourself!

Yes, we can include a link there. Let me have a look on it tomorrow. It's late already in germany (2:38AM) :)

shibumi

comment created time in 8 days

PullRequestReviewEvent

Pull request review commentin-toto/in-toto-golang

refactored github issue templates

+---+name: Mentorship request+about: Interested in getting involved, but want some guidance? Submit a mentorship+request!+title: Mentorship request for <your-name>+labels: mentorship+assignees: ''++---++<!--+If you're new to the project, welcome!++In addition to filling out this mentorship request, consider joining the+in-toto slack community and introducing yourself!

It is possible to set these templates for the whole organization. The sigstore community is doing this. But if we do somebody else have to set it up.

shibumi

comment created time in 8 days

PullRequestReviewEvent

issue openedin-toto/in-toto-golang

Potential bug in InTotoRun

Description of issue or feature request:

In https://github.com/in-toto/in-toto-golang/blob/02b98c8d4e2220c5fa5b992f39cd167986cede78/in_toto/runlib.go#L293 we are not handling an empty cmdArgs either as nil or empty string slice. We should check if our code still works with both and that we are not running into a panic.

Furthermore, we should add tests to cover these edge cases.

created time in 8 days

pull request commentin-toto/in-toto-golang

refactored github issue templates

With this new approach we can also set labels and assignes. @adityasaky @SantiagoTorres do we want any other issue templates? Questions? Organization? etc?

Full documentation for this can be found here: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms

shibumi

comment created time in 8 days

PR opened in-toto/in-toto-golang

refactored github issue templates

Please fill in the fields below to submit a pull request. The more information that is provided, the better.

Fixes issue #: None

Description of pull request:

This PR changes the issue templating. I tried to orientate myself on sigstore's issue style:

https://kurisu.shibumi.dev/share/img-2021-09-11-01-08-37.png

Please verify and check that the pull request fulfills the following requirements:

  • [X] Tests have been added for the bug fix or new feature
  • [X] Docs have been added for the bug fix or new feature
+69 -18

0 comment

5 changed files

pr created time in 8 days

create barnchshibumi/in-toto-golang

branch : shibumi/new-github-templates

created branch time in 8 days

PR opened in-toto/in-toto-golang

dsse: transfer the dsse part into a new repo

Please fill in the fields below to submit a pull request. The more information that is provided, the better.

Fixes issue #:

Description of pull request:

Please verify and check that the pull request fulfills the following requirements:

  • [X] Tests have been added for the bug fix or new feature
  • [X] Docs have been added for the bug fix or new feature
+12 -772

0 comment

8 changed files

pr created time in 8 days

create barnchshibumi/in-toto-golang

branch : shibumi/migrate-dsse-to-a-new-repo

created branch time in 8 days