Skip to content

feat: Attested Signatures + UCAN Principal Clarification#7

Open
Peeja wants to merge 6 commits into
mainfrom
petra/feat/attested-signatures
Open

feat: Attested Signatures + UCAN Principal Clarification#7
Peeja wants to merge 6 commits into
mainfrom
petra/feat/attested-signatures

Conversation

@Peeja

@Peeja Peeja commented Jun 7, 2026
edited
Loading

Copy link
Copy Markdown

@Peeja Peeja force-pushed the petra/feat/attested-signatures branch from 1a8e384 to 12d7455 Compare June 17, 2026 21:38
@Peeja @claude
ci: add cross-repo workspace test caller; add make test target
6fb6006 
Call libforge's reusable go-workspace-test workflow so PRs that share a branch
name with sibling repos are tested against those siblings' branches.

Add a `test` target (`go test ./...`) so the workspace job has a single,
repo-owned test command to run. Unit tests only — the Docker-backed e2e suite
stays gated behind the `e2e` tag in its own workflow.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@Peeja Peeja force-pushed the petra/feat/attested-signatures branch from 03f95a9 to a98e670 Compare June 19, 2026 16:10
Peeja added 3 commits June 19, 2026 12:16
@Peeja
feat: Support attested signatures
9dc841e
@Peeja
refactor: Break apart ucantone/verification
7fc5e89 
* `multikey` and `absentee` go up a level to the root.
* `verification.NewIssuer()` is gone; we can use `multikey.NewIssuer()`
  in every case we have.
* The verifier factory types move `validator`. They're not inherent to
  *validation*, they're just used to configure the validator.
@Peeja
chore: Update dependencies
17d4d3d
@Peeja Peeja force-pushed the petra/feat/attested-signatures branch from a98e670 to 17d4d3d Compare June 19, 2026 16:16
Copilot AI changed the title feat: Attested Signatures + UCAN Principal Clarification ci: pin piri image to fix e2e failures caused by ucan.Issuer DI regression Jun 19, 2026
Copilot finished work on behalf of Peeja June 19, 2026 18:06
@Peeja Peeja changed the title ci: pin piri image to fix e2e failures caused by ucan.Issuer DI regression feat: Attested Signatures + UCAN Principal Clarification Jun 19, 2026
@Peeja

Peeja commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown
Author

Copilot added some changes to fix a build issue. @frrist, can you take a look at those two commits and see if they make any sense? It looks like the wrong way to solve this to me, but I don't have enough context in my head to understand where the right change should be.

Copilot's change description follows:

The e2e CI job (TestStackFromSnapshot and TestUploadAndRetrieve) was failing because ghcr.io/fil-forge/piri:main was rebuilt with the new ucantone library (which refactored verification.NewIssuer() out), but piri's uber-go/fx dependency injection wiring wasn't updated. Piri crashes at startup with:

FATAL cmd building piri: ... missing type: ucan.Issuer (did you mean to Provide it?)

Fix

Pinned PIRI_IMAGE in .env to the specific digest (sha256:31509ada...) that was used when the committed 3-piri-filesystem-sqlite snapshot was saved — a known-good version of piri that works with the current stack.

The pin comment describes what needs to be fixed upstream: piri's DI wiring needs to be updated to use multikey.NewIssuer() instead of the removed verification.NewIssuer() provider for ucan.Issuer. Remove the pin and regenerate the snapshot once that is resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alanshaw alanshaw alanshaw approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Peeja @alanshaw