You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
remove redundant per-publisher trust anchor (catalogue is the source of truth)
The release-signed catalogue pins each bundle's sha256, and pilotctl verifies
that pin at install — so a non-sideloaded app is, by construction, vouched for
by the catalogue signature (the root of trust). The separate per-publisher
TrustedPublishers allow-list (added in #7, enforced in #23) is redundant with
that, and unworkable in practice: apps are self-signed with per-app keys, the
publishers registry isn't populated, and the metadata publisher_pubkeys are
placeholders/mismatched — so enforcement skipped EVERY catalogue app unless an
env var was set on each host.
Removed:
- manifest.TrustedPublishers + Manifest.VerifyTrustAnchor (+ their unit tests)
- the supervisor's VerifyTrustAnchor enforcement on the catalogue path
(VerifySignature still confirms manifest integrity)
The catalogue path now: install-time sha pin (signed catalogue) + VerifySignature.
Sideloaded apps remain clamped to the safe grant subset.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
0 commit comments