Verify the version tag in SLSA too

2025-08-14 00:58:40 +02:00 · 2022-04-17 10:29:48 -07:00
parent f22bb5b4d9
commit cf55805578
2 changed files with 7 additions and 10 deletions
--- a/client/lib/lib.go
+++ b/client/lib/lib.go
@ -446,7 +446,7 @@ func Update() error {
 	}

 	// Verify the SLSA attestation
-	err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl")
+	err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version)
 	if err != nil {
 		return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err)
 	}