From de1a6f3da86230bf777c26a4fc1290ca2d735472 Mon Sep 17 00:00:00 2001 From: David Dworken Date: Fri, 16 Sep 2022 23:02:52 -0700 Subject: [PATCH] Add info on bypassing SLSA to the error message --- client/lib/lib.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/lib/lib.go b/client/lib/lib.go index c592e79..58c0013 100644 --- a/client/lib/lib.go +++ b/client/lib/lib.go @@ -654,7 +654,7 @@ func Update() error { err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version) } if err != nil { - return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err) + return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update (to bypass, set `export HISHTORY_DISABLE_SLSA_ATTESTATION=true`): %v", err) } // Unlink the existing binary so we can overwrite it even though it is still running