sigstore
diff --git a/‎gen/jsonschema/schemas/Artifact.schema.json
Lines changed: 1 addition & 1 deletion b/‎gen/jsonschema/schemas/Artifact.schema.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎gen/jsonschema/schemas/Input.schema.json
Lines changed: 1 addition & 1 deletion b/‎gen/jsonschema/schemas/Input.schema.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎gen/pb-go/verification/v1/sigstore_verification.pb.go
Lines changed: 4 additions & 1 deletion b/‎gen/pb-go/verification/v1/sigstore_verification.pb.go
Lines changed: 4 additions & 1 deletion
diff --git a/‎gen/pb-python/sigstore_protobuf_specs/dev/sigstore/verification/v1/__init__.py
Lines changed: 6 additions & 1 deletion b/‎gen/pb-python/sigstore_protobuf_specs/dev/sigstore/verification/v1/__init__.py
Lines changed: 6 additions & 1 deletion
diff --git a/‎gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.verification.v1.rs
Lines changed: 4 additions & 1 deletion b/‎gen/pb-rust/sigstore-protobuf-specs/src/generated/dev.sigstore.verification.v1.rs
Lines changed: 4 additions & 1 deletion
diff --git a/‎gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin
205 Bytes b/‎gen/pb-rust/sigstore-protobuf-specs/src/generated/file_descriptor_set.bin
205 Bytes
diff --git a/‎protos/sigstore_verification.proto
Lines changed: 4 additions & 1 deletion b/‎protos/sigstore_verification.proto
Lines changed: 4 additions & 1 deletion
@@ -17,7 +17,7 @@
                 "artifactDigest": {
                     "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",
                     "additionalProperties": false,
-                    "description": "Digest of the artifact"
+                    "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."
                 }
             },
             "additionalProperties": false,
 
@@ -657,7 +657,7 @@
                 "artifactDigest": {
                     "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",
                     "additionalProperties": false,
-                    "description": "Digest of the artifact"
+                    "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."
                 }
             },
             "additionalProperties": false,
 
@@ -265,7 +265,10 @@ pub mod artifact {
         /// The raw bytes of the artifact
         #[prost(bytes, tag = "2")]
         Artifact(::prost::alloc::vec::Vec<u8>),
-        /// Digest of the artifact
+        /// Digest of the artifact. SHOULD NOT be used when verifying an
+        /// in-toto attestation as the subject digest cannot be
+        /// reconstructed. This option will not work with Ed25519
+        /// signatures, use Ed25519Ph or another algorithm instead.
         #[prost(message, tag = "3")]
         ArtifactDigest(super::super::super::common::v1::HashOutput),
     }
 
@@ -136,7 +136,10 @@ message Artifact {
                 string artifact_uri = 1;
                 // The raw bytes of the artifact
                 bytes artifact = 2;
-                // Digest of the artifact
+                // Digest of the artifact. SHOULD NOT be used when verifying an
+                // in-toto attestation as the subject digest cannot be
+                // reconstructed. This option will not work with Ed25519
+                // signatures, use Ed25519Ph or another algorithm instead.
                 dev.sigstore.common.v1.HashOutput artifact_digest = 3;
         }
 }
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`	`"artifactDigest": {`
`18`	`18`	`"$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",`
`19`	`19`	`"additionalProperties": false,`
`20`		`- "description": "Digest of the artifact"`
	`20`	`+ "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."`
`21`	`21`	`}`
`22`	`22`	`},`
`23`	`23`	`"additionalProperties": false,`
Original file line number	Diff line number	Diff line change
`@@ -657,7 +657,7 @@`
`657`	`657`	`"artifactDigest": {`
`658`	`658`	`"$ref": "#/definitions/dev.sigstore.common.v1.HashOutput",`
`659`	`659`	`"additionalProperties": false,`
`660`		`- "description": "Digest of the artifact"`
	`660`	`+ "description": "Digest of the artifact. SHOULD NOT be used when verifying an in-toto attestation as the subject digest cannot be reconstructed. This option will not work with Ed25519 signatures, use Ed25519Ph or another algorithm instead."`
`661`	`661`	`}`
`662`	`662`	`},`
`663`	`663`	`"additionalProperties": false,`
Original file line number	Diff line number	Diff line change
`@@ -136,7 +136,10 @@ message Artifact {`
`136`	`136`	`string artifact_uri = 1;`
`137`	`137`	`// The raw bytes of the artifact`
`138`	`138`	`bytes artifact = 2;`
`139`		`- // Digest of the artifact`
	`139`	`+ // Digest of the artifact. SHOULD NOT be used when verifying an`
	`140`	`+ // in-toto attestation as the subject digest cannot be`
	`141`	`+ // reconstructed. This option will not work with Ed25519`
	`142`	`+ // signatures, use Ed25519Ph or another algorithm instead.`
`140`	`143`	`dev.sigstore.common.v1.HashOutput artifact_digest = 3;`
`141`	`144`	`}`
`142`	`145`	`}`