From b510ac3cac1aa88c447192b7a79871396f20a038 Mon Sep 17 00:00:00 2001 From: SequeI Date: Mon, 27 Apr 2026 16:35:51 +0100 Subject: [PATCH] fix: pass in --instance correctly Signed-off-by: SequeI --- CHANGELOG.md | 8 +++++++- src/model_signing/__init__.py | 2 +- src/model_signing/_cli.py | 2 ++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ad6bd583..e59665b6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [1.0.1] - 2026-04-16 + +### Fixed +- Fixed `--instance` flag not being passed to Sigstore signer/verifier, causing signing to use public Sigstore OIDC instead of the private instance's OIDC. + ## [1.0.0] - 2026-03-13 ### Added @@ -118,7 +123,8 @@ Red Hat Tech Preview release, based on upstream [sigstore/model-transparency](ht - [Demo notebook](https://colab.sandbox.google.com/drive/18IB_uipduXYq0ohMxJv2xHfeihLIcGMT) to showcase API and CLI examples. -[Unreleased]: https://github.com/securesign/model-transparency/compare/v1.0.0...HEAD +[Unreleased]: https://github.com/securesign/model-transparency/compare/v1.0.1...HEAD +[1.0.1]: https://github.com/securesign/model-transparency/compare/v1.0.0...v1.0.1 [1.0.0]: https://github.com/securesign/model-transparency/compare/v0.1.0...v1.0.0 [0.1.0]: https://github.com/securesign/model-transparency/compare/v0.0.3...v0.1.0 [0.0.3]: https://github.com/securesign/model-transparency/releases/tag/v0.0.3 diff --git a/src/model_signing/__init__.py b/src/model_signing/__init__.py index 15874dd2..057ac151 100644 --- a/src/model_signing/__init__.py +++ b/src/model_signing/__init__.py @@ -125,7 +125,7 @@ from model_signing import verifying -__version__ = "1.0.0" +__version__ = "1.0.1" __all__ = ["hashing", "signing", "verifying", "manifest"] diff --git a/src/model_signing/_cli.py b/src/model_signing/_cli.py index 526604a1..a06b0c14 100644 --- a/src/model_signing/_cli.py +++ b/src/model_signing/_cli.py @@ -574,6 +574,7 @@ def _sign_sigstore( client_id=client_id, client_secret=client_secret, trust_config=trust_config, + instance=instance, ) if is_file: @@ -948,6 +949,7 @@ def _verify_sigstore( oidc_issuer=identity_provider, use_staging=use_staging, trust_config=trust_config, + instance=instance, ) if is_file: