sigstore-npm-signer/dist/lib/publish.d.ts

Sign and verify npm packages using Sigstore

/**
 * Publishing module for sigstore-npm-signer
 *
 * Handles intercepting the npm publish process to sign the package
 * tarball with Sigstore.
 */
/**
 * Options for signing a package
 */
export interface SignOptions {
    /** Path to the package tarball */
    tarballPath: string;
    /** Optional custom Fulcio URL */
    fulcioUrl?: string;
    /** Optional custom Rekor URL */
    rekorUrl?: string;
}
/**
 * Signs a package tarball using Sigstore
 */
export declare function signPackage(options: SignOptions): Promise<string>;
/**
 * Attaches a signature to the package metadata
 */
export declare function attachSignature(packageJson: any, signature: string): Promise<void>;