feat(xmldsig): cover donor signing templates#88
Conversation
- Add supported xmlsec1 donor signing templates as fixtures - Sign RSA and ECDSA donor templates through SignContext and verify results - Repair unreleased changelog entries lost after dependency branch merge history Closes #87
Keep only the release entries that release-plz lost after the dependency branch merge. The current feature entry is generated from its conventional commit.
Exclude docs(release) commits from generated release notes so changelog maintenance does not appear as user-facing documentation changes.
Exclude fix(release) commits from generated release notes together with docs(release) maintenance commits.
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
📝 WalkthroughSummary by CodeRabbit
WalkthroughAdded five XMLDSig donor templates, updated fixture completeness expectations, and added RSA/ECDSA signing verification tests. The unreleased changelog and release commit parser configuration were also updated. ChangesXMLDSig donor signing coverage
Estimated code review effort: 2 (Simple) | ~15 minutes Sequence Diagram(s)sequenceDiagram
participant SignContext
participant DonorTemplates
participant verify_signature_with_pem_key
SignContext->>DonorTemplates: Load donor signing template
SignContext->>SignContext: Sign template
SignContext->>verify_signature_with_pem_key: Verify signed XML with PEM public key
verify_signature_with_pem_key-->>SignContext: Return DsigStatus::Valid
Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
| Filename | Overview |
|---|---|
| .release-plz.toml | Updates release commit matching and changelog skip rules for release-maintenance commits. |
| tests/fixtures/xmldsig/aleksey-xmldsig-01/enveloping-sha384-ecdsa-sha384.tmpl | Adds the ECDSA P-384 donor signing template with a matching P-384 KeyName. |
| tests/signing_digest.rs | Adds donor template signing tests for RSA and ECDSA fixtures. |
Reviews (2): Last reviewed commit: "fix(release): narrow release-trigger sco..." | Re-trigger Greptile
- Align the P-384 donor template KeyName with the signing key fixture - Prevent release-maintenance scopes from triggering release-plz while keeping user-facing scopes release-significant
Summary
Testing
Closes #87