fix(aqua): support GitHub attestation predicate fields

[risu729]

Summary

• model aqua github_artifact_attestations.predicate_type
• pass predicate filters into GitHub attestation detection and verification for aqua packages
• bypass the digest-only versions-host attestation cache when a predicate filter is configured

Field References

• aqua github_artifact_attestations docs: https://aquaproj.github.io/docs/reference/registry-config/github-artifact-attestations/
• aqua Go config type for predicate_type: https://pkg.go.dev/github.com/aquaproj/aqua/v2/pkg/config/registry#GitHubArtifactAttestations
• GitHub REST attestation predicate_type query filter: https://docs.github.com/en/rest/orgs/attestations?apiVersion=2022-11-28#list-attestations
• GitHub CLI gh attestation verify --predicate-type: https://cli.github.com/manual/gh_attestation_verify
• SPDX specification index: https://spdx.dev/specifications/

Packages Using This Field

Current aqua-registry entries using github_artifact_attestations.predicate_type:

• foundry-rs/foundry: https://github.com/aquaproj/aqua-registry/blob/main/pkgs/foundry-rs/foundry/registry.yaml#L41-L43
  • configured predicate: https://spdx.dev/Document/v2.3
  • Foundry generates an SPDX SBOM with Syft and then creates an SBOM attestation for the release archive: https://github.com/foundry-rs/foundry/blob/master/.github/workflows/release.yml#L291-L345
• gleam-lang/gleam: https://github.com/aquaproj/aqua-registry/blob/main/pkgs/gleam-lang/gleam/registry.yaml#L143-L145 and https://github.com/aquaproj/aqua-registry/blob/main/pkgs/gleam-lang/gleam/registry.yaml#L162-L164
  • configured predicate: https://spdx.dev/Document/v2.3
  • Gleam generates SPDX and CycloneDX build SBOMs, then attests the release archive using the SPDX SBOM path: https://github.com/gleam-lang/gleam/blob/main/.github/actions/build-release/action.yml#L215-L270

SPDX SBOM vs SLSA Provenance

SPDX is a standard Software Bill of Materials format. An SPDX SBOM answers "what is in this artifact?" It lists package/component metadata such as dependencies, versions, relationships, licenses, and related identifiers. The predicate value https://spdx.dev/Document/v2.3 identifies an in-toto/GitHub attestation whose predicate payload is an SPDX 2.3 document.

SLSA provenance answers "where and how did this artifact come from?" It describes the source, builder, workflow, build inputs, and build parameters for an artifact. The common GitHub provenance predicate is https://slsa.dev/provenance/v1.

Short version: SPDX SBOM is inventory; SLSA provenance is build origin.

Why Foundry and Gleam Use SPDX Here

Both package entries point at release workflows that generate SBOMs and create GitHub artifact attestations with an SBOM payload. That means the attestation the registry is asking aqua/mise to verify is specifically an SPDX SBOM attestation, not the default SLSA provenance attestation.

This does not mean SLSA is unimportant or unavailable. It means this particular aqua registry field is being used to select the SBOM attestation for the release archive. Foundry also has a separate generic/provenance-style attestation step, but the aqua registry entry explicitly configures the SPDX predicate for the archive SBOM attestation.

Why aqua Supports This

GitHub artifact attestations are not limited to SLSA provenance. GitHub's API and gh attestation verify both accept a predicate type filter so callers can select provenance, SBOM, release, or custom predicate attestations. aqua exposes predicate_type so registry entries can preserve that upstream verification policy instead of hard-coding one attestation kind.

Why mise Needs This

mise consumes aqua-registry metadata. If mise ignores predicate_type, it cannot faithfully implement the registry's requested verification policy for packages like Foundry and Gleam.

Before this PR, predicate_type was not parsed or sent to GitHub. For these packages, mise treated GitHub artifact attestation verification as "find any valid attestation for this artifact and signer workflow." That could pass by verifying a different predicate type when multiple attestations exist, or pass an SPDX attestation only accidentally because the unfiltered API result happened to include it. It did not enforce "verify the SPDX SBOM attestation" as requested by aqua-registry.

This PR changes that behavior by sending predicate_type to GitHub during detection and verification. Because mise's versions-host attestation cache is keyed by digest only, predicate-filtered requests bypass that cache and query GitHub directly.

Tests

• mise run format (includes cargo check --all-features)
• cargo test -p aqua-registry test_github_artifact_attestations_predicate_type -- --nocapture
• cargo test -p mise-sigstore attestations_url_includes_predicate_type -- --nocapture
• git diff --check

Summary by CodeRabbit

• New Features

  • Extended GitHub artifact attestation handling to support optional predicate type filtering from registry metadata, enabling more granular control during both provenance detection and cryptographic verification.

• Tests

  • Added unit tests to validate predicate type deserialization, URL construction, and attestation filtering behavior.

[gemini-code-assist]

Code Review

This pull request introduces support for predicate_type in GitHub artifact attestations, allowing more granular filtering during verification. It also deprecates the signer-workflow field in favor of signer_workflow with a fallback getter, and updates the sigstore integration to use AttestationClient directly. A review comment suggests simplifying the merge logic for the deprecated and new signer_workflow fields in crates/aqua-registry/src/types.rs using Option::or.

[greptile-apps]

Greptile Summary

This PR adds support for the predicate_type field of the aqua github_artifact_attestations config, enabling mise to faithfully enforce the SPDX/SLSA predicate filter requested by registry entries such as foundry-rs/foundry and gleam-lang/gleam.

• Adds predicate_type: Option<String> to AquaGithubArtifactAttestations (with merge logic and a round-trip test), and threads the value through both the lock-time attestation detection path (detect_attestations_with_predicate_type) and the install-time verification path (verify_attestation_with_predicate_type).
• Bypasses the digest-keyed versions-host attestation cache when a predicate filter is configured, directing those requests straight to the GitHub API so the filter is actually applied.
• Refactors fetch_attestations in mise-sigstore to extract a private attestations_url helper, making query-parameter construction unit-testable without HTTP mocking.

Confidence Score: 5/5

This PR is safe to merge — changes are well-scoped, each new code path has a corresponding test, and the existing behaviour when predicate_type is absent is preserved by explicit delegation to the original functions.

All four changed files make consistent, additive changes. Detection and verification both fall through to the existing unfiltered logic when no predicate type is configured. The versions-host bypass is correctly scoped to the predicate-present branch. Unit tests cover both the URL construction and the YAML deserialization round-trip. No logic errors or missing guards were found.

No files require special attention.

Important Files Changed

Filename	Overview
crates/aqua-registry/src/types.rs	Adds predicate_type: Option to AquaGithubArtifactAttestations, includes merge logic, and adds a well-formed round-trip unit test. Change is minimal and consistent with the existing field layout.
crates/mise-sigstore/src/lib.rs	Extracts URL-building logic into a private attestations_url helper, enabling unit testing the predicate-type query parameter without mocking HTTP. The refactor is pure behaviour-preserving extraction; the new unit test directly validates query string construction.
src/github/sigstore.rs	Adds attestation_client helper and two new *_with_predicate_type functions that bypass the versions-host cache (keyed by digest only) when a predicate filter is present. Delegation to the original functions when predicate_type is None preserves existing behaviour exactly.
src/backend/aqua.rs	Routes both detection and verification through the new *_with_predicate_type wrappers, threading att.predicate_type through from the aqua package metadata. The call site for detect_github_attestations already guarantees the digest has a sha256: prefix, consistent with the new function's handling.

_{Reviews (5): Last reviewed commit: "fix(aqua): support GitHub attestation pr..." | Re-trigger Greptile}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 21ec200b-978b-4504-91b3-503d32fc3355

📥 Commits

Reviewing files that changed from the base of the PR and between 9ac8648 and 00c6b09.

📒 Files selected for processing (4)

• crates/aqua-registry/src/types.rs
• crates/mise-sigstore/src/lib.rs
• src/backend/aqua.rs
• src/github/sigstore.rs

---

📝 Walkthrough

Walkthrough

This PR adds optional predicate_type filtering to GitHub artifact attestation detection and verification. Registry metadata is extended with a predicate_type field, sigstore client URL construction is refactored to apply predicate parameters, two new public API functions enable predicate-constrained attestation operations, and backend integration propagates registry-provided predicate types through the verification pipeline.

Changes

Predicate Type Support for GitHub Artifact Attestations

Layer / File(s)	Summary
Registry metadata model with predicate_type field crates/aqua-registry/src/types.rs	AquaGithubArtifactAttestations adds optional predicate_type field; merge logic propagates it when overridden; test verifies YAML deserialization of predicate_type, enabled, and signer_workflow.
Sigstore client URL construction refactor crates/mise-sigstore/src/lib.rs	AttestationClient::attestations_url helper factors URL construction, applies per_page and optional predicate_type query parameters, and converts parse failures to AttestationError::Api; fetch_attestations refactored to use helper; test asserts predicate_type appears in URL.
Public sigstore API functions with predicate support src/github/sigstore.rs	Imports updated for AttestationClient and FetchParams; new private attestation_client(api_url) helper resolves token and constructs client; verify_attestation_with_predicate_type fetches and verifies predicate-filtered attestations (delegates to existing function when predicate is None); detect_attestations_with_predicate_type returns whether predicate-filtered attestations exist; DetectError::SourceCreation doc comment clarified.
Backend integration with registry predicate_type src/backend/aqua.rs	Attestation detection and verification calls switched to predicate-type variants; predicate_type extracted from pkg.github_artifact_attestations and passed to both detect_attestations_with_predicate_type and verify_attestation_with_predicate_type; comment adjusted to reflect registry metadata drives non-cryptographic detection.

🎯 3 (Moderate) | ⏱️ ~25 minutes

🐰 A predicate type hops in, with filtering so fine,
Registry metadata and sigstore now align,
Attestations constrained with a whisker of care,
This cryptographic garden is pristine and fair! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(aqua): support GitHub attestation predicate fields' clearly and specifically summarizes the main change—adding support for the predicate_type field in GitHub attestations for aqua packages.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 1 of 7.

Please update the PR when you have a chance. Feel free to reopen or create a new PR if it is closed and you'd like to continue working on it.

This comment was generated by an automated workflow.

[github-actions]

This PR currently has merge conflicts. If this continues for 7 days, it will be closed automatically.

This is warning day 2 of 7.

Please update the PR when you have a chance. Feel free to reopen or create a new PR if it is closed and you'd like to continue working on it.

This comment was generated by an automated workflow.