jdx · jdx · May 5, 2026 · Apr 15, 2026 · Apr 15, 2026 · May 4, 2026
diff --git a/crates/aqua-registry/src/lib.rs b/crates/aqua-registry/src/lib.rs
@@ -13,8 +13,8 @@ pub use registry::{
     AquaRegistryMetadata, DefaultRegistryFetcher, FileCacheStore, NoOpCacheStore, package_ids,
 };
 pub use types::{
-    AquaChecksum, AquaChecksumType, AquaMinisignType, AquaPackage, AquaPackageType, AquaVar,
-    RegistryYaml,
+    AquaChecksum, AquaChecksumType, AquaCosign, AquaMinisignType, AquaPackage, AquaPackageType,
+    AquaVar, RegistryYaml,
 };
 
 use thiserror::Error;

diff --git a/crates/aqua-registry/src/types.rs b/crates/aqua-registry/src/types.rs
@@ -45,6 +45,7 @@ pub struct AquaPackage {
     #[serde(skip)]
     version_filter_expr: Option<Program>,
     pub version_source: Option<String>,
+    pub cosign: Option<AquaCosign>,
     pub checksum: Option<AquaChecksum>,
     pub slsa_provenance: Option<AquaSlsaProvenance>,
     pub minisign: Option<AquaMinisign>,
@@ -213,6 +214,7 @@ impl Default for AquaPackage {
             version_filter: None,
             version_filter_expr: None,
             version_source: None,
+            cosign: None,
             checksum: None,
             slsa_provenance: None,
             minisign: None,
@@ -663,6 +665,17 @@ fn apply_override(mut orig: AquaPackage, avo: &AquaPackage) -> AquaPackage {
         }
     }
 
+    if let Some(avo_cosign) = &avo.cosign {
+        match &mut orig.cosign {
+            Some(cosign) => {
+                cosign.merge(avo_cosign.clone());
+            }
+            None => {
+                orig.cosign = Some(avo_cosign.clone());
+            }
+        }
+    }
+
     if let Some(avo_slsa_provenance) = avo.slsa_provenance.clone() {
         match &mut orig.slsa_provenance {
             Some(slsa_provenance) => {
@@ -1258,4 +1271,53 @@ mod tests {
             "unexpected error: {err}"
         );
     }
+
+    #[test]
+    fn test_top_level_cosign_is_deserialized() {
+        let yml = r#"
+packages:
+  - cosign:
+      bundle:
+        type: github_release
+        asset: "{{.Asset}}.sigstore.json"
+"#;
+        let pkg = serde_yaml::from_str::<RegistryYaml>(yml)
+            .unwrap()
+            .packages
+            .into_iter()
+            .next()
+            .unwrap();
+        assert!(pkg.cosign.is_some());
+        assert!(pkg.checksum.is_none());
+    }
+
+    #[test]
+    fn test_top_level_cosign_is_merged_from_version_override() {
+        let yml = r#"
+packages:
+  - asset: tool-{{.Version}}-{{.OS}}-{{.Arch}}
+    format: raw
+    cosign:
+      bundle:
+        type: github_release
+        asset: "{{.Asset}}.sigstore.json"
+    version_constraint: "false"
+    version_overrides:
+      - version_constraint: "true"
+        cosign:
+          key:
+            type: github_release
+            asset: cosign.pub
+"#;
+        let pkg = serde_yaml::from_str::<RegistryYaml>(yml)
+            .unwrap()
+            .packages
+            .into_iter()
+            .next()
+            .unwrap()
+            .with_version(&["v1.0.0"], "linux", "amd64");
+        let cosign = pkg.cosign.unwrap();
+        assert!(cosign.bundle.is_some());
+        assert!(cosign.key.is_some());
+    }
 }
diff --git a/e2e/backend/test_aqua_cosign b/e2e/backend/test_aqua_cosign
@@ -1,7 +1,6 @@
 #!/usr/bin/env bash
-# Test native Cosign verification for aqua packages
-# Uses fork-cleaner which has bundle-based cosign (native verification),
-# unlike sops which only has opts-based cosign (CLI pass-through).
+# Test native Cosign verification for aqua packages.
+# Covers both checksum-level cosign and top-level binary cosign.
 
 set -euo pipefail
 
@@ -10,7 +9,7 @@ export MISE_AQUA_COSIGN=true
 export MISE_AQUA_SLSA=false
 export MISE_AQUA_GITHUB_ATTESTATIONS=false
 
-echo "=== Testing Native Cosign Verification ==="
+echo "=== Testing Native Cosign Verification (checksum-level) ==="
 
 # Test: Install fork-cleaner which has cosign bundle verification configured
 echo "Installing fork-cleaner with native Cosign verification..."
@@ -33,8 +32,23 @@ fi
 assert_contains "mise x aqua:caarlos0/fork-cleaner@2.4.0 -- fork-cleaner --version" "2.4.0"
 echo "✓ fork-cleaner installed and working correctly"
 
-# Cleanup
-mise uninstall aqua:caarlos0/fork-cleaner@2.4.0 || true
+echo "=== Testing Native Cosign Verification (top-level binary config) ==="
+echo "Installing envsense with top-level binary Cosign verification..."
+
+output=$(mise install aqua:technicalpickles/envsense@0.3.4 2>&1)
+echo "$output"
+
+if echo "$output" | grep -q "Cosign verified" && ! echo "$output" | grep -q "verify checksums with cosign"; then
+  echo "✅ Native top-level binary Cosign verification was used"
+else
+  echo "❌ ERROR: top-level binary Cosign verification was not detected in output"
+  echo "Output was:"
+  echo "$output"
+  exit 1
+fi
+
+assert_contains "mise x aqua:technicalpickles/envsense@0.3.4 -- which envsense" "envsense"
+echo "✓ envsense installed and working correctly"
 
 echo ""
 echo "=== Native Cosign Verification Test Passed ✓ ==="
diff --git a/e2e/lockfile/test_lockfile_cosign_top_level_binary b/e2e/lockfile/test_lockfile_cosign_top_level_binary
@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+# Regression test: top-level aqua cosign config should record cosign provenance.
+
+set -euo pipefail
+
+export MISE_LOCKFILE=1
+export MISE_AQUA_COSIGN=true
+export MISE_AQUA_SLSA=false
+export MISE_GITHUB_ATTESTATIONS=0
+export MISE_AQUA_GITHUB_ATTESTATIONS=false
+
+detect_platform
+PLATFORM="$MISE_PLATFORM"
+
+echo "=== Testing top-level cosign lockfile provenance ==="
+
+cat <<EOF >mise.toml
+[tools]
+"aqua:technicalpickles/envsense" = "0.3.4"
+EOF
+
+mise lock --platform "$PLATFORM"
+assert "test -f mise.lock"
+assert_contains "cat mise.lock" 'provenance = "cosign"'
+
+echo "=== Testing install with top-level cosign lockfile ==="
+mise install
+
+echo "top-level cosign lockfile test passed!"
diff --git a/src/aqua/aqua_registry_wrapper.rs b/src/aqua/aqua_registry_wrapper.rs
@@ -158,5 +158,5 @@ pub fn aqua_suggest(query: &str) -> Vec<String> {
 
 // Re-export types and static for compatibility
 pub use aqua_registry::{
-    AquaChecksum, AquaChecksumType, AquaMinisignType, AquaPackage, AquaPackageType,
+    AquaChecksum, AquaChecksumType, AquaCosign, AquaMinisignType, AquaPackage, AquaPackageType,
 };