From 09eef967c34d0e3816ed794fd1a15b8004925571 Mon Sep 17 00:00:00 2001
From: laurentsimon <laurentsimon@google.com>
Date: Mon, 9 Oct 2023 16:58:40 +0000
Subject: [PATCH 1/2] update function name

Signed-off-by: laurentsimon <laurentsimon@google.com>
---
 cli/slsa-verifier/main_regression_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cli/slsa-verifier/main_regression_test.go b/cli/slsa-verifier/main_regression_test.go
index ad96602ab..93ae9ce64 100644
--- a/cli/slsa-verifier/main_regression_test.go
+++ b/cli/slsa-verifier/main_regression_test.go
@@ -1674,7 +1674,7 @@ func Test_runVerifyNpmPackage(t *testing.T) {
 			name:      "invalid signature provenance npm CLI",
 			artifact:  "provenance-npm-test-cli-v02-prega-invalidsigprov.tgz",
 			source:    "github.com/laurentsimon/provenance-npm-test",
-			pkgName:   PointerTo("@laurentsimon/provenance-npm-test2"),
+			pkgName:   PointerTo("@laurentsimon/provenance-npm-test"),
 			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
 			err:       serrors.ErrorInvalidSignature,
 		},
@@ -1682,7 +1682,7 @@ func Test_runVerifyNpmPackage(t *testing.T) {
 			name:      "invalid signature publish npm CLI",
 			artifact:  "provenance-npm-test-cli-v02-prega-invalidsigpub.tgz",
 			source:    "github.com/laurentsimon/provenance-npm-test",
-			pkgName:   PointerTo("@laurentsimon/provenance-npm-test2"),
+			pkgName:   PointerTo("@laurentsimon/provenance-npm-test"),
 			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
 			err:       serrors.ErrorInvalidSignature,
 		},

From 806e225f6a076d360bcf8b6276a484e397c01bc0 Mon Sep 17 00:00:00 2001
From: laurentsimon <laurentsimon@google.com>
Date: Mon, 9 Oct 2023 21:25:51 +0000
Subject: [PATCH 2/2] rename vars

Signed-off-by: laurentsimon <laurentsimon@google.com>
---
 verifiers/internal/gha/npm.go                       | 2 +-
 verifiers/internal/gha/npm_test.go                  | 4 ++--
 verifiers/internal/gha/provenance_forgeable.go      | 4 ++--
 verifiers/internal/gha/provenance_forgeable_test.go | 4 ++--
 verifiers/internal/gha/verifier.go                  | 2 +-
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/verifiers/internal/gha/npm.go b/verifiers/internal/gha/npm.go
index e492dcdc3..bc00bbf76 100644
--- a/verifiers/internal/gha/npm.go
+++ b/verifiers/internal/gha/npm.go
@@ -368,7 +368,7 @@ func verifyProvenanceSubjectVersion(b *utils.TrustedBuilderID, att *SignedAttest
 	return nil
 }
 
-func (n *Npm) verifySubjectDigest(expectedHash string) error {
+func (n *Npm) verifyPublishAttestationSubjectDigest(expectedHash string) error {
 	publishSubjects, err := subjectsFromAttestation(n.verifiedPublishAtt)
 	if err != nil {
 		return err
diff --git a/verifiers/internal/gha/npm_test.go b/verifiers/internal/gha/npm_test.go
index e7f45f93e..e9c3d6d4f 100644
--- a/verifiers/internal/gha/npm_test.go
+++ b/verifiers/internal/gha/npm_test.go
@@ -798,7 +798,7 @@ func Test_verifyPackageName(t *testing.T) {
 	}
 }
 
-func Test_verifySubjectDigest(t *testing.T) {
+func Test_verifyPublishAttestationSubjectDigest(t *testing.T) {
 	t.Parallel()
 	ctx := context.Background()
 
@@ -868,7 +868,7 @@ func Test_verifySubjectDigest(t *testing.T) {
 				Envelope: env,
 			}
 
-			err = npm.verifySubjectDigest(tt.hash)
+			err = npm.verifyPublishAttestationSubjectDigest(tt.hash)
 			if !errCmp(err, tt.err) {
 				t.Errorf(cmp.Diff(err, tt.err))
 			}
diff --git a/verifiers/internal/gha/provenance_forgeable.go b/verifiers/internal/gha/provenance_forgeable.go
index f90eb1dbd..bd65b0e25 100644
--- a/verifiers/internal/gha/provenance_forgeable.go
+++ b/verifiers/internal/gha/provenance_forgeable.go
@@ -29,7 +29,7 @@ func verifyProvenanceMatchesCertificate(prov iface.Provenance, workflow *Workflo
 	}
 
 	// Verify subjects.
-	if err := verifySubjectDigestName(prov, "sha512"); err != nil {
+	if err := verifyPublishAttestationSubjectDigestName(prov, "sha512"); err != nil {
 		return err
 	}
 
@@ -63,7 +63,7 @@ func verifyProvenanceMatchesCertificate(prov iface.Provenance, workflow *Workflo
 	return nil
 }
 
-func verifySubjectDigestName(prov iface.Provenance, digestName string) error {
+func verifyPublishAttestationSubjectDigestName(prov iface.Provenance, digestName string) error {
 	subjects, err := prov.Subjects()
 	if err != nil {
 		return err
diff --git a/verifiers/internal/gha/provenance_forgeable_test.go b/verifiers/internal/gha/provenance_forgeable_test.go
index c18fce55b..9d67b45d3 100644
--- a/verifiers/internal/gha/provenance_forgeable_test.go
+++ b/verifiers/internal/gha/provenance_forgeable_test.go
@@ -12,7 +12,7 @@ import (
 	serrors "github.com/slsa-framework/slsa-verifier/v2/errors"
 )
 
-func Test_verifySubjectDigestName(t *testing.T) {
+func Test_verifyPublishAttestationSubjectDigestName(t *testing.T) {
 	t.Parallel()
 	tests := []struct {
 		name       string
@@ -66,7 +66,7 @@ func Test_verifySubjectDigestName(t *testing.T) {
 			prov := &testProvenance{
 				subjects: tt.subject,
 			}
-			if err := verifySubjectDigestName(prov, tt.digestName); !errCmp(err, tt.err) {
+			if err := verifyPublishAttestationSubjectDigestName(prov, tt.digestName); !errCmp(err, tt.err) {
 				t.Errorf(cmp.Diff(err, tt.err))
 			}
 		})
diff --git a/verifiers/internal/gha/verifier.go b/verifiers/internal/gha/verifier.go
index 84f7e636a..bd0082278 100644
--- a/verifiers/internal/gha/verifier.go
+++ b/verifiers/internal/gha/verifier.go
@@ -339,7 +339,7 @@ func (v *GHAVerifier) VerifyNpmPackage(ctx context.Context,
 	}
 
 	// Verify publish subject digest.
-	if err := npm.verifySubjectDigest(provenanceOpts.ExpectedDigest); err != nil {
+	if err := npm.verifyPublishAttestationSubjectDigest(provenanceOpts.ExpectedDigest); err != nil {
 		return nil, nil, err
 	}