Remove unused MarshalJSON methods

st3penta · st3penta · commit fafc48750a02 · 2025-12-18T14:50:54.000+01:00
Remove MarshalJSON methods from slsaProvenance, slsaProvenanceV1, and provenance types as they are never invoked during JSON serialization. These attestation objects are wrapped in AttestationResult struct, that provides its own structure, so the custom MarshalJSON methods on the inner attestation types are never called by json.Marshal(). The attestation objects themselves are only used internally for policy evaluation and are never directly serialized to JSON in the current codebase. Co-authored-by: Claude Code <noreply@anthropic.com> Ref: https://issues.redhat.com/browse/EC-1581
diff --git a/internal/attestation/attestation.go b/internal/attestation/attestation.go
@@ -166,19 +166,3 @@ func (p provenance) Signatures() []signature.EntitySignature {
 func (p provenance) Subject() []in_toto.Subject {
 	return p.statement.Subject
 }
-
-// Todo: It seems odd that this does not contain the statement.
-// (See also the equivalent method in slsa_provenance_02.go)
-func (p provenance) MarshalJSON() ([]byte, error) {
-	val := struct {
-		Type          string                      `json:"type"`
-		PredicateType string                      `json:"predicateType"`
-		Signatures    []signature.EntitySignature `json:"signatures"`
-	}{
-		Type:          p.Type(),
-		PredicateType: p.PredicateType(),
-		Signatures:    p.Signatures(),
-	}
-
-	return json.Marshal(val)
-}
diff --git a/internal/attestation/attestation_test.go b/internal/attestation/attestation_test.go
@@ -20,7 +20,6 @@ package attestation
 
 import (
 	"crypto/x509"
-	"encoding/json"
 	"fmt"
 	"testing"
 
@@ -277,98 +276,3 @@ func TestProvenance_Subject(t *testing.T) {
 		})
 	}
 }
-
-func TestProvenance_MarshalJSON(t *testing.T) {
-	mockSig1 := signature.EntitySignature{
-		KeyID:     "key1",
-		Signature: "sig1",
-	}
-	mockSig2 := signature.EntitySignature{
-		KeyID:     "key2",
-		Signature: "sig2",
-	}
-
-	tests := []struct {
-		name        string
-		provenance  provenance
-		expectedErr bool
-		validate    func(*testing.T, []byte)
-	}{
-		{
-			name: "marshals successfully with single signature",
-			provenance: provenance{
-				statement: in_toto.Statement{
-					StatementHeader: in_toto.StatementHeader{
-						PredicateType: "https://example.com/predicate/v1",
-					},
-				},
-				signatures: []signature.EntitySignature{mockSig1},
-			},
-			expectedErr: false,
-			validate: func(t *testing.T, data []byte) {
-				var result map[string]interface{}
-				err := json.Unmarshal(data, &result)
-				assert.NoError(t, err)
-				assert.Equal(t, "https://in-toto.io/Statement/v0.1", result["type"])
-				assert.Equal(t, "https://example.com/predicate/v1", result["predicateType"])
-				assert.Len(t, result["signatures"], 1)
-			},
-		},
-		{
-			name: "marshals successfully with multiple signatures",
-			provenance: provenance{
-				statement: in_toto.Statement{
-					StatementHeader: in_toto.StatementHeader{
-						PredicateType: "https://example.com/predicate/v2",
-					},
-				},
-				signatures: []signature.EntitySignature{mockSig1, mockSig2},
-			},
-			expectedErr: false,
-			validate: func(t *testing.T, data []byte) {
-				var result map[string]interface{}
-				err := json.Unmarshal(data, &result)
-				assert.NoError(t, err)
-				assert.Equal(t, "https://in-toto.io/Statement/v0.1", result["type"])
-				assert.Equal(t, "https://example.com/predicate/v2", result["predicateType"])
-				assert.Len(t, result["signatures"], 2)
-			},
-		},
-		{
-			name: "marshals successfully with empty signatures",
-			provenance: provenance{
-				statement: in_toto.Statement{
-					StatementHeader: in_toto.StatementHeader{
-						PredicateType: "https://example.com/predicate/v3",
-					},
-				},
-				signatures: []signature.EntitySignature{},
-			},
-			expectedErr: false,
-			validate: func(t *testing.T, data []byte) {
-				var result map[string]interface{}
-				err := json.Unmarshal(data, &result)
-				assert.NoError(t, err)
-				assert.Equal(t, "https://in-toto.io/Statement/v0.1", result["type"])
-				assert.Equal(t, "https://example.com/predicate/v3", result["predicateType"])
-				assert.Len(t, result["signatures"], 0)
-			},
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			data, err := tt.provenance.MarshalJSON()
-
-			if tt.expectedErr {
-				assert.Error(t, err)
-				return
-			}
-
-			assert.NoError(t, err)
-			if tt.validate != nil {
-				tt.validate(t, data)
-			}
-		})
-	}
-}
diff --git a/internal/attestation/slsa_provenance_02.go b/internal/attestation/slsa_provenance_02.go
@@ -97,21 +97,3 @@ func (a slsaProvenance) Signatures() []signature.EntitySignature {
 func (a slsaProvenance) Subject() []in_toto.Subject {
 	return a.statement.Subject
 }
-
-// Todo: It seems odd that this does not contain the statement.
-// (See also the equivalent method in attestation.go)
-func (a slsaProvenance) MarshalJSON() ([]byte, error) {
-	val := struct {
-		Type               string                      `json:"type"`
-		PredicateType      string                      `json:"predicateType"`
-		PredicateBuildType string                      `json:"predicateBuildType"`
-		Signatures         []signature.EntitySignature `json:"signatures"`
-	}{
-		Type:               a.statement.Type,
-		PredicateType:      a.statement.PredicateType,
-		PredicateBuildType: a.statement.Predicate.BuildType,
-		Signatures:         a.signatures,
-	}
-
-	return json.Marshal(val)
-}
diff --git a/internal/attestation/slsa_provenance_02_test.go b/internal/attestation/slsa_provenance_02_test.go
@@ -330,35 +330,6 @@ func TestSLSAProvenanceFromSignature(t *testing.T) {
 	}
 }
 
-func TestMarshal(t *testing.T) {
-	sig := mockSignature{&mock.Mock{}}
-
-	sig1 := `{"keyid": "ignored-1", "sig": "ignored-1"}`
-	sig2 := `{"keyid": "ignored-2", "sig": "ignored-2"}`
-	payload := encode(`{
-		"_type": "https://in-toto.io/Statement/v0.1",
-		"predicateType": "https://slsa.dev/provenance/v0.2",
-		"predicate": {"buildType": "https://my.build.type"}
-	}`)
-	sig.On("MediaType").Return(types.MediaType(ct.DssePayloadType), nil)
-	sig.On("Uncompressed").Return(buffy(
-		fmt.Sprintf(`{"payload": "%s", "signatures": [%s, %s]}`, payload, sig1, sig2),
-	), nil)
-	sig.On("Base64Signature").Return("sig-from-cert", nil)
-	sig.On("Cert").Return(signature.ParseChainguardReleaseCert(), nil)
-	sig.On("Chain").Return(signature.ParseSigstoreChainCert(), nil)
-
-	att, err := SLSAProvenanceFromSignature(sig)
-
-	require.NoError(t, err)
-
-	j, err := json.Marshal(att)
-
-	require.NoError(t, err)
-
-	snaps.MatchJSON(t, j)
-}
-
 func encode(payload string) string {
 	return base64.StdEncoding.EncodeToString([]byte(payload))
 }
diff --git a/internal/attestation/slsa_provenance_v1.go b/internal/attestation/slsa_provenance_v1.go
@@ -97,21 +97,3 @@ func (a slsaProvenanceV1) Signatures() []signature.EntitySignature {
 func (a slsaProvenanceV1) Subject() []in_toto.Subject {
 	return a.statement.Subject
 }
-
-// Todo: It seems odd that this does not contain the statement.
-// (See also the equivalent method in attestation.go)
-func (a slsaProvenanceV1) MarshalJSON() ([]byte, error) {
-	val := struct {
-		Type               string                      `json:"type"`
-		PredicateType      string                      `json:"predicateType"`
-		PredicateBuildType string                      `json:"predicateBuildType"`
-		Signatures         []signature.EntitySignature `json:"signatures"`
-	}{
-		Type:               a.statement.Type,
-		PredicateType:      a.statement.PredicateType,
-		PredicateBuildType: a.statement.Predicate.BuildDefinition.BuildType,
-		Signatures:         a.signatures,
-	}
-
-	return json.Marshal(val)
-}
diff --git a/internal/attestation/slsa_provenance_v1_test.go b/internal/attestation/slsa_provenance_v1_test.go
@@ -245,43 +245,6 @@ func TestSLSAProvenanceFromSignatureV1(t *testing.T) {
 	}
 }
 
-func TestMarshalV1(t *testing.T) {
-	sig := mockSignature{&mock.Mock{}}
-
-	sig1 := `{"keyid": "ignored-1", "sig": "ignored-1"}`
-	sig2 := `{"keyid": "ignored-2", "sig": "ignored-2"}`
-	payload := encode(`{
-		"_type": "https://in-toto.io/Statement/v0.1",
-		"predicateType": "https://slsa.dev/provenance/v1",
-		"predicate": {
-			"buildDefinition": {
-				"buildType": "https://my.build.type",
-				"externalParameters": {}
-			},
-			"runDetails": {
-				"builder": {"id": "https://my.builder"}
-			}
-		}
-	}`)
-	sig.On("MediaType").Return(types.MediaType(ct.DssePayloadType), nil)
-	sig.On("Uncompressed").Return(buffy(
-		fmt.Sprintf(`{"payload": "%s", "signatures": [%s, %s]}`, payload, sig1, sig2),
-	), nil)
-	sig.On("Base64Signature").Return("sig-from-cert", nil)
-	sig.On("Cert").Return(signature.ParseChainguardReleaseCert(), nil)
-	sig.On("Chain").Return(signature.ParseSigstoreChainCert(), nil)
-
-	att, err := SLSAProvenanceFromSignatureV1(sig)
-
-	require.NoError(t, err)
-
-	j, err := json.Marshal(att)
-
-	require.NoError(t, err)
-
-	snaps.MatchJSON(t, j)
-}
-
 func TestSLSAProvenanceV1_Subject(t *testing.T) {
 	mockSubject1 := in_toto.Subject{
 		Name: "registry.io/example/image@sha256:abc123",
