Merge branch 'main' into timestamp-client-verifier

aaronlew02 · aaronlew02 · commit c80f0e903f79 · 2025-05-16T15:45:14.000-04:00
diff --git a/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java b/sigstore-java/src/main/java/dev/sigstore/TrustedRootProvider.java
@@ -17,6 +17,7 @@
 
 import com.google.common.base.Preconditions;
 import dev.sigstore.trustroot.SigstoreConfigurationException;
+import dev.sigstore.trustroot.SigstoreConfigurationException;
 import dev.sigstore.trustroot.SigstoreTrustedRoot;
 import dev.sigstore.tuf.SigstoreTufClient;
 import java.io.IOException;
@@ -36,6 +37,7 @@
 public interface TrustedRootProvider {
 
   SigstoreTrustedRoot get() throws SigstoreConfigurationException;
+  SigstoreTrustedRoot get() throws SigstoreConfigurationException;
 
   static TrustedRootProvider from(SigstoreTufClient.Builder tufClientBuilder) {
     Preconditions.checkNotNull(tufClientBuilder);
diff --git a/sigstore-java/src/main/java/dev/sigstore/trustroot/SigstoreTrustedRoot.java b/sigstore-java/src/main/java/dev/sigstore/trustroot/SigstoreTrustedRoot.java
@@ -53,8 +53,7 @@ public interface SigstoreTrustedRoot {
   List<CertificateAuthority> getTSAs();
 
   /** Create an instance from an input stream of a json representation of a trustedroot. */
-  static SigstoreTrustedRoot from(InputStream json)
-      throws SigstoreConfigurationException, CertificateException {
+  static SigstoreTrustedRoot from(InputStream json) throws IOException, CertificateException {
     var trustedRootBuilder = TrustedRoot.newBuilder();
     try (var reader = new InputStreamReader(json, StandardCharsets.UTF_8)) {
       JsonFormat.parser().merge(reader, trustedRootBuilder);
@@ -65,8 +64,7 @@ static SigstoreTrustedRoot from(InputStream json)
   }
 
   /** Create an instance from a parsed proto definition of a trustedroot. */
-  static SigstoreTrustedRoot from(TrustedRootOrBuilder proto)
-      throws SigstoreConfigurationException, CertificateException {
+  static SigstoreTrustedRoot from(TrustedRootOrBuilder proto) throws CertificateException {
     List<CertificateAuthority> cas = Lists.newArrayList();
     for (var certAuthority : proto.getCertificateAuthoritiesList()) {
       try {
diff --git a/sigstore-java/src/main/java/dev/sigstore/tuf/SigstoreTufClient.java b/sigstore-java/src/main/java/dev/sigstore/tuf/SigstoreTufClient.java
@@ -160,6 +160,7 @@ public void update()
           NoSuchAlgorithmException,
           InvalidKeySpecException,
           InvalidKeyException {
+          InvalidKeyException {
     if (lastUpdate == null
         || Duration.between(lastUpdate, Instant.now()).compareTo(cacheValidity) > 0) {
       this.forceUpdate();
@@ -174,6 +175,7 @@ public void forceUpdate()
           NoSuchAlgorithmException,
           InvalidKeySpecException,
           InvalidKeyException {
+          InvalidKeyException {
     updater.update();
     lastUpdate = Instant.now();
     var trustedRootBuilder = TrustedRoot.newBuilder();
diff --git a/sigstore-java/src/test/java/dev/sigstore/trustroot/SigstoreTrustedRootTest.java b/sigstore-java/src/test/java/dev/sigstore/trustroot/SigstoreTrustedRootTest.java
@@ -32,10 +32,6 @@ class SigstoreTrustedRootTest {
   private static SigstoreTrustedRoot trustRoot;
 
   @BeforeAll
-  public static void initTrustRoot() throws Exception {
-    trustRoot =
-        SigstoreTrustedRoot.from(
-            Resources.getResource("dev/sigstore/trustroot/trusted_root.json").openStream());
   public static void initTrustRoot() throws Exception {
     trustRoot =
         SigstoreTrustedRoot.from(
