From aab02b1946c24bf401477ddc83d67e316b9e5676 Mon Sep 17 00:00:00 2001
From: Appu Goundan <appu@google.com>
Date: Thu, 14 Sep 2023 09:39:09 -0400
Subject: [PATCH] Update conformance tests

Signed-off-by: Appu Goundan <appu@google.com>
---
 .github/workflows/conformance.yml                       | 2 +-
 sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml
index cd125a345..50a04ffd4 100644
--- a/.github/workflows/conformance.yml
+++ b/.github/workflows/conformance.yml
@@ -31,6 +31,6 @@ jobs:
       - name: Unpack sigstore-java distribution
         run: tar -xvf ${{ github.workspace }}/sigstore-cli/build/distributions/sigstore-cli-*.tar --strip-components 1
 
-      - uses: sigstore/sigstore-conformance@064fb32a890c30235f305281f3509c5e65e6f9e5 # tag=v0.0.4
+      - uses: sigstore/sigstore-conformance@1abc82cdefe80bd907855d8447f903ba8b4918e0 # v0.0.6
         with:
           entrypoint: ${{ github.workspace }}/bin/sigstore-cli
diff --git a/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java b/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java
index 5dd47fb42..45741f0b5 100644
--- a/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java
+++ b/sigstore-cli/src/main/java/dev/sigstore/cli/Verify.java
@@ -36,7 +36,10 @@
 import picocli.CommandLine.Option;
 import picocli.CommandLine.Parameters;
 
-@Command(name = "verify", description = "verify an artifact")
+@Command(
+    name = "verify",
+    aliases = {"verify-bundle"},
+    description = "verify an artifact")
 public class Verify implements Callable<Integer> {
   @Parameters(arity = "1", paramLabel = "<artifact>", description = "artifact to verify")
   Path artifact;
@@ -65,6 +68,7 @@ static class Policy {
   public Integer call() throws Exception {
     byte[] digest = asByteSource(artifact.toFile()).hash(Hashing.sha256()).asBytes();
     KeylessSignature keylessSignature = null;
+
     if (signatureFiles.sigAndCert != null) {
       byte[] signature = Files.readAllBytes(signatureFiles.sigAndCert.signatureFile);
       CertPath certPath =