Premier’s tag release workflow publishes reproducible platform archives, SPDX SBOMs, GitHub build provenance, an aggregate SHA256SUMS, and a keyless Sigstore bundle for that manifest. A checksum alone detects corruption; the Sigstore certificate binds the manifest to Premier’s GitHub release workflow.

Verify publisher and assets

Install cosign, download the archive plus SHA256SUMS and SHA256SUMS.sigstore.json from the same GitHub Release, then run:

./scripts/verify-release.sh --directory ./downloads

The verifier requires:

  • OIDC issuer https://token.actions.githubusercontent.com
  • certificate identity matching PremierStudio/premier.dev/.github/workflows/release.yml on a version tag
  • every downloaded archive digest to match the authenticated aggregate manifest

It fails closed for a missing bundle, different repository/workflow identity, wrong issuer, modified manifest, missing asset, or changed archive.

Install only after authentication

expected="$(awk '$2 ~ /aarch64-apple-darwin.tar.gz$/ {print $1}' downloads/SHA256SUMS)"
./scripts/install.sh \
  --archive downloads/premier-0.1.0-aarch64-apple-darwin.tar.gz \
  --checksum "$expected" \
  --signature-bundle downloads/premier-0.1.0-aarch64-apple-darwin.tar.gz.sigstore.json

The installer then repeats archive and internal payload integrity checks, validates target architecture and metadata, rejects unsafe archive entries, and installs atomically.

Independent provenance check

GitHub’s artifact attestation can independently connect an archive digest to the release workflow:

gh attestation verify downloads/premier-0.1.0-aarch64-apple-darwin.tar.gz \
  --repo PremierStudio/premier.dev

Sigstore authenticates distribution; macOS Gatekeeper code signing/notarization is a separate platform trust mechanism.