diff --git a/README.md b/README.md index 1f62a72..a6cfddc 100644 --- a/README.md +++ b/README.md @@ -17,8 +17,8 @@ python -m pip install pypi-attestation-models ## Usage as a command line tool ````bash -python -m pypi_attestation_models --help -usage: pypi-attestation-models [-h] [-v] [-V] COMMAND ... +python -m pypi_attestations --help +usage: pypi-attestation [-h] [-v] [-V] COMMAND ... Sign, inspect or verify PEP 740 attestations @@ -30,7 +30,7 @@ positional arguments: options: -h, --help show this help message and exit - -v, --verbose run with additional debug logging; supply multiple times to + -v, --verbose run with additional debug logging; supply multiple times to increase verbosity (default: 0) -V, --version show program's version number and exit ```` @@ -40,29 +40,29 @@ options: ```bash # Generate a whl file make package -python -m pypi_attestation_models sign dist/pypi_attestation_models-*.whl +python -m pypi_attestations sign dist/pypi_attestations-*.whl ``` -_Note_: This will open a browser window to authenticate with the Sigstore +_Note_: This will open a browser window to authenticate with the Sigstore OAuth flow. ### Inspecting a PEP 740 Attestation ```bash -python -m pypi_attestation_models inspect dist/pypi_attestation_models-*.whl.publish.attestation +python -m pypi_attestations inspect dist/pypi_attestations-*.whl.publish.attestation ``` -_Warning_: Inspecting does not mean verifying. It only prints the structure of +_Warning_: Inspecting does not mean verifying. It only prints the structure of the attestation. ### Verifying a PEP 740 Attestation ```bash -python -m pypi_attestation_models verify --staging \ +python -m pypi_attestations verify --staging \ --identity william@yossarian.net \ test/assets/rfc8785-0.1.2-py3-none-any.whl ``` -The attestation present in the test has been generated using the staging -environment of Sigstore and signed by William. +The attestation present in the test has been generated using the staging +environment of Sigstore and signed by William. ## Usage as a library @@ -76,7 +76,7 @@ Use these APIs to create a PEP 740-compliant `Attestation` object by signing a P ```python from pathlib import Path -from pypi_attestation_models import Attestation +from pypi_attestations import Attestation from sigstore.oidc import Issuer from sigstore.sign import SigningContext from sigstore.verify import Verifier, policy @@ -106,7 +106,7 @@ by signing a distribution file. ```python from pathlib import Path -from pypi_attestation_models import Attestation +from pypi_attestations import Attestation from sigstore.models import Bundle # Sigstore Bundle -> PEP 740 Attestation object diff --git a/src/pypi_attestations/_cli.py b/src/pypi_attestations/_cli.py index 0ee91fd..ddff7e0 100644 --- a/src/pypi_attestations/_cli.py +++ b/src/pypi_attestations/_cli.py @@ -36,7 +36,7 @@ def _parser() -> argparse.ArgumentParser: ) parser = argparse.ArgumentParser( - prog="pypi-attestations", + prog="python -m pypi_attestations", description="Sign, inspect or verify PEP 740 attestations", parents=[parent_parser], formatter_class=argparse.ArgumentDefaultsHelpFormatter,