Make config function name consistent (#208)

Rename the WithoutAnyObserverTimestampsInsecure config function to
WithoutAnyObserverTimestampsUnsafe to make it consistent with other
*Unsafe functions in the code base.

Signed-off-by: Colleen Murphy <[email protected]>

cmd/conformance/main.go

@@ -295,7 +295,7 @@ func main() {
 		tr := getTrustedRoot(staging)
 
 		verifierConfig := []verify.VerifierOption{}
-		verifierConfig = append(verifierConfig, verify.WithoutAnyObserverTimestampsInsecure(), verify.WithSignedCertificateTimestamps(1))
+		verifierConfig = append(verifierConfig, verify.WithoutAnyObserverTimestampsUnsafe(), verify.WithSignedCertificateTimestamps(1))
 		if len(tr.RekorLogs()) > 0 {
 			verifierConfig = append(verifierConfig, verify.WithOnlineVerification())
 		}

pkg/verify/signed_entity.go

@@ -186,7 +186,7 @@ func WithSignedCertificateTimestamps(threshold int) VerifierOption {
 	}
 }
 
-// WithoutAnyObserverTimestampsInsecure configures the SignedEntityVerifier to not expect
+// WithoutAnyObserverTimestampsUnsafe configures the SignedEntityVerifier to not expect
 // any timestamps from either a Timestamp Authority or a Transparency Log.
 //
 // A SignedEntity without a trusted "observer" timestamp to verify the attached
@@ -195,7 +195,7 @@ func WithSignedCertificateTimestamps(threshold int) VerifierOption {
 // Do not enable this if you don't know what you are doing; as the name implies,
 // using it defeats part of the security guarantees offered by Sigstore. This
 // option is only useful for testing.
-func WithoutAnyObserverTimestampsInsecure() VerifierOption {
+func WithoutAnyObserverTimestampsUnsafe() VerifierOption {
 	return func(c *VerifierConfig) error {
 		c.weDoNotExpectAnyObserverTimestamps = true
 		return nil
@@ -205,7 +205,7 @@ func WithoutAnyObserverTimestampsInsecure() VerifierOption {
 func (c *VerifierConfig) Validate() error {
 	if !c.requireObserverTimestamps && !c.weExpectSignedTimestamps && !c.requireIntegratedTimestamps && !c.weDoNotExpectAnyObserverTimestamps {
 		return errors.New("when initializing a new SignedEntityVerifier, you must specify at least one of " +
-			"WithObserverTimestamps(), WithSignedTimestamps(), WithIntegratedTimestamps(), or WithoutAnyObserverTimestampsInsecure()")
+			"WithObserverTimestamps(), WithSignedTimestamps(), WithIntegratedTimestamps(), or WithoutAnyObserverTimestampsUnsafe()")
 	}
 
 	return nil

pkg/verify/signed_entity_test.go

@@ -39,7 +39,7 @@ func TestSignedEntityVerifierInitialization(t *testing.T) {
 	assert.Nil(t, err)
 
 	// unless we are really sure we want a verifier without either tlog or tsa
-	_, err = verify.NewSignedEntityVerifier(tr, verify.WithoutAnyObserverTimestampsInsecure())
+	_, err = verify.NewSignedEntityVerifier(tr, verify.WithoutAnyObserverTimestampsUnsafe())
 	assert.Nil(t, err)
 
 	// can configure the verifiers with thresholds
@@ -67,7 +67,7 @@ func TestSignedEntityVerifierInitRequiresTimestamp(t *testing.T) {
 	assert.NoError(t, err)
 	_, err = verify.NewSignedEntityVerifier(tr, verify.WithTransparencyLog(1), verify.WithObserverTimestamps(1))
 	assert.NoError(t, err)
-	_, err = verify.NewSignedEntityVerifier(tr, verify.WithTransparencyLog(1), verify.WithoutAnyObserverTimestampsInsecure())
+	_, err = verify.NewSignedEntityVerifier(tr, verify.WithTransparencyLog(1), verify.WithoutAnyObserverTimestampsUnsafe())
 	assert.NoError(t, err)
 }
 
@@ -106,7 +106,7 @@ func TestEntitySignedByPublicGoodWithoutTimestampsVerifiesSuccessfully(t *testin
 	tr := data.PublicGoodTrustedMaterialRoot(t)
 	entity := data.SigstoreJS200ProvenanceBundle(t)
 
-	v, err := verify.NewSignedEntityVerifier(tr, verify.WithoutAnyObserverTimestampsInsecure())
+	v, err := verify.NewSignedEntityVerifier(tr, verify.WithoutAnyObserverTimestampsUnsafe())
 	assert.NoError(t, err)
 
 	res, err := v.Verify(entity, SkipArtifactAndIdentitiesPolicy)