pub fn verify(
wasm_path: &Path,
trust_root: Option<&Path>,
sig_path: Option<&Path>,
) -> Result<VerifyReport, String>Expand description
Verify a local plugin artefact already on disk (a pre-deploy / audit check,
distinct from install): compute its SHA-256 and, when a trust root is
given, check its Ed25519 signature. The signature is read from sig_path,
or a <name>.sig sidecar next to the artefact (the convention the loader
uses: path.with_extension("sig")).