From d67e7c1da7993d9c4da59b0ab0084a4e2f065b25 Mon Sep 17 00:00:00 2001
From: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Date: Sun, 30 Apr 2023 18:48:41 -0700
Subject: [PATCH] feat: npm: Make package name and version mandatory for
 verification (#576)

Signed-off-by: laurentsimon <laurentsimon@google.com>
Co-authored-by: Ian Lewis <ianlewis@google.com>
---
 cli/slsa-verifier/verify/options.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cli/slsa-verifier/verify/options.go b/cli/slsa-verifier/verify/options.go
index d8b4056..fe12294 100644
--- a/cli/slsa-verifier/verify/options.go
+++ b/cli/slsa-verifier/verify/options.go
@@ -118,6 +118,8 @@ func (o *VerifyNpmOptions) AddFlags(cmd *cobra.Command) {
 
 	cmd.MarkFlagRequired("source-uri")
 	cmd.MarkFlagRequired("builder-id")
+	cmd.MarkFlagRequired("package-name")
+	cmd.MarkFlagRequired("package-version")
 	cmd.MarkFlagsMutuallyExclusive("source-versioned-tag", "source-tag")
 }