Releases: sigstore/sigstore
Releases · sigstore/sigstore
v1.1.0
What's Changed
- Idp specific default flows by @houdini91 in #123
- Bump github.com/aws/aws-sdk-go from 1.42.1 to 1.42.2 by @dependabot in #139
- Bump github.com/aws/aws-sdk-go from 1.42.2 to 1.42.3 by @dependabot in #140
- Bump github.com/google/go-containerregistry from 0.6.0 to 0.7.0 by @dependabot in #142
- Bump github.com/aws/aws-sdk-go from 1.42.3 to 1.42.4 by @dependabot in #143
- expose
innerWrapper
asVerifierAdapter
by @dekkagaijin in #144 - also expose the wrapped verifier in
VerifierAdapter
by @dekkagaijin in #145 - Bump github.com/aws/aws-sdk-go from 1.42.4 to 1.42.5 by @dependabot in #147
- Feat : Fuzzing by @naveensrinivasan in #146
- Linter - Included linter check for doc rules by @naveensrinivasan in #148
- Bump github.com/aws/aws-sdk-go from 1.42.5 to 1.42.7 by @dependabot in #150
- update deps by @dekkagaijin in #151
- Bump github.com/aws/aws-sdk-go from 1.42.8 to 1.42.9 by @dependabot in #152
- Move the ssh signing/verification utilities to sigstore from rekor. by @dlorenc in #141
- Bump github.com/aws/aws-sdk-go from 1.42.9 to 1.42.10 by @dependabot in #153
- Fix revive lint warnings. by @dlorenc in #156
- Included fuzzing for more cryptoutils by @naveensrinivasan in #157
- Bump github.com/aws/aws-sdk-go from 1.42.10 to 1.42.11 by @dependabot in #161
- hack: add hack/tools to hold non required dependencies/tools for the project by @cpanato in #159
- update lint action by @dekkagaijin in #155
- Fuzzing password and some signature API by @naveensrinivasan in #160
- Bump github.com/aws/aws-sdk-go from 1.42.11 to 1.42.12 by @dependabot in #162
- Bump github.com/Azure/azure-sdk-for-go from 59.3.0+incompatible to 59.4.0+incompatible by @dependabot in #163
- Docs for Fuzzing by @naveensrinivasan in #165
- Fuzzing - Included RSA Targets by @naveensrinivasan in #164
- Bump github.com/aws/aws-sdk-go from 1.42.12 to 1.42.14 by @dependabot in #166
- Clean up lint errors by @bobcallaway in #167
- Included fuzz badge by @naveensrinivasan in #168
- Included CIFuzz by @naveensrinivasan in #169
- Bump github.com/aws/aws-sdk-go from 1.42.14 to 1.42.15 by @dependabot in #171
- Fuzzing for RSAPASS by @naveensrinivasan in #170
- Bump github.com/aws/aws-sdk-go from 1.42.15 to 1.42.16 by @dependabot in #174
- Upgraded go-securesystemslib from 0.1.0 to 0.2.0 by @naveensrinivasan in #178
- Bump github.com/aws/aws-sdk-go from 1.42.16 to 1.42.17 by @dependabot in #176
- Additional corpus for ecdsa and ed25519 by @naveensrinivasan in #177
- Fuzz testing DSSE by @naveensrinivasan in #173
- Bump github.com/aws/aws-sdk-go from 1.42.17 to 1.42.18 by @dependabot in #180
- Bump github.com/Azure/azure-sdk-for-go from 59.4.0+incompatible to 60.0.0+incompatible by @dependabot in #179
- Updatathon by @dekkagaijin in #181
- Bump github.com/ReneKroon/ttlcache/v2 from 2.9.0 to 2.10.0 by @dependabot in #184
- Bump github.com/aws/aws-sdk-go from 1.42.19 to 1.42.20 by @dependabot in #187
- Bump actions/upload-artifact from 2.2.4 to 2.3.0 by @dependabot in #185
- bump github.com/secure-systems-lab/go-securesystemslib to v0.3.0 by @dekkagaijin in #189
- bump the rest of the deps by @dekkagaijin in #190
- fix wrong return value in error case by @bobcallaway in #192
- Bump github.com/aws/aws-sdk-go from 1.42.20 to 1.42.21 by @dependabot in #194
- Bump github.com/aws/aws-sdk-go from 1.42.21 to 1.42.22 by @dependabot in #195
- Bump github.com/Azure/azure-sdk-for-go from 60.0.0+incompatible to 60.1.0+incompatible by @dependabot in #196
- Fuzz - Fixes nil data by @naveensrinivasan in #197
- Bump github.com/aws/aws-sdk-go from 1.42.22 to 1.42.23 by @dependabot in #201
- Bump actions/upload-artifact from 2.3.0 to 2.3.1 by @dependabot in #202
- Bump github.com/Azure/azure-sdk-for-go from 60.1.0+incompatible to 60.2.0+incompatible by @dependabot in #204
- Dsse multi signature wrapper by @houdini91 in #203
- Bump github.com/ReneKroon/ttlcache/v2 from 2.10.0 to 2.11.0 by @dependabot in #206
- Bump github.com/aws/aws-sdk-go from 1.42.23 to 1.42.24 by @dependabot in #207
- Bump github.com/aws/aws-sdk-go from 1.42.24 to 1.42.25 by @dependabot in #208
- Bump github.com/hashicorp/vault/api from 1.3.0 to 1.3.1 by @dependabot in #209
- Bump github.com/Azure/azure-sdk-for-go from 60.2.0+incompatible to 60.3.0+incompatible by @dependabot in #210
- Fuzz- Fixes the invalid UTF-8 string for DSSE by @naveensrinivasan in #212
New Contributors
- @houdini91 made their first contribution in #123
Full Changelog: v1.0.1...v1.1.0
v1.0.1
What's Changed
- Make SimpleContainerImage struct accesible for tekton chains by @priyawadhwa in #124
- (fix): Fix vault integration to work with rotated keys by @rjbrown57 in #125
- Create dependabot.yml by @naveensrinivasan in #127
- Fix the azure KMS provider by @dlorenc in #126
- Bump actions/checkout from 2.3.4 to 2.4.0 by @dependabot in #128
- Bump github.com/go-test/deep from 1.0.7 to 1.0.8 by @dependabot in #129
- Bump github.com/aws/aws-sdk-go from 1.40.7 to 1.41.19 by @dependabot in #130
- Bump cloud.google.com/go from 0.88.0 to 0.97.0 by @dependabot in #134
- Bump github.com/ReneKroon/ttlcache/v2 from 2.7.0 to 2.9.0 by @dependabot in #132
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.1.0 by @dependabot in #133
- Bump github.com/google/go-containerregistry from 0.5.1 to 0.6.0 by @dependabot in #135
- Bump github.com/hashicorp/vault/api from 1.1.1 to 1.3.0 by @dependabot in #131
- Bump github.com/aws/aws-sdk-go from 1.41.19 to 1.42.0 by @dependabot in #136
- Bump github.com/aws/aws-sdk-go from 1.42.0 to 1.42.1 by @dependabot in #137
New Contributors
- @rjbrown57 made their first contribution in #125
- @naveensrinivasan made their first contribution in #127
- @dependabot made their first contribution in #128
Full Changelog: v1.0.0...v1.0.1
v1.0.0
What's Changed
- Missed a couple of renames by @lukehinds in #1
- User can use toml config for cert details by @lukehinds in #2
- OIDC by @lukehinds in #3
- readme, gitignore by @lukehinds in #4
- Project Rename by @lukehinds in #5
- Project refactor in prep for rewrite by @lukehinds in #7
- Key generation code by @lukehinds in #9
- Fix lint errors by @lukehinds in #12
- Set up CI by @lukehinds in #11
- Return PubK in correct type by @lukehinds in #13
- Client port by @lukehinds in #14
- Return the response so we can handle specific status codes by @lukehinds in #15
- Bind flags with PreRun by @lukehinds in #18
- Rename clients by @lukehinds in #20
- Implements file MIME checking by @lukehinds in #21
- Delete DS_Store by @lukehinds in #22
- Implement rekor log entry by @lukehinds in #23
- Update copyright statement by @dekkagaijin in #25
- Device flow! by @dlorenc in #24
- Add
signature
library by @dekkagaijin in #26 - Add Security Section by @lukehinds in #29
- cmd: add version command by @cpanato in #31
- Rename signature payloads to be more descriptive for users by @dekkagaijin in #32
- Use
crypto.PublicKey
in favor of*ecdsa.PublicKey
by @dekkagaijin in #33 - remove Ed25519 until we can make it work sanely with Rekor by @dekkagaijin in #34
- Signers should return the payloads which were actually signed by @dekkagaijin in #35
- update boilerplate header and apply go fmt by @cpanato in #37
- ci/boilerplate: fix bolierplate check by @cpanato in #39
- go: update go version to use 1.16.x by @cpanato in #36
- Move kms package from cosign to sigstore by @priyawadhwa in #41
- Leverage the
signature
package for signing by @dekkagaijin in #38 - Implement code owners by @lukehinds in #40
- use RSA-PSS instead of RSA-PKCS#1 v1.5 signature scheme by @dekkagaijin in #43
- feat: add vault transit kms engine by @RichiCoder1 in #44
- Bump the rekor dependency. by @dlorenc in #47
- Allow specifying the full key version. by @dlorenc in #45
- some vault fixes by @RichiCoder1 in #49
- Better define sigstores purpose by @lukehinds in #52
- remove optional algorithm; ensure CI and Makefile are correct by @bobcallaway in #57
- log error message but continue with OAuth2 flow if browser auto-open … by @bobcallaway in #56
- change to rekor.sigstore.dev by @bobcallaway in #60
- remove gosec since it is handled by golangci-lint by @bobcallaway in #58
- Add support for ed25519 based keys by @priyawadhwa in #51
- Bump rekor for the new API changes. by @dlorenc in #61
- Move all rekor code to tlog by @lukehinds in #63
- Refact key tlog by @lukehinds in #65
- Add support for static identity tokens supplied directly by the caller. by @dlorenc in #64
- enable transit secret engine at another path by @developer-guy in #67
- Refactor IDToken handling to support claims based on fields other tha… by @dlorenc in #68
- cert.Subject is not populated, return serial instead by @lukehinds in #71
- Allow the OOB authentication flow when we can't open a browser. by @dlorenc in #62
- convert signature library to implement crypto.Signer interface by @bobcallaway in #69
- use new path to GetRekorClient by @bobcallaway in #73
- Fix for Error: error during PEM decoding by @lukehinds in #78
- Use
output
to save client cert file locally by @lukehinds in #79 - Add formatted URL for rekor entry by @lukehinds in #80
- Add PublicKeyProvider interface by @bobcallaway in #75
- Bump rekor. by @dlorenc in #82
- Also output the signature if required by @lukehinds in #83
- filehandler: add application/x-executable to supported mimetype by @cpanato in #84
- stop using signerverifier to get access to publickeyprovider by @bobcallaway in #85
- compute crc over digest instead of message by @bobcallaway in #86
- We should use the client ID from the oauth config, not viper. by @dlorenc in #87
- Don't use pointers for ed25519 keys by @dekkagaijin in #88
- AWS KMS Support by @codysoyland in #74
- Remove
cmd/
, clean up unused code by @dekkagaijin in #90 - Remove
pkg/tlog
, rungo mod tidy
by @dekkagaijin in #91 - update go modules, run
go mod tidy
by @dekkagaijin in #94 - update github actions to latest versions by @dekkagaijin in #93
- change in-memory signers to implement crypto.Signer by @bobcallaway in #92
- Add initial Azure KMS support by @cpanato in #76
- Remove
pkg/util
directory by @dekkagaijin in #95 - Implement wrappers/converters for the DSSE signing spec. by @dlorenc in #96
- Add tests for
pkg/cryptoutils
by @dekkagaijin in #99 - More
pkg/cryptoutils
tests, add a generator for ECDSA keypairs by @dekkagaijin in #100 - ENCRYPTED COSIGN PRIVATE KEY -> ENCRYPTED SIGSTORE PRIVATE KEY by @dekkagaijin in #101
- remove fulcio client code by @dekkagaijin in #103
- small update in the makefile by @cpanato in #105
- default to P-256 curve again by @dekkagaijin in #106
- Add missing code of conduct (stock sigstore one) by @lukehinds in #107
- leverage Vault token helpers approach while obtaining Vault token by @developer-guy in #104
- Transit backend path is hardcoded for some operations of the KMS Vault client by @LeSuisse in #102
- Switch DSSE provider to go-securesystemslib by @adityasaky in #111
- pass by reference instead of pointer so correct redirect_uri is known by @bobcallaway in #114
- Pin localstack in e2e tests (fixes #112) by @codysoyland in #115
- Fix typo/readability by @ocdtrekkie in #116
- Modularise CI by @lukehinds in #118
- Update readme in anticipation of 1.0 by @lukehinds in #119
- Integration tests for dex / OIDConnect by @lukehinds in #110
- Change redirect listener to use ephemeral port by @bobcallaway in #120
New Contributors
- @lukehinds made their first contribution in #1
- @dekkagaijin made their first contribution in #25
- @dlorenc made their first contribution in #24
- @cpanato made their first contribution in #31
- @priyawadhwa made their first contribution in #41
- @RichiCoder1 made their first contribution in #44
- @bobcallaway made their first contribut...