Skip to content

v0.5.0
Compare
Choose a tag to compare
@sigstore-bot sigstore-bot released this 04 Feb 12:52
· 1322 commits to main since this release
v0.5.0
09ecf71
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Highlights

  • Add Rekor logo to README (#650)
  • update API calls to v5 (#591)
  • Refactor helm type to remove intermediate state. (#575)
  • Refactor the shard map parsing so we can pass it down into the API object. (#564)
  • Refactor the alpine type to reduce intermediate state. (#573)

Enhancements

  • Add logic to GET artifacts via old or new UUID (#587)
  • helpful error message for hashedrekord types (#605)
  • Set Accept header in dynamic counter requests (#594)
  • Add sharding package and update validators (#583)
  • rekor-cli: show the url in case of error (#581)
  • Enable parsing of incomplete minisign keys, to enable re-indexing. (#567)
  • Cleanups on the TUF pluggable type. (#563)
  • Refactor the RPM type to remove more intermediate state. (#566)
  • Do some cleanups of the jar type to remove intermediate state. (#561)

Others

  • Update Makefile (#621)
  • update version comments since dependabot doesn't do it (#617)
  • Use workload identity provider instead of GitHub Secret for GCR access (#600)
  • add OSSF scorecard action (#599)
  • enable the sbom for rekor releases (#586)
  • Point to the official website (instead of a 404) (#580)
  • add milestone to closed prs (#574)
  • Add a Makefile target for the "ko apply" step. (#572)
  • types/README.md: Corrected documentation link (#568)

Dependencies Updates

  • Bump github.com/prometheus/client_golang from 1.12.0 to 1.12.1 (#636)
  • Bump github.com/go-openapi/runtime from 0.21.1 to 0.22.0 (#635)
  • Bump github.com/go-openapi/swag from 0.19.15 to 0.20.0 (#634)
  • Bump golang from f71d4ca to 301609e (#627)
  • Bump golang from 0fa6504 to f71d4ca (#624)
  • Bump google.golang.org/grpc from 1.43.0 to 1.44.0 (#622)
  • Bump github/codeql-action from 1.0.29 to 1.0.30 (#619)
  • Bump ossf/scorecard-action from 1.0.1 to 1.0.2 (#618)
  • bump swagger and go mod tidy (#616)
  • Bump github.com/go-openapi/runtime from 0.21.0 to 0.21.1 (#614)
  • Bump github.com/go-openapi/errors from 0.20.1 to 0.20.2 (#613)
  • Bump google-github-actions/auth from 0.4.4 to 0.5.0 (#612)
  • Bump github/codeql-action from 1.0.28 to 1.0.29 (#611)
  • Bump gopkg.in/ini.v1 from 1.66.2 to 1.66.3 (#608)
  • Bump github.com/google/go-cmp from 0.5.6 to 0.5.7 (#609)
  • Update github/codeql-action requirement to 8a4b243fbf9a03a93e93a71c1ec257347041f9c4 (#606)
  • Bump github.com/prometheus/client_golang from 1.11.0 to 1.12.0 (#607)
  • Bump ossf/scorecard-action from 0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a to 1.0.1 (#603)
  • Bump goreleaser/goreleaser-action from 2.8.0 to 2.8.1 (#602)
  • Bump golang from 8c0269d to 0fa6504 (#597)
  • Pin dependencies in github action workflows and Dockerfile (#595)
  • update release image to use go 1.17.6 (#589)
  • Bump golang from 1.17.5 to 1.17.6 (#588)
  • Bump go.uber.org/goleak from 1.1.11 to 1.1.12 (#585)
  • Bump go.uber.org/zap from 1.19.1 to 1.20.0 (#584)
  • Bump github.com/go-playground/validator/v10 from 10.9.0 to 10.10.0 (#579)
  • Bump actions/github-script from 4 to 5 (#577)

Contributors

New Contributors

Thanks to all contributors!

Full Changelog: v0.4.0...v0.5.0

Contributors

imjasonh, sylvestre, and 9 other contributors
Assets 70
Loading