Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
R
rekor
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
SafSec
rekor
Commits
20e3bb71
Unverified
Commit
20e3bb71
authored
3 years ago
by
Carlos Tadeu Panato Junior
Committed by
GitHub
3 years ago
Browse files
Options
Downloads
Patches
Plain Diff
add changelog for v0.4.0 (#537)
Signed-off-by:
Carlos Panato
<
ctadeu@gmail.com
>
parent
790a0b20
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
CHANGELOG.md
+139
-0
139 additions, 0 deletions
CHANGELOG.md
with
139 additions
and
0 deletions
CHANGELOG.md
0 → 100644
+
139
−
0
View file @
20e3bb71
# v0.4.0
## Highlights
*
Adds hashed rekord type that can be used to upload signatures along with the hashed content signed (https://github.com/sigstore/rekor/pull/501)
## Enhancements
*
Update the schema to match that of Trillian repo. The map specific (https://github.com/sigstore/rekor/pull/528)
*
allow setting the user-agent string sent from the client (https://github.com/sigstore/rekor/pull/521)
*
update key usage for ts cert (https://github.com/sigstore/rekor/pull/504)
*
api/index/retrieve: allow searching on indicies with sha1 hashes (https://github.com/sigstore/rekor/pull/499)
*
Only include Attestation data if attestation storage enabled (https://github.com/sigstore/rekor/pull/494)
*
Fuzzing RequestFromRekor API (https://github.com/sigstore/rekor/pull/488)
*
Included pprof for profiling the application. (https://github.com/sigstore/rekor/pull/485)
*
refactor release and add signing (https://github.com/sigstore/rekor/pull/483)
*
More verbose error message for redis connection failure (https://github.com/sigstore/rekor/pull/479) (https://github.com/sigstore/rekor/pull/480)
*
Fixed modtime for reproducible goreleaser (https://github.com/sigstore/rekor/pull/473)
*
add goreleaser and cloudbuild for releases (https://github.com/sigstore/rekor/pull/443)
*
Add dynamic JS tree size counter (https://github.com/sigstore/rekor/pull/468)
*
check that entry UUID == leafHash of returned entry (https://github.com/sigstore/rekor/pull/469)
*
chore: upgrade cosign version (https://github.com/sigstore/rekor/pull/465)
*
Reproducible builds with trimpath (https://github.com/sigstore/rekor/pull/464)
*
correct links, add Table of Contents of sorts (https://github.com/sigstore/rekor/pull/449)
*
update go tuf for rsa key impl (https://github.com/sigstore/rekor/pull/446)
*
Canonicalize JSON before inserting into trillian (https://github.com/sigstore/rekor/pull/445)
*
Export search UUIDs field (https://github.com/sigstore/rekor/pull/438)
*
Add a flag to start specifying log index ranges for virtual indices. (https://github.com/sigstore/rekor/pull/435)
*
Cleanup some initialization/flag parsing in rekor-server. (https://github.com/sigstore/rekor/pull/433)
*
Drop 404 errors down to a warning. (https://github.com/sigstore/rekor/pull/426)
*
Cleanup the output of search (the text goes to stderr not stdout). (https://github.com/sigstore/rekor/pull/421)
*
remove extradata field from types (https://github.com/sigstore/rekor/pull/418)
*
Update usage of ./cmd/rekor-cli/ from
`rekor`
to
`rekor-cli`
(https://github.com/sigstore/rekor/pull/417)
*
Add TUF type (https://github.com/sigstore/rekor/pull/383)
*
Updates to INSTALLATION.md notes (https://github.com/sigstore/rekor/pull/415)
*
Update snippets to use
`console`
type for snippets (https://github.com/sigstore/rekor/pull/410)
*
version: add way to display a version when using go get or go install (https://github.com/sigstore/rekor/pull/405)
*
Use an in memory timestamping key (https://github.com/sigstore/rekor/pull/402)
*
Links are case sensitive (https://github.com/sigstore/rekor/pull/401)
*
Installation guide (https://github.com/sigstore/rekor/pull/400)
*
Add a SignedTimestampNote (https://github.com/sigstore/rekor/pull/397)
*
Provide instructions on verifying releases (https://github.com/sigstore/rekor/pull/399)
*
rekor-server: add html page when humans reach the server via the browser (https://github.com/sigstore/rekor/pull/394)
*
use go modules to track tools (https://github.com/sigstore/rekor/pull/395)
## Bug Fixes
*
fix timestamp addition and unmarshal (https://github.com/sigstore/rekor/pull/525)
*
Correct & parallelize tests (https://github.com/sigstore/rekor/pull/522)
*
Fix fuzz go.sum issue (https://github.com/sigstore/rekor/pull/509)
*
fix validation error (https://github.com/sigstore/rekor/pull/503)
*
Correct Helm index keys (https://github.com/sigstore/rekor/pull/474)
*
Fix a bug in x509 certificate handling. (https://github.com/sigstore/rekor/pull/461)
*
Fix a conflict from parallel dependabot merges. (https://github.com/sigstore/rekor/pull/456)
*
fix tuf metadata marshalling (https://github.com/sigstore/rekor/pull/447)
*
Switch DSSE provider to go-securesystemslib (https://github.com/sigstore/rekor/pull/442)
*
fix unmarshalling sth (https://github.com/sigstore/rekor/pull/409)
*
Fix port flag override (https://github.com/sigstore/rekor/pull/396)
*
makefile: small fix on the makefile for the rekor-server (https://github.com/sigstore/rekor/pull/393)
## Dependencies Updates
*
Bump github.com/spf13/viper from 1.9.0 to 1.10.0 (https://github.com/sigstore/rekor/pull/531)
*
Bump sigstore/cosign-installer from 1.3.1 to 1.4.1 (https://github.com/sigstore/rekor/pull/530)
*
Bump the DSSE signing library. (https://github.com/sigstore/rekor/pull/529)
*
Bump golang from 1.17.4 to 1.17.5 (https://github.com/sigstore/rekor/pull/527)
*
Bump golang from 1.17.3 to 1.17.4 (https://github.com/sigstore/rekor/pull/523)
*
Bump gopkg.in/ini.v1 from 1.66.0 to 1.66.2 (https://github.com/sigstore/rekor/pull/520)
*
Bump github.com/mitchellh/mapstructure from 1.4.2 to 1.4.3 (https://github.com/sigstore/rekor/pull/517)
*
Bump github.com/secure-systems-lab/go-securesystemslib (https://github.com/sigstore/rekor/pull/516)
*
Bump gopkg.in/ini.v1 from 1.64.0 to 1.66.0 (https://github.com/sigstore/rekor/pull/513)
*
Upgraded go-playground/validator module to v10 (https://github.com/sigstore/rekor/pull/507)
*
Bump gopkg.in/ini.v1 from 1.63.2 to 1.64.0 (https://github.com/sigstore/rekor/pull/495)
*
Bump github.com/go-openapi/strfmt from 0.21.0 to 0.21.1 (https://github.com/sigstore/rekor/pull/510)
*
Bump the trillian import to v1.4.0. (https://github.com/sigstore/rekor/pull/502)
*
Bump the trillian versions to v1.4.0 in our docker-compose setup. (https://github.com/sigstore/rekor/pull/500)
*
update go.mod for go-fuzz (https://github.com/sigstore/rekor/pull/496)
*
Bump sigstore/cosign-installer from 1.3.0 to 1.3.1 (https://github.com/sigstore/rekor/pull/491)
*
Bump golang from 1.17.2 to 1.17.3 (https://github.com/sigstore/rekor/pull/482)
*
Bump google.golang.org/grpc from 1.41.0 to 1.42.0 (https://github.com/sigstore/rekor/pull/478)
*
Bump actions/checkout from 2.3.5 to 2.4.0 (https://github.com/sigstore/rekor/pull/477)
*
Bump github.com/go-openapi/runtime from 0.20.0 to 0.21.0 (https://github.com/sigstore/rekor/pull/470)
*
bump go-swagger to v0.28.0 (https://github.com/sigstore/rekor/pull/463)
*
Bump github.com/in-toto/in-toto-golang from 0.3.2 to 0.3.3 (https://github.com/sigstore/rekor/pull/459)
*
Bump actions/checkout from 2.3.4 to 2.3.5 (https://github.com/sigstore/rekor/pull/458)
*
Bump github.com/mediocregopher/radix/v4 from 4.0.0-beta.1 to 4.0.0 (https://github.com/sigstore/rekor/pull/460)
*
Bump github.com/go-openapi/runtime from 0.19.31 to 0.20.0 (https://github.com/sigstore/rekor/pull/451)
*
Bump github.com/go-openapi/spec from 0.20.3 to 0.20.4 (https://github.com/sigstore/rekor/pull/454)
*
Bump github.com/go-openapi/validate from 0.20.2 to 0.20.3 (https://github.com/sigstore/rekor/pull/453)
*
Bump github.com/go-openapi/strfmt from 0.20.2 to 0.20.3 (https://github.com/sigstore/rekor/pull/452)
*
Bump github.com/go-openapi/loads from 0.20.2 to 0.20.3 (https://github.com/sigstore/rekor/pull/450)
*
Bump golang from 1.17.1 to 1.17.2 (https://github.com/sigstore/rekor/pull/448)
*
Bump google.golang.org/grpc from 1.40.0 to 1.41.0 (https://github.com/sigstore/rekor/pull/441)
*
Bump golang.org/x/mod from 0.5.0 to 0.5.1 (https://github.com/sigstore/rekor/pull/440)
*
Bump github.com/spf13/viper from 1.8.1 to 1.9.0 (https://github.com/sigstore/rekor/pull/439)
*
Bump gopkg.in/ini.v1 from 1.63.0 to 1.63.2 (https://github.com/sigstore/rekor/pull/437)
*
Bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (https://github.com/sigstore/rekor/pull/436)
*
Bump gocloud to v0.24.0. (https://github.com/sigstore/rekor/pull/434)
*
Bump golang from 1.17.0 to 1.17.1 (https://github.com/sigstore/rekor/pull/432)
*
Bump go.uber.org/zap from 1.19.0 to 1.19.1 (https://github.com/sigstore/rekor/pull/431)
*
Bump gopkg.in/ini.v1 from 1.62.0 to 1.63.0 (https://github.com/sigstore/rekor/pull/429)
*
Bump github.com/go-openapi/runtime from 0.19.30 to 0.19.31 (https://github.com/sigstore/rekor/pull/425)
*
Bump github.com/go-openapi/errors from 0.20.0 to 0.20.1 (https://github.com/sigstore/rekor/pull/423)
*
Bump github.com/go-openapi/strfmt from 0.20.1 to 0.20.2 (https://github.com/sigstore/rekor/pull/422)
*
Bump golang from 1.16.7 to 1.17.0 (https://github.com/sigstore/rekor/pull/413)
*
Bump golang.org/x/mod from 0.4.2 to 0.5.0 (https://github.com/sigstore/rekor/pull/412)
*
Bump google.golang.org/grpc from 1.39.1 to 1.40.0 (https://github.com/sigstore/rekor/pull/411)
*
Bump github.com/go-openapi/runtime from 0.19.29 to 0.19.30 (https://github.com/sigstore/rekor/pull/408)
*
Bump go.uber.org/zap from 1.18.1 to 1.19.0 (https://github.com/sigstore/rekor/pull/407)
*
Bump golang from 1.16.6 to 1.16.7 (https://github.com/sigstore/rekor/pull/403)
*
Bump google.golang.org/grpc from 1.39.0 to 1.39.1 (https://github.com/sigstore/rekor/pull/404)
## Contributors
*
Aditya Sirish (@adityasaky)
*
Andrew Block (@sabre1041)
*
Asra Ali (@asraa)
*
Axel Simon (@axelsimon)
*
Batuhan Apaydın (@developer-guy)
*
Bob Callaway (@bobcallaway)
*
Carlos Panato (@cpanato)
*
Dan Lorenc (@dlorenc)
*
Dan Luhring (@luhring)
*
Harry Fallows (@harryfallows)
*
Hector Fernandez (@hectorj2f)
*
Jake Sanders (@dekkagaijin)
*
Jason Hall (@imjasonh)
*
Lily Sturmann (@lkatalin)
*
Luke Hinds (@lukehinds)
*
Marina Moore (@mnm678)
*
Mikhail Swift (@mikhailswift)
*
Naveen Srinivasan (@naveensrinivasan)
*
Robert James Hernandez (@sarcasticadmin)
*
Santiago Torres (@SantiagoTorres)
*
Tiziano Santoro (@tiziano88)
*
Trishank Karthik Kuppusamy (@trishankatdatadog)
*
Ville Aikas (@vaikas)
*
kpcyrd (@kpcyrd)
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
Carlos Panato <ctadeu@gmail.com>Carlos Panato <ctadeu@gmail.com>