/
.rev
235 lines (234 loc) · 13.4 KB
/
.rev
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
<revisionlist>
<revision rev="1" vrev="1">
<srcmd5>dfdf8ff8cb0c25cb6c9aa7c593acaac2</srcmd5>
<version>0.3.0</version>
<time>1641203396</time>
<user>dimstar_suse</user>
<comment>add to factory</comment>
<requestid>943481</requestid>
</revision>
<revision rev="2" vrev="1">
<srcmd5>f8307a100591d6552aad174197ccec82</srcmd5>
<version>0.4.0</version>
<time>1641555952</time>
<user>dimstar_suse</user>
<comment>- updated to 0.4.0
Highlights
- Adds hashed rekord type that can be used to upload signatures along with the hashed content signed (#501) (forwarded request 944479 from msmeissn)</comment>
<requestid>944481</requestid>
</revision>
<revision rev="3" vrev="2">
<srcmd5>b0f3c8a6db1095e2affbb0a70a3b5a3a</srcmd5>
<version>0.4.0</version>
<time>1643128567</time>
<user>dimstar_suse</user>
<comment>Fix BUILD_DATE for reproducible build results (boo#1047218) (forwarded request 948951 from bmwiedemann)</comment>
<requestid>948953</requestid>
</revision>
<revision rev="4" vrev="1">
<srcmd5>92c9101bc2d1a03c31a96908de372b43</srcmd5>
<version>0.5.0</version>
<time>1649014268</time>
<user>dimstar_suse</user>
<comment>- Updated to rekor 0.5.0
* Highlights
- Add Rekor logo to README (#650)
- update API calls to v5 (#591)
- Refactor helm type to remove intermediate state. (#575)
- Refactor the shard map parsing so we can pass it down into the API object. (#564)
- Refactor the alpine type to reduce intermediate state. (#573)
* Enhancements
- Add logic to GET artifacts via old or new UUID (#587)
- helpful error message for hashedrekord types (#605)
- Set Accept header in dynamic counter requests (#594)
- Add sharding package and update validators (#583)
- rekor-cli: show the url in case of error (#581)
- Enable parsing of incomplete minisign keys, to enable re-indexing. (#567)
- Cleanups on the TUF pluggable type. (#563)
- Refactor the RPM type to remove more intermediate state. (#566)
- Do some cleanups of the jar type to remove intermediate state. (#561)
* Others
- update version comments since dependabot doesn't do it (#617)
- Use workload identity provider instead of GitHub Secret for GCR access (#600)
- add OSSF scorecard action (#599)
- enable the sbom for rekor releases (#586)
- Point to the official website (instead of a 404) (#580)
- Add a Makefile target for the "ko apply" step. (#572)
- types/README.md: Corrected documentation link (#568)
- enable server build too, as people might want to deploy rekor chain
themselves. (forwarded request 966623 from msmeissn)</comment>
<requestid>966624</requestid>
</revision>
<revision rev="5" vrev="1">
<srcmd5>bea7cc96f6f848032f60df5e56cb021f</srcmd5>
<version>0.6.0</version>
<time>1650996939</time>
<user>dimstar_suse</user>
<comment>- Updated to rekor 0.6.0
- attempting to fix codeowners file by @bobcallaway in #653
- Update the warning text for the GA release. by @dlorenc in #654
- Add docs about API stability and deprecation policy by @priyawadhwa in #661
- update cross-build and dockerfile to use go 1.17.7 by @cpanato in #666
- Move k8s objects out of the default namespace by @k4leung4 in #674
- add securityContext to deployment. by @k4leung4 in #678
- Add intoto type documentation by @jspeed-meyers in #679
- create namespace for rekor config in yaml. by @k4leung4 in #680
- Set rekor-cli User-Agent header on requests by @bobcallaway in #684
- update security process link by @bobcallaway in #685
- explicitly set permissions for github actions by @k4leung4 in #687
- Add documentation about Alpine type by @jspeed-meyers in #697
- Add code coverage to pull requests. by @k4leung4 in #676
- Consistent parenthesis use in Makefile by @k4leung4 in #700
- Use logRangesFlag in API, route reads based on TreeID by @lkatalin in #671
- Generate release yaml for non-CI builds. by @k4leung4 in #702
- Mirror signed release images from GCR to GHCR as part of release by @k4leung4 in #701
- build trillian container to existing release. by @k4leung4 in #715
- Make the loginfo command a bit more future/backwards proof. by @dlorenc in #718
- Switch to using the swag library for pointer manipulation. by @dlorenc in #719
- Change TreeID to be of type string instead of int64 by @priyawadhwa in #712
- Add sharding e2e test to Github Actions by @priyawadhwa in #714
- fix merge conflict by @priyawadhwa in #720
- Clearer logging for createAndInitTree by @priyawadhwa in #724
- Return virtual index when creating and getting a log entry by @priyawadhwa in #725
- Fix copy/paste mistake in repo name. by @k4leung4 in #730
- Use reusuable release workflow in sigstore/sigstore by @k4leung4 in #729
- Get log proofs by Tree ID by @priyawadhwa in #733
- Refactor rekor-cli loginfo by @priyawadhwa in #734 (forwarded request 972808 from msmeissn)</comment>
<requestid>972809</requestid>
</revision>
<revision rev="6" vrev="1">
<srcmd5>50495467bd608b98b7c9ffa876b00419</srcmd5>
<version>0.8.1</version>
<time>1655732301</time>
<user>dimstar_suse</user>
<comment>- Updated to rekor 0.8.1
- Fix indexing bug for intoto attestations by @priyawadhwa in #870
- Allow an expired certificate chain to be uploaded and verified by @haydentherapper in #873
- Updated to rekor 0.8.0
- Update go-tuf and sigstore/sigstore to non-vulnerable go-tuf version. by @dhaus67 in #847
- Configure rekor server in e2e tests via env variable by @priyawadhwa in #850
- update cross-builder image to use go1.17.11 and dockerfile base image by @cpanato in #860
- update go.mod to go1.17 by @cpanato in #861
- Improve error message when using ED25519 with HashedRekord type by @haydentherapper in #862
- Allow retrieving entryIDs or UUIDs via /api/v1/log/entries/retrieve endpoint by @priyawadhwa in #859
- Print total tree size, including inactive shards in rekor-cli loginfo by @priyawadhwa in #864
- Updated to rekor 0.7.0
- remove URL fetch of keys/artifacts server-side by @bobcallaway in #735
- intoto: add index on materials digest of slsa provenance by @asraa in #793
- chore(deps): Included dependency review by @naveensrinivasan in #788
- Check if intoto hash is available before accessing it as an index key by @priyawadhwa in #800
- Move deprecated dependency: google/trillian/merkle to transparency-dev by @asraa in #807
- Retrieve shard tree length if it isn't provided in the config by @priyawadhwa in #810
- update release builder images to use go 1.17.10 and cosign image to 1.8.0 by @cpanato in #820
- update go to 1.17.10 in the dockerfile by @cpanato in #819
- Limit the number of certificates parsed in a chain by @haydentherapper in #823
- Breaking change: Remove timestamping authority by @haydentherapper in #813
- Add back owners for rfc3161 package type by @haydentherapper in #833
- all: remove dependency on deprecated github.com/pkg/errors by @zchee in #834
- name stored attestations by digest instead of UUID by @bobcallaway in #769 (forwarded request 983852 from msmeissn)</comment>
<requestid>983855</requestid>
</revision>
<revision rev="7" vrev="2">
<srcmd5>40d54306cad407fe12bb742307321077</srcmd5>
<version>0.8.1</version>
<time>1656587896</time>
<user>dimstar_suse</user>
<comment>- rekor-zypper-verify.sh: add a small script that verifies the on-system
zypper repo cache against rekor transparency log.</comment>
<requestid>985790</requestid>
</revision>
<revision rev="8" vrev="1">
<srcmd5>a226a43247c9ee3957edc2371c557d16</srcmd5>
<version>0.9.1</version>
<time>1659034718</time>
<user>RBrownFactory</user>
<comment> (forwarded request 991394 from msmeissn)</comment>
<requestid>991395</requestid>
</revision>
<revision rev="9" vrev="1">
<srcmd5>27320a784cc8521ba7219a2e5452431d</srcmd5>
<version>0.12.0</version>
<time>1663275605</time>
<user>dimstar_suse</user>
<comment>- updated to rekor 0.12.0 (jsc#SLE-23476):
- check supportedVersions list rather than directly reading from version map by @bobcallaway in #1003
- enable blocking specific pluggable type versions from being inserted into the log by @bobcallaway in #1004
- api.SearchLogQueryHandler thread safety by @cdris in #1006
- 'docker compose' to 'docker-compose' by @bobcallaway in #1009
- Intoto v0.0.2 by @pxp928 in #973
- Add bounds on number of elements in api/v1/log/entries/retrieve by @priyawadhwa in #1011
- Change Checkpoint origin to be "Hostname - Tree ID" by @haydentherapper in #1013
- feat: add verification functions by @asraa in #986
- Validate tree ID on calls to /api/v1/log/entries/retrieve by @priyawadhwa in #1017
- Include checkpoint (STH) in entry upload and retrieve responses by @haydentherapper in #1015
- fix: use entry uuid uniformly in return responses by @asraa in #1012
- remove /api/v1/version endpoint by @bobcallaway in #1022
- Fix rekor-cli backwards incompatibility & run harness tests against HEAD by @priyawadhwa in #1030
- Fix harness tests @ main by @priyawadhwa in #1038
- Fetch all tags in harness tests by @priyawadhwa in #1039
- fix retrieve endpoint response code and add testing by @asraa in #1043
- updated to rekor 0.11.0:
- Add rekor harness tests by @priyawadhwa in #945
- Persist and check attestations across harness tests by @priyawadhwa in #952
- Add harness test for getting all entries by UUID and EntryID by @priyawadhwa in #957
- api: fix inclusion proof verification flake by @asraa in #956
- change default value for rekor_server.hostname to server's hostname by @bobcallaway in #963
- fix nil-pointer error when artifact-hash is passed without artifact by @dsa0x in #965
- Add prometheus summary to track metric latency by @priyawadhwa in #966
- compute payload and envelope hashes upon validating intoto proposed entries by @bobcallaway in #967
- update field documentation on publicKey for hashedrekord by @bobcallaway in #969
- Allow sharding config to be written in yaml or json by @priyawadhwa in #974
- fix incorrect schema id for cose type by @bobcallaway in #979
- fix: make rekor verify work with sharded uuids by @asraa in #970 (forwarded request 1003862 from msmeissn)</comment>
<requestid>1003863</requestid>
</revision>
<revision rev="10" vrev="1">
<srcmd5>9c08649be8605339a245717b7495035e</srcmd5>
<version>0.12.1</version>
<time>1664302471</time>
<user>RBrownFactory</user>
<comment>- updated to rekor 0.12.1 (jsc#SLE-23476):
- ** Rekor ** v0.12.1 comes with a breaking change to rekor-cli v0.12.1. Users of rekor-cli MUST upgrade to the latest version
The addition of the intotov2 created a breaking change for the rekor-cli
- What's Changed
- fix: fix harness tests with intoto v0.0.2 by @asraa in #1052
- feat: add file based signer and password by @asraa in #1049
- Adds new rekor metrics for latency and QPS. by @var-sdk in #1059</comment>
<requestid>1006397</requestid>
</revision>
<revision rev="11" vrev="1">
<srcmd5>bc1f215f4c9f952e2cac3648e1c573e9</srcmd5>
<version>0.12.2</version>
<time>1664908695</time>
<user>RBrownFactory</user>
<comment>- updated to rekor 0.12.2 (jsc#SLE-23476):
- add description on /api/v1/index/retrieve endpoint
- Adding e2e test coverage
- export rekor build/version information
- Use POST instead of GET for /api/log/entries/retrieve metrics.
- Search through all shards when searching by hash (forwarded request 1007274 from msmeissn)</comment>
<requestid>1007909</requestid>
</revision>
<revision rev="12" vrev="1">
<srcmd5>b82083202c0014f72608b6cbab2a3dd4</srcmd5>
<version>1.0.0</version>
<time>1666178282</time>
<user>dimstar_suse</user>
<comment>- updated to rekor 1.0.0 (sc#SLE-23476):
- add description on /api/v1/index/retrieve endpoint by @bobcallaway in https://github.com/sigstore/rekor/pull/1073
- Adding e2e test coverage by @cdris in https://github.com/sigstore/rekor/pull/1071
- export rekor build/version information by @cpanato in https://github.com/sigstore/rekor/pull/1074
- Use POST instead of GET for /api/log/entries/retrieve metrics. by @var-sdk in https://github.com/sigstore/rekor/pull/1083
- Search through all shards when searching by hash by @priyawadhwa in https://github.com/sigstore/rekor/pull/1082
- verify: verify checkpoint's STH against the inclusion proof root hash by @asraa in https://github.com/sigstore/rekor/pull/1092
- add ability to enable/disable specific rekor API endpoints by @bobcallaway in https://github.com/sigstore/rekor/pull/1080
- enable configurable client retries with backoff in RekorClient by @bobcallaway in https://github.com/sigstore/rekor/pull/1096
- remove dead code around api-key and timestamp references by @bobcallaway in https://github.com/sigstore/rekor/pull/1098
- update swagger API version to 1.0.0 by @bobcallaway in https://github.com/sigstore/rekor/pull/1102
- remove unused RekorVersion API definition by @bobcallaway in https://github.com/sigstore/rekor/pull/1101
- install gocovmerge in hack/tools by @bobcallaway in https://github.com/sigstore/rekor/pull/1103
- add retry command line flag on rekor-cli by @bobcallaway in https://github.com/sigstore/rekor/pull/1097
- Add some info and debug logging to commonly used funcs by @priyawadhwa in https://github.com/sigstore/rekor/pull/1106 (forwarded request 1029932 from msmeissn)</comment>
<requestid>1029934</requestid>
</revision>
</revisionlist>