Skip to content

Commit

Permalink
add changelog for v1.9.0
Browse files Browse the repository at this point in the history 
Signed-off-by: cpanato <ctadeu@gmail.com>
  • Loading branch information
@cpanato
cpanato committed Jun 3, 2022
1 parent 632c4a8 commit 9fc6f90
Showing 1 changed file with 129 additions and 0 deletions.
129 changes: 129 additions & 0 deletions CHANGELOG.md
View file
@@ -1,3 +1,130 @@
# v1.9.0

## Enhancements

* Do not push to public rekor. (#1931)
* Add privacy statement for PII storage (#1909)
* Add support for "**" in image glob matching (#1914)
* [cosigned] Rename cosigned references to policy-controller (#1893)
* [cosigned] Remove undefined apiGroups from policy clusterrole (#1896)
* tree: support --attachment-tag-prefix (#1900)
* v1beta1 API for cosigned (#1890)
* tree: only report artifacts that are present (#1872)
* Check certificate policy flags with only a certificate (#1869)
* Normalize certificate flag names (#1868)
* Add rekor.0.pub TUF target to unit tests (#1860)
* If SBOM ref has .json suffix, assume JSON mediatype (#1859)
* sget: Enable KMS providers for sget (#1852)
* Use filepath match instead of glob (#1842)
* cosigned: Fix podAntiAffinity labels (#1841)
* Add function to explictly request a certain provider (#1837)
* Validate tlog entry when verifying signature via public key. (#1833)
* New flag --oidc-providers-disable to disable OIDC providers (#1832)
* Add auth flow option to KeyOpts. (#1827)
* cosigned: Test unsupported KMS providers (#1820)
* Refactor fulcio signer to take in KeyOpts (take 2) (#1818)
* feat: add rego policy support (#1817)
* [Cosigned] Add signature pull secrets (#1805)
* Check failure message of policy that fails with issuer mismatch (#1815)
* Support PKCS1 encoded and non-ECDSA CT log public keys (#1806)

## Documention

* update README with ebpf modules (#1888)
* Point git commmit FUN.md to gitsign! (#1874)
* Add IBM Cloud Container Registry to tested registry list (#1856)
* Document Staging instance usage with Keyless (#1824)

## Bug Fixes

* fix: fix #1930 for AWS KMS formats (#1946)
* fix: fix fetching updated targets from TUF root (#1921)
* Fix piv-tool generate-key command in TOKENS doc (#1850)

## Others

* remove deprecation (#1952)
* Bump github.com/aws/aws-sdk-go-v2 from 1.14.0 to 1.16.4 (#1949)
* update cross-builder image to use go1.17.11 (#1950)
* Bump ossf/scorecard-action from 1.1.0 to 1.1.1 (#1945)
* Bump github.com/secure-systems-lab/go-securesystemslib (#1944)
* Bump actions/cache from 3.0.2 to 3.0.3 (#1937)
* Bump mikefarah/yq from 4.25.1 to 4.25.2 (#1933)
* Bump github.com/spf13/viper from 1.11.0 to 1.12.0 (#1924)
* Bump github.com/hashicorp/vault/sdk from 0.4.1 to 0.5.0 (#1926)
* Bump actions/setup-go from 3.1.0 to 3.2.0 (#1927)
* Bump actions/dependency-review-action from 1.0.1 to 1.0.2 (#1915)
* Bump google-github-actions/auth from 0.7.3 to 0.8.0 (#1916)
* Bump ossf/scorecard-action from 1.0.4 to 1.1.0 (#1922)
* Bump google.golang.org/api from 0.80.0 to 0.81.0 (#1918)
* Bump github.com/armon/go-metrics from 0.3.11 to 0.4.0 (#1919)
* Bump github.com/xanzy/go-gitlab from 0.66.0 to 0.68.0 (#1920)
* Bump github.com/xanzy/go-gitlab from 0.65.0 to 0.66.0 (#1913)
* Move deprecated dependency: google/trillian/merkle to transparency-dev (#1910)
* Bump github.com/hashicorp/go-version from 1.4.0 to 1.5.0 (#1902)
* Bump github.com/hashicorp/go-secure-stdlib/parseutil from 0.1.4 to 0.1.5 (#1883)
* Bump cloud.google.com/go/storage from 1.22.0 to 1.22.1 (#1906)
* Bump actions/upload-artifact from 3.0.0 to 3.1.0 (#1907)
* The timeout arg in golangci-lint has been moved to the generic args param. (#1901)
* Update go-tuf (#1894)
* Bump google.golang.org/api from 0.79.0 to 0.80.0 (#1897)
* Bump google-github-actions/auth from 0.7.2 to 0.7.3 (#1898)
* Bump github/codeql-action from 2.1.10 to 2.1.11 (#1891)
* Update github.com/google/go-containerregistry/pkg/authn/k8schain module to f1b065c6cb3d (#1889)
* Remove dependency on deprecated github.com/pkg/errors (#1887)
* Bump google.golang.org/grpc from 1.46.0 to 1.46.2 (#1884)
* Bump google-github-actions/auth from 0.7.1 to 0.7.2 (#1886)
* go.mod: format go.mod (#1879)
* chore: remove regex from image pattern (#1873)
* Bump actions/dependency-review-action (#1875)
* Bump actions/github-script from 6.0.0 to 6.1.0 (#1876)
* Bump actions/setup-go from 3.0.0 to 3.1.0 (#1870)
* Update go to 1.17.10 / cosign image to 1.18.0 and actions setup go (#1861)
* Bump github/codeql-action from 2.1.9 to 2.1.10 (#1863)
* Bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#1864)
* Bump google.golang.org/api from 0.78.0 to 0.79.0 (#1858)
* Bump github.com/xanzy/go-gitlab from 0.64.0 to 0.65.0 (#1857)
* Bump github.com/go-openapi/runtime from 0.24.0 to 0.24.1 (#1851)
* remove exclude from go.mod (#1846)
* Bump github.com/hashicorp/go-plugin from 1.4.3 to 1.4.4 (#1843)
* Bump google.golang.org/api from 0.77.0 to 0.78.0 (#1838)
* Bump mikefarah/yq from 4.24.5 to 4.25.1 (#1831)
* Bump google.golang.org/api from 0.76.0 to 0.77.0 (#1829)
* Bump github.com/go-openapi/runtime from 0.23.3 to 0.24.0 (#1830)
* Bump github.com/spiffe/go-spiffe/v2 from 2.0.0 to 2.1.0 (#1828)
* chore(deps): Included dependency review (#1792)
* Bump sigstore/cosign-installer from 2.2.1 to 2.3.0 (#1813)
* Bump github/codeql-action from 2.1.8 to 2.1.9 (#1814)
* Bump google.golang.org/api from 0.75.0 to 0.76.0 (#1810)
* Bump github.com/google/go-cmp from 0.5.7 to 0.5.8 (#1809)
* Bump github.com/armon/go-metrics from 0.3.10 to 0.3.11 (#1808)

## Contributors

* Asra Ali (@asraa)
* Adolfo García Veytia (@puerco)
* Andrés Torres (@elfotografo007)
* Billy Lynch (@wlynch)
* Carlos Tadeu Panato Junior (@cpanato)
* Dan Lorenc (@dlorenc)
* Denny (@DennyHoang)
* Eitan Yarmush (@EItanya)
* Hayden Blauzvern (@haydentherapper)
* Hector Fernandez (@hectorj2f)
* Jack Baines (@bainsy88)
* Jason Hall (@imjasonh)
* Josh Dolitsky (@jdolitsky)
* Kenny Leung (@k4leung4)
* Koichi Shiraishi (@zchee)
* Naveen Srinivasan (@naveensrinivasan)
* Neal McBurnett (@nealmcb)
* Priya Wadhwa (@priyawadhwa)
* Rob Best (@ribbybibby)
* Tomasz Janiszewski (@janisz)
* Ville Aikas (@vaikas)
* Vladimir Nachev (@vpnachev)


# v1.8.0

_NOTE_: If you use Fulcio to issue certificates you will need to use this release.
Expand Down Expand Up @@ -36,6 +163,8 @@ _NOTE_: If you use Fulcio to issue certificates you will need to use this releas

## Others

* update changelog for 1.8.0 (#1807)
* add changelog for release v1.8.0 (#1803)
* Bump github.com/hashicorp/go-retryablehttp from 0.7.0 to 0.7.1 (https://github.com/sigstore/cosign/pull/1758)
* Bump google-github-actions/auth from 0.7.0 to 0.7.1 (https://github.com/sigstore/cosign/pull/1801)
* Bump google.golang.org/grpc from 1.45.0 to 1.46.0 (https://github.com/sigstore/cosign/pull/1800)
Expand Down

0 comments on commit 9fc6f90

Please sign in to comment.