Skip to content

Commit

Permalink
Add Rekor 1.0 CHANGELOG (#1122)
Browse files Browse the repository at this point in the history
* Add Rekor 1.0 CHANGELOG

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>

* Update README

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
  • Loading branch information
priyawadhwa authored Oct 17, 2022
1 parent e766c3a commit 7215f5c
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 4 deletions.
59 changes: 59 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,62 @@
# v1.0.0

Rekor is 1.0!
No changes, as this is tagged at the same commit as v1.0.0-rc.1.

Thank you to all of the contributors to Rekor in the past couple years who helped make Rekor 1.0 possible!

## Contributors
* Aastha Bist
* Aditya Sirish
* Ahmet Alp Balkan
* Andrew Block
* Appu
* Asra Ali
* axel simon
* Azeem Shaikh
* Batuhan Apaydın
* Bob Callaway
* Carlos Tadeu Panato Junior
* Ceridwen Driskill
* Christian Rebischke
* Dan Lorenc
* Dan Luhring
* Eddie Zaneski
* Efe Barlas
* Fredrik Skogman
* Harry Fallows
* Hayden B
* Hector Fernandez
* Jake Sanders
* Jason Hall
* Jehan Shah
* John Speed Meyers
* Kenny Leung
* Koichi Shiraishi
* Lily Sturmann
* Luke Hinds
* Mikhail Swift
* Morten Linderud
* Nathan Smith
* Naveen
* Olivier Cedric Barbier
* Parth Patel
* Priya Wadhwa
* Robert James Hernandez
* Romain Aviolat
* Samsondeen
* Sascha Grunert
* Scott Nichols
* Shiwei Zhang
* Simon Kent
* Sylvestre Ledru
* Tiziano Santoro
* Trishank Karthik Kuppusamy
* Ville Aikas
* dhaus67
* endorama
* kpcyrd

# v1.0.0-rc.1

## Enhancements
Expand Down
13 changes: 9 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Rekór - Greek for “Record”

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain.
Rekor will enable software maintainers and build systems to record signed metadata to an immutable record.
Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's lifecycle. For more details visit the [sigstore website](https://sigstore.dev)
Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's lifecycle. For more details visit the [sigstore website](https://sigstore.dev).

The Rekor project provides a restful API based server for validation and a transparency log for storage.
A CLI application is available to make and verify entries, query the transparency log for inclusion proof,
Expand All @@ -24,10 +24,15 @@ extensible to working with different manifest schemas and PKI tooling.

## Public Instance

We're currently working hard on cutting a 1.0 release and productionizing the public instance.
We don't have a date yet, but follow along on the [GitHub project](https://github.com/orgs/sigstore/projects/5).
Rekor is officially Generally Available with a 1.0.0 release, and follows [semver rules](https://semver.org/) for API stability.
This means production workloads can rely on the Rekor public instance, which has a 24/7 oncall rotation supporting it and offers a 99.5% availability SLO for the following API endpoints:
* `/api/v1/log`
* `/api/v1/log/publicKey`
* `/api/v1/log/proof`
* `/api/v1/log/entries`
* `/api/v1/log/entries/retrieve`

We will improve the stability and publish SLOs soon!
For uptime data on the Rekor public instance, see [https://status.sigstore.dev](https://status.sigstore.dev).

More details on the public instance can be found at [docs.sigstore.dev](https://docs.sigstore.dev/rekor/public-instance).

Expand Down

0 comments on commit 7215f5c

Please sign in to comment.