Skip to content

Releases: sigstore/rekor

v1.1.1

03 May 00:34
0c1914e
Compare
Choose a tag to compare

v1.1.1

Functional Enhancements

  • Refactor Trillian client with exported methods (#1454)
  • Switch to official redis-go client (#1459)
  • Remove replace in go.mod (#1444)
  • Add Rekor OID info. (#1390)

Quality Enhancements

  • remove legacy encrypted cosign key (#1446)
  • swap cjson dependency (#1441)
  • Update release readme (#1456)

Bug Fixes

Contributors

  • Billy Lynch
  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Ceridwen Coghlan
  • Hayden B

Full Changelog: v1.1.0...v1.1.1

v1.1.0

28 Mar 22:52
4a65926
Compare
Choose a tag to compare

v1.1.0

Functional Enhancements

  • improve validation on intoto v0.0.2 type (#1351)
  • add feature to limit HTTP request body length to process (#1334)
  • add information about the file size limit (#1313)
  • Add script to backfill Redis from Rekor (#1163)
  • Feature: add search support for sha512 (#1142)

Quality Enhancements

  • fuzzing: refactor OSS-Fuzz build script (#1377)
  • Update cloudbuild for cosign 2.0 (#1375)
  • Tests - Additional sharding tests (#1180)
  • jar type: add fuzzer for 3rd-party dep (#1360)
  • update cosign to 2.0.0 and builder image and also cosign flags (#1368)
  • fuzzing: move alpine utils to fuzz utils (#1335)
  • fuzzing: add seed for alpine fuzzer (#1342)
  • jar: add v001 fuzzer (#1327)
  • fuzzing: open writer later in fuzz utils (#1326)
  • fuzzing: remove tar operations in alpine fuzzer (#1322)
  • alpine: add v001 fuzzer (#1316)
  • hashedrekord: add v001 fuzzer (#1315)
  • fuzzing: add call to IndexKeys in multiple fuzzers (#1302)
  • fuzzing: improve cose fuzzer (#1300)
  • fuzzing: improve fuzz utils (#1298)
  • fuzzing: improve alpine fuzzer (#1273)
  • fuzzing: go mod edit go-fuzz-headers (#1272)
  • fuzzing: add .options file (#1271)
  • fuzzing: build helm fuzzer from correct dir (#1264)
  • types: refactor multiple fuzzers (#1258)
  • helm: add fuzzer for provenance unmarshalling (#1243)
  • pki: add fuzzer (#1256)
  • Fuzzing: Add more bug detectors (#1253)
  • Refactor e2e - part 5 (#1236)
  • Removed unused tool/deps (#1244)
  • Fixed the invalid path (#1245)
  • Run latest fuzzers in OSS-Fuzz (#1221)
  • Fuzz tests - hashedrekord (#1224)
  • Update builder (#1228)
  • Revamping rekor e2e - part 4 of N (#1218)
  • types: add fuzzers (#1225)
  • jar type: add fuzzer (#1215)
  • Revamping rekor e2e - part 3 of N (#1177)
  • modify OSS-Fuzz build script (#1214)
  • move over oss-fuzz build script (#1204)
  • wrap redis client errors to aid debugging (#1176)
  • don't test release candidate builds in harness (#1183)
  • types/alpine: add fuzzer (#1200)
  • logging tweaks to improve usability (#1235)
  • Add backfill-redis to the release artifacts (#1174)
  • ensure jobs run on release branches (#1181)
  • update builder image and cosign (#1165)
  • Refactor e2e tests - x509 apk (#1152)
  • Sharding - Additional tests (#1156)
  • Ran gofmt and cleaned up (#1157)
  • Fuzz - Fuzz tests for sharding (#1147)
  • Revamping rekor e2e - part 1 of N (#1089)

Bug Fixes

  • remove goroutine usage from SearchLogQuery (#1407)
  • drop log messages regarding attestation storage to debug (#1408)
  • fix ko-local build (#1381)
  • disable blocking checks (#1353)
  • fix validation for proposed vs committed log entries for intoto v0.0.1 (#1309)
  • fix: fix regex for multi-digit counts (#1321)
  • return NotFound if treesize is 0 rather than calling trillian (#1311)
  • enumerate slice to get sugared logs (#1312)
  • put a reasonable size limit on ssh key reader (#1288)
  • CLIENT: Fix Custom Host and Path Issue (#1306)
  • do not persist local state if log is empty; fail consistency proofs from 0 size (#1290)
  • correctly handle invalid or missing pki format (#1281)
  • Add Verifier to get public key/cert and identities for entry type (#1210)
  • fix goroutine leak in client; add insecure TLS option (#1238)
  • Fix - Remove the force-recreate flag (#1179)
  • trim whitespace around public keys before parsing (#1175)
  • stop inserting envelope hash for intoto:0.0.2 types into index (#1171)
  • Revert "remove double encoding of payload and signature fields for intoto (#1150)" (#1158)
  • remove double encoding of payload and signature fields for intoto (#1150)
  • fix SearchLogQuery behavior to conform to openapi spec (#1145)
  • Remove pem-certificate-chain from client (#1138)
  • fix flag type for operator in search (#1136)
  • use sigstore/community dep review (#1132)

Contributors

  • AdamKorcz
  • Batuhan Apaydın
  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Fabian Kammel
  • Fredrik Skogman
  • Hayden B
  • Joyce
  • Naveen
  • Noah Kreiger
  • Priya Wadhwa

v1.0.1

10 Nov 18:47
d316235
Compare
Choose a tag to compare

What's Changed

Full Changelog: v1.0.0...v1.0.1

v1.0.0

17 Oct 21:49
7215f5c
Compare
Choose a tag to compare

What's Changed

Full Changelog: v0.12.1...v1.0.0

v1.0.0-rc.1

17 Oct 19:25
7f3a256
Compare
Choose a tag to compare
v1.0.0-rc.1 Pre-release
Pre-release

What's Changed

Full Changelog: v1.0-rc...v1.0.0-rc.1

v1.0-rc

06 Oct 20:39
c0382c2
Compare
Choose a tag to compare
v1.0-rc Pre-release
Pre-release

What's Changed

Full Changelog: v0.12.1...v1.0-rc

v0.12.2

29 Sep 16:07
Compare
Choose a tag to compare

What's Changed

Full Changelog: v0.12.1...v0.12.2

v0.12.1

21 Sep 12:32
584bc16
Compare
Choose a tag to compare

Highlights

** Rekor ** v0.12.1 comes with a breaking change to rekor-cli v0.12.1. Users of rekor-cli MUST upgrade to the latest version
The addition of the intotov2 created a breaking change for the rekor-cli

What's Changed

  • fix: fix harness tests with intoto v0.0.2 by @asraa in #1052
  • feat: add file based signer and password by @asraa in #1049
  • Adds new rekor metrics for latency and QPS. by @var-sdk in #1059

New Contributors

Full Changelog: v0.12.0...v0.12.1

Thanks for all contributors!

v0.12.0

14 Sep 09:52
e7dc6c5
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.11.0...v0.12.0

v0.11.0

19 Aug 07:31
b902fdc
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.10.0...v0.11.0