This repository was archived by the owner on Dec 3, 2024. It is now read-only.
Releases: docker/attest
Releases · docker/attest
v0.2.0
Lots of breaking changes to make the linter happy.
Changes
- Reformat with gofumpt @jonnystoten (#109)
🚀 Features
- feat(deps): bump github.com/docker/docker from 27.0.3+incompatible to 27.1.0+incompatible @dependabot (#105)
🐛 Bug Fixes
- fix: standardize casing of initialisms @kipz (#112)
- fix: upgrade go to 1.22.x for testing @kipz (#110)
🧰 Maintenance
Contributors
jonnystoten, kipz, and dependabot
Assets 2
v0.1.12
Changes
- Remove dependency on github.com/pkg/errors @jonnystoten (#106)
🚀 Features
- Add linting github action @jonnystoten (#107)
- fix: add auth to referrers image retrieval @kipz (#108)
- docs: add contribution guidelines @kipz (#102)
- feat(deps): bump github.com/open-policy-agent/opa from 0.66.0 to 0.67.0 @dependabot (#101)
🐛 Bug Fixes
- fix: add auth to referrers image retrieval @kipz (#108)
- debt: remove goyaml. Fixup directives @kipz (#103)
🧰 Maintenance
- docs: add contribution guidelines @kipz (#102)
- docs: first cut of a new README @jonnystoten (#99)
Contributors
jonnystoten, kipz, and dependabot
Assets 2
v0.1.11
Contributors
kipz
Assets 2
v0.1.10
Changes
🚀 Features
- feat(deps): bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 @dependabot (#98)
- feat(deps): bump google.golang.org/api from 0.188.0 to 0.189.0 @dependabot (#97)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.26 to 1.27.27 @dependabot (#93)
Contributors
dependabot
Assets 2
v0.1.9
Changes
- Use DSSE artifactType in referrers @kipz (#95)
- set artifactType correctly for referrers fallback @kipz (#94)
🚀 Features
- feat(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.0.0-20240504210453-5a634eb214ae to 2.0.0 @dependabot (#92)
- feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.6 to 1.8.7 @dependabot (#88)
- feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.6 to 1.8.7 @dependabot (#89)
🐛 Bug Fixes
🧰 Maintenance
- chore: update dev root @mrjoelkamp (#96)
- chore: fix linting errors @kipz (#91)
Contributors
kipz, mrjoelkamp, and dependabot
Assets 2
v0.1.8
Changes
🚀 Features
- Add proper mirror support @jonnystoten (#74)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.24 to 1.27.26 @dependabot (#86)
- feat(deps): bump github.com/testcontainers/testcontainers-go/modules/registry from 0.31.0 to 0.32.0 @dependabot (#79)
- feat(deps): bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 @dependabot (#81)
- feat(deps): bump google.golang.org/api from 0.187.0 to 0.188.0 @dependabot (#83)
🧰 Maintenance
- Make referrers attestations OCI compliant @kipz (#80)
- feat(deps): bump github.com/testcontainers/testcontainers-go/modules/registry from 0.31.0 to 0.32.0 @dependabot (#79)
- chore: update default urls and export roots @mrjoelkamp (#87)
Contributors
jonnystoten, kipz, and 2 other contributors
Assets 2
v0.1.7
v0.1.7
This tag was signed with the committer’s verified signature.
mrjoelkamp
Joel Kamp
Changes
- Don't upload coverage results if we don't run e2e @jonnystoten (#77)
- Unify functions for use in
sign&verify --vsa@kipz (#71)
🚀 Features
- feat: add EmbeddedRoot type @mrjoelkamp (#85)
- feat: add production TUF root @mrjoelkamp (#84)
- feat(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 @dependabot (#76)
- Add GCP KMS support @kipz (#73)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.23 to 1.27.24 @dependabot (#75)
- feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.5 to 1.8.6 @dependabot (#67)
- feat(deps): bump github.com/open-policy-agent/opa from 0.65.0 to 0.66.0 @dependabot (#69)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.21 to 1.27.23 @dependabot (#70)
- feat(deps): bump github.com/containerd/containerd from 1.7.18 to 1.7.19 @dependabot (#72)
- Add e2e auth test @kipz (#68)
🧰 Maintenance
Contributors
jonnystoten, kipz, and 2 other contributors
Assets 2
v0.1.6
Changes
🚀 Features
- feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.4 to 1.8.5 @dependabot (#65)
- feat: cloud provider authn @mrjoelkamp (#59)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.19 to 1.27.21 @dependabot (#61)
🧰 Maintenance
Contributors
kipz, mrjoelkamp, and dependabot
Assets 2
v0.1.5
Changes
- Support referrers using digest, not just tag @kipz (#55)
- Return policy input with verification result @jonnystoten (#56)
- Avoid pointers to map @jonnystoten (#57)
- refactor: use interface value @mrjoelkamp (#52)
- Don't use pointers for image interfaces @kipz (#51)
- Handle errors from Go in Rego. Support for skipping TL @kipz (#47)
- Expose ParsePlatform @kipz (#45)
🚀 Features
- Add support for separate attestation storage repo @kipz (#62)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.18 to 1.27.19 @dependabot (#58)
- feat(deps): bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 @dependabot (#54)
- Add support for OCI Referrers and fallback @kipz (#50)
- feat(deps): bump github.com/containerd/containerd from 1.7.17 to 1.7.18 @dependabot (#48)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.17 to 1.27.18 @dependabot (#49)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.16 to 1.27.17 @dependabot (#46)
- feat(deps): bump github.com/open-policy-agent/opa from 0.64.1 to 0.65.0 @dependabot (#44)
- feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.3 to 1.8.4 @dependabot (#42)
- Add support for selecting a policy by ID @kipz (#41)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.15 to 1.27.16 @dependabot (#40)
🐛 Bug Fixes
- Various fixes @kipz (#63)
- fix: mkdir perms @mrjoelkamp (#53)
🧰 Maintenance
Contributors
jonnystoten, kipz, and 2 other contributors
Assets 2
v0.1.4
Changes
- Small tidies @jonnystoten (#20)
🚀 Features
- Return VSA and rich errors from verification @jonnystoten (#38)
- feat(deps): bump github.com/containerd/containerd from 1.7.16 to 1.7.17 @dependabot (#35)
- feat(deps): bump github.com/package-url/packageurl-go from 0.1.2 to 0.1.3 @dependabot (#36)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.14 to 1.27.15 @dependabot (#34)
- Use policy files from mapping.yaml @kipz (#30)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.13 to 1.27.14 @dependabot (#29)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.12 to 1.27.13 @dependabot (#26)
- feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.11 to 1.27.12 @dependabot (#21)
- feat(deps): bump github.com/testcontainers/testcontainers-go/modules/registry from 0.30.0 to 0.31.0 @dependabot (#24)
🐛 Bug Fixes
- Fix image detection based on platform @kipz (#33)
- fix: canonical policy @mrjoelkamp (#37)
- Upgrade some deps to fix vulnerabilities @kipz (#31)
- fix: no such directory error @mrjoelkamp (#28)
- revert: go-tuf fork @mrjoelkamp (#27)
- Fix query and tests @kipz (#17)
- Revert "revert: rego evaluator result" @kipz (#15)
🧰 Maintenance
- Check version of attest against constraints in TUF @jonnystoten (#19)
- Use id/policy-id in mapping.yaml @kipz (#32)
- Upgrade some deps to fix vulnerabilities @kipz (#31)
- feat(deps): bump github.com/testcontainers/testcontainers-go/modules/registry from 0.30.0 to 0.31.0 @dependabot (#24)
- docs: update examples in README.md @mrjoelkamp (#18)
- Fix query and tests @kipz (#17)
- Move policy mock for external use @kipz (#16)
Contributors
jonnystoten, kipz, and 2 other contributors