pool/rekor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b4625ce4ba
rekor/rekor.changes
Marcus Meissner b4625ce4ba Accepting request 985788 from home:msmeissn:branches:security 
- rekor-zypper-verify.sh: add a small script that verifies the on-system
  zypper repo cache against rekor transparency log.

OBS-URL: https://build.opensuse.org/request/show/985788
OBS-URL: https://build.opensuse.org/package/show/security/rekor?expand=0&rev=11
2022-06-29 12:42:40 +00:00

146 lines
8.1 KiB
Plaintext
Raw Blame History

-------------------------------------------------------------------
Wed Jun 29 12:26:43 UTC 2022 - Marcus Meissner <meissner@suse.com>
- rekor-zypper-verify.sh: add a small script that verifies the on-system
zypper repo cache against rekor transparency log.
-------------------------------------------------------------------
Mon Jun 20 06:54:51 UTC 2022 - Marcus Meissner <meissner@suse.com>
- Updated to rekor 0.8.1
- Fix indexing bug for intoto attestations by @priyawadhwa in #870
- Allow an expired certificate chain to be uploaded and verified by @haydentherapper in #873
- Updated to rekor 0.8.0
- Update go-tuf and sigstore/sigstore to non-vulnerable go-tuf version. by @dhaus67 in #847
- Configure rekor server in e2e tests via env variable by @priyawadhwa in #850
- update cross-builder image to use go1.17.11 and dockerfile base image by @cpanato in #860
- update go.mod to go1.17 by @cpanato in #861
- Improve error message when using ED25519 with HashedRekord type by @haydentherapper in #862
- Allow retrieving entryIDs or UUIDs via /api/v1/log/entries/retrieve endpoint by @priyawadhwa in #859
- Print total tree size, including inactive shards in rekor-cli loginfo by @priyawadhwa in #864
- Updated to rekor 0.7.0
- remove URL fetch of keys/artifacts server-side by @bobcallaway in #735
- intoto: add index on materials digest of slsa provenance by @asraa in #793
- chore(deps): Included dependency review by @naveensrinivasan in #788
- Check if intoto hash is available before accessing it as an index key by @priyawadhwa in #800
- Move deprecated dependency: google/trillian/merkle to transparency-dev by @asraa in #807
- Retrieve shard tree length if it isn't provided in the config by @priyawadhwa in #810
- update release builder images to use go 1.17.10 and cosign image to 1.8.0 by @cpanato in #820
- update go to 1.17.10 in the dockerfile by @cpanato in #819
- Limit the number of certificates parsed in a chain by @haydentherapper in #823
- Breaking change: Remove timestamping authority by @haydentherapper in #813
- Add back owners for rfc3161 package type by @haydentherapper in #833
- all: remove dependency on deprecated github.com/pkg/errors by @zchee in #834
- name stored attestations by digest instead of UUID by @bobcallaway in #769
-------------------------------------------------------------------
Tue Apr 26 09:41:49 UTC 2022 - Marcus Meissner <meissner@suse.com>
- Updated to rekor 0.6.0
- attempting to fix codeowners file by @bobcallaway in #653
- Update the warning text for the GA release. by @dlorenc in #654
- Add docs about API stability and deprecation policy by @priyawadhwa in #661
- update cross-build and dockerfile to use go 1.17.7 by @cpanato in #666
- Move k8s objects out of the default namespace by @k4leung4 in #674
- add securityContext to deployment. by @k4leung4 in #678
- Add intoto type documentation by @jspeed-meyers in #679
- create namespace for rekor config in yaml. by @k4leung4 in #680
- Set rekor-cli User-Agent header on requests by @bobcallaway in #684
- update security process link by @bobcallaway in #685
- explicitly set permissions for github actions by @k4leung4 in #687
- Add documentation about Alpine type by @jspeed-meyers in #697
- Add code coverage to pull requests. by @k4leung4 in #676
- Consistent parenthesis use in Makefile by @k4leung4 in #700
- Use logRangesFlag in API, route reads based on TreeID by @lkatalin in #671
- Generate release yaml for non-CI builds. by @k4leung4 in #702
- Mirror signed release images from GCR to GHCR as part of release by @k4leung4 in #701
- build trillian container to existing release. by @k4leung4 in #715
- Make the loginfo command a bit more future/backwards proof. by @dlorenc in #718
- Switch to using the swag library for pointer manipulation. by @dlorenc in #719
- Change TreeID to be of type string instead of int64 by @priyawadhwa in #712
- Add sharding e2e test to Github Actions by @priyawadhwa in #714
- fix merge conflict by @priyawadhwa in #720
- Clearer logging for createAndInitTree by @priyawadhwa in #724
- Return virtual index when creating and getting a log entry by @priyawadhwa in #725
- Fix copy/paste mistake in repo name. by @k4leung4 in #730
- Use reusuable release workflow in sigstore/sigstore by @k4leung4 in #729
- Get log proofs by Tree ID by @priyawadhwa in #733
- Refactor rekor-cli loginfo by @priyawadhwa in #734
- Update loginfo API endpoint to return information about inactive shards by @priyawadhwa in #738
- Replace trillian_log_server.log_id_ranges flag with a config file by @priyawadhwa in #742
- fix build date format for version command by @cpanato in #745
- Require tlog_id when log_id_ranges is passed in by @lkatalin in #739
- Use active tree on server startup by @lkatalin in #727
- Specify public key for inactive shards in shard config by @priyawadhwa in #746
- Add support for providing certificate chain for X509 signature types by @haydentherapper in #747
- fix typo in filename by @bobcallaway in #758
- Update release jobs and trillian images by @cpanato in #756
- Add the SHA256 digest of the intoto payload into the rekor entry by @bobcallaway in #764
- Add index to hashed intoto envelope by @asraa in #761
- Fix link in types README by @eddiezane in #765
- set p.Block after parsing in helm provenance type by @bobcallaway in #759
- Fix search without sha prefix by @eddiezane in #767
- Add in configmap to release for sharding config by @priyawadhwa in #766
- Search inactive trees for GET by UUID requests by @lkatalin in #750
- Create EntryID for new artifacts and return EntryID to user by @lkatalin in #623
- Update cloudbuild to not fail when copy the images by @cpanato in #773
-------------------------------------------------------------------
Fri Apr 1 15:13:27 UTC 2022 - Marcus Meissner <meissner@suse.com>
- Updated to rekor 0.5.0
* Highlights
- Add Rekor logo to README (#650)
- update API calls to v5 (#591)
- Refactor helm type to remove intermediate state. (#575)
- Refactor the shard map parsing so we can pass it down into the API object. (#564)
- Refactor the alpine type to reduce intermediate state. (#573)
* Enhancements
- Add logic to GET artifacts via old or new UUID (#587)
- helpful error message for hashedrekord types (#605)
- Set Accept header in dynamic counter requests (#594)
- Add sharding package and update validators (#583)
- rekor-cli: show the url in case of error (#581)
- Enable parsing of incomplete minisign keys, to enable re-indexing. (#567)
- Cleanups on the TUF pluggable type. (#563)
- Refactor the RPM type to remove more intermediate state. (#566)
- Do some cleanups of the jar type to remove intermediate state. (#561)
* Others
- update version comments since dependabot doesn't do it (#617)
- Use workload identity provider instead of GitHub Secret for GCR access (#600)
- add OSSF scorecard action (#599)
- enable the sbom for rekor releases (#586)
- Point to the official website (instead of a 404) (#580)
- Add a Makefile target for the "ko apply" step. (#572)
- types/README.md: Corrected documentation link (#568)
-------------------------------------------------------------------
Thu Feb 3 09:46:25 UTC 2022 - Marcus Meissner <meissner@suse.com>
- enable server build too, as people might want to deploy rekor chain
themselves.
-------------------------------------------------------------------
Tue Jan 25 08:32:11 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Fix BUILD_DATE for reproducible build results (boo#1047218)
-------------------------------------------------------------------
Thu Jan 6 14:52:16 UTC 2022 - Marcus Meissner <meissner@suse.com>
- updated to 0.4.0
Highlights
- Adds hashed rekord type that can be used to upload signatures along with the hashed content signed (#501)
-------------------------------------------------------------------
Wed Dec 8 16:58:06 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
- prepare building of the serve part
-------------------------------------------------------------------
Fri Nov 26 16:01:30 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
- initial package
Reference in New Issue View Git Blame Copy Permalink