v1.9.0
What's Changed
- Bump github.com/armon/go-metrics from 0.3.10 to 0.3.11 by @dependabot in #1808
- update changelog for 1.8.0 by @cpanato in #1807
- Bump github.com/google/go-cmp from 0.5.7 to 0.5.8 by @dependabot in #1809
- Bump google.golang.org/api from 0.75.0 to 0.76.0 by @dependabot in #1810
- Bump github/codeql-action from 2.1.8 to 2.1.9 by @dependabot in #1814
- Bump sigstore/cosign-installer from 2.2.1 to 2.3.0 by @dependabot in #1813
- Check failure message of policy that fails with issuer mismatch by @vaikas in #1815
- [Cosigned] Add signature pull secrets by @DennyHoang in #1805
- feat: add rego policy support by @hectorj2f in #1817
- Refactor fulcio signer to take in KeyOpts (take 2) by @wlynch in #1818
- cosigned: Test unsupported KMS providers by @imjasonh in #1820
- chore(deps): Included dependency review by @naveensrinivasan in #1792
- Bump github.com/spiffe/go-spiffe/v2 from 2.0.0 to 2.1.0 by @dependabot in #1828
- Bump github.com/go-openapi/runtime from 0.23.3 to 0.24.0 by @dependabot in #1830
- Add auth flow option to KeyOpts. by @wlynch in #1827
- Bump google.golang.org/api from 0.76.0 to 0.77.0 by @dependabot in #1829
- Bump mikefarah/yq from 4.24.5 to 4.25.1 by @dependabot in #1831
- Document Staging instance usage with Keyless by @k4leung4 in #1824
- New flag --oidc-providers-disable to disable OIDC providers by @puerco in #1832
- Validate tlog entry when verifying signature via public key. by @wlynch in #1833
- Add function to explicitly request a certain provider by @priyawadhwa in #1837
- cosigned: Fix podAntiAffinity labels by @elfotografo007 in #1841
- Bump google.golang.org/api from 0.77.0 to 0.78.0 by @dependabot in #1838
- Bump github.com/hashicorp/go-plugin from 1.4.3 to 1.4.4 by @dependabot in #1843
- remove exclude from go.mod by @cpanato in #1846
- [Cosigned] Glob matching improvement by @DennyHoang in #1842
- Bump github.com/go-openapi/runtime from 0.24.0 to 0.24.1 by @dependabot in #1851
- sget: Enable KMS providers for sget by @imjasonh in #1852
- Fix piv-tool generate-key command in TOKENS doc by @nealmcb in #1850
- Add IBM Cloud Container Registry to tested registry list by @bainsy88 in #1856
- Bump github.com/xanzy/go-gitlab from 0.64.0 to 0.65.0 by @dependabot in #1857
- Bump google.golang.org/api from 0.78.0 to 0.79.0 by @dependabot in #1858
- If SBOM ref has .json suffix, assume JSON mediatype by @jdolitsky in #1859
- Add rekor.0.pub TUF target to unit tests by @priyawadhwa in #1860
- Bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 by @dependabot in #1864
- Bump github/codeql-action from 2.1.9 to 2.1.10 by @dependabot in #1863
- Normalize certificate flag names by @haydentherapper in #1868
- Check certificate policy flags with only a certificate by @haydentherapper in #1869
- Update go to 1.17.10 / cosign image to 1.18.0 and actions setup go by @cpanato in #1861
- Bump actions/setup-go from 3.0.0 to 3.1.0 by @dependabot in #1870
- Point git commmit FUN.md to gitsign! by @wlynch in #1874
- Bump actions/github-script from 6.0.0 to 6.1.0 by @dependabot in #1876
- Bump actions/dependency-review-action from 3f943b86c9a289f4e632c632695e2e0898d9d67d to 1 by @dependabot in #1875
- [cosigned] remove regex from the image pattern fields by @hectorj2f in #1873
- go.mod: format go.mod by @zchee in #1879
- Bump google-github-actions/auth from 0.7.1 to 0.7.2 by @dependabot in #1886
- Bump google.golang.org/grpc from 1.46.0 to 1.46.2 by @dependabot in #1884
- Remove dependency on deprecated github.com/pkg/errors by @zchee in #1887
- tree: only report artifacts that are present by @ribbybibby in #1872
- update README with ebpf modules by @EItanya in #1888
- Update github.com/google/go-containerregistry/pkg/authn/k8schain module to f1b065c6cb3d by @vpnachev in #1889
- Bump github/codeql-action from 2.1.10 to 2.1.11 by @dependabot in #1891
- v1beta1 API for cosigned by @vaikas in #1890
- Bump google-github-actions/auth from 0.7.2 to 0.7.3 by @dependabot in #1898
- Bump google.golang.org/api from 0.79.0 to 0.80.0 by @dependabot in #1897
- tree: support --attachment-tag-prefix by @ribbybibby in #1900
- [cosigned] Remove undefined apiGroups from policy clusterrole by @vpnachev in #1896
- GHSA-66x3-6cw3-v5gj: Update go-tuf to v0.3.0 by @janisz in #1894
- The timeout arg in golangci-lint has been moved to the generic args p… by @dlorenc in #1901
- Bump actions/upload-artifact from 3.0.0 to 3.1.0 by @dependabot in #1907
- Bump cloud.google.com/go/storage from 1.22.0 to 1.22.1 by @dependabot in #1906
- [cosigned] Rename cosigned references to policy-controller by @hectorj2f in #1893
- Bump github.com/hashicorp/go-secure-stdlib/parseutil from 0.1.4 to 0.1.5 by @dependabot in #1883
- Bump github.com/hashicorp/go-version from 1.4.0 to 1.5.0 by @dependabot in #1902
- Move deprecated dependency: google/trillian/merkle to transparency-dev by @cpanato in #1910
- Bump github.com/xanzy/go-gitlab from 0.65.0 to 0.66.0 by @dependabot in #1913
- Add support for "**" in image glob matching by @imjasonh in #1914
- Add privacy statement for PII storage by @haydentherapper in #1909
- Bump github.com/xanzy/go-gitlab from 0.66.0 to 0.68.0 by @dependabot in #1920
- Bump github.com/armon/go-metrics from 0.3.11 to 0.4.0 by @dependabot in #1919
- Bump google.golang.org/api from 0.80.0 to 0.81.0 by @dependabot in #1918
- Bump ossf/scorecard-action from 1.0.4 to 1.1.0 by @dependabot in #1922
- Bump google-github-actions/auth from 0.7.3 to 0.8.0 by @dependabot in #1916
- Bump actions/dependency-review-action from 1.0.1 to 1.0.2 by @dependabot in #1915
- Bump actions/setup-go from 3.1.0 to 3.2.0 by @dependabot in #1927
- Bump github.com/hashicorp/vault/sdk from 0.4.1 to 0.5.0 by @dependabot in #1926
- Bump github.com/spf13/viper from 1.11.0 to 1.12.0 by @dependabot in #1924
- Do not push to public rekor. by @vaikas in #1931
- Bump mikefarah/yq from 4.25.1 to 4.25.2 by @dependabot in #1933
- Bump actions/cache from 3.0.2 to 3.0.3 by @dependabot in #1937
- fix: fix fetching updated targets from TUF root by @asraa in #1921
- Bump github.com/secure-systems-lab/go-securesystemslib from 0.3.1 to 0.4.0 by @dependabot in #1944
- Bump ossf/scorecard-action from 1.1.0 to 1.1.1 by @dependabot in #1945
- fix: fix #1930 for AWS KMS formats by @vaikas in #1946
- update cross-builder image to use go1.17.11 by @cpanato in #1950
- Bump github.com/aws/aws-sdk-go-v2 from 1.14.0 to 1.16.4 by @dependabot in #1949
- remove deprecation from goreleaser, go-fish is not supported anymore by @cpanato in #1952
- add changelog for v1.9.0 by @cpanato in #1955
- add parallelism for goreleaser by @cpanato in #1957
New Contributors
- @elfotografo007 made their first contribution in #1841
- @nealmcb made their first contribution in #1850
- @bainsy88 made their first contribution in #1856
- @zchee made their first contribution in #1879
- @EItanya made their first contribution in #1888
- @janisz made their first contribution in #1894
Full Changelog: v1.8.0...v1.9.0