Skip to content

v2.0.1

Compare
Choose a tag to compare
@sigstore-bot sigstore-bot released this 06 Apr 19:56
· 688 commits to main since this release
v2.0.1
8faaee4

Installation

go install github.com/sigstore/cosign/v2/cmd/[email protected]

Enhancements

  • Add environment variable token provider (#2864)
  • Remove cosign policy command (#2846)
  • Allow customising 'go' executable with GOEXE var (#2841)
  • Consistent tlog warnings during verification (#2840)
  • Add riscv64 arch (#2821)
  • Default generated PEM labels to SIGSTORE (#2735)
  • Update privacy statement and confirmation (#2797)
  • Add exit codes for verify errors (#2766)
  • Add Buildkite provider (#2779)
  • verify-blob-attestation: Loosen arg requirements if --check-claims=false (#2746)

Bug Fixes

  • PKCS11 sessions are now opened read only (#2853)
  • Makefile: date format of log should not show signatures (#2835)
  • Add missing flags to cosign verify dockerfile/manifest (#2830)
  • Add a warning to remember how to configure a custom Gitlab host (#2816)
  • Remove tag warning message from save/copy commands (#2799)
  • Mark keyless pem files with b64 (#2671)

Contributors

  • Aleksandr Razumov
  • Batuhan Apaydın
  • Billy Lynch
  • Carlos Tadeu Panato Junior
  • Chris Burns
  • Derek Burdick
  • Dmitry Savintsev
  • favonia
  • Hayden B
  • Hector Fernandez
  • Ivana Atanasova
  • joe miller
  • Luiz Carvalho
  • Paolo Mainardi
  • priyawadhwa
  • Radoslav Dimitrov
  • Steve Winslow
  • Vincent Batts
  • Zack Newman

Full Changelog: v2.0.0...v2.0.1