Releases: sigstore/sigstore-python
Releases · sigstore/sigstore-python
Release 0.6.2
What's Changed
- build(deps): bump sigstore from 0.5.1 to 0.6.1 in /install by @dependabot in #134
- build(deps): bump certifi from 2022.5.18.1 to 2022.6.15 in /install by @dependabot in #135
- OAuth: more debug logs, configurable browser by @woodruffw in #136
- build(deps): bump cryptography from 37.0.2 to 37.0.3 in /install by @dependabot in #137
- sigstore: 0.6.2 by @woodruffw in #138
Full Changelog: v0.6.1...v0.6.2
Contributors
woodruffw and dependabot
Assets 8
Release 0.6.1
What's Changed
- cli: fix
--output-signatureand--output-certificateby @woodruffw in #133
Full Changelog: v0.6.0...v0.6.1
Contributors
woodruffw
Assets 8
Release 0.6.0
What's Changed
- build(deps): bump sigstore from 0.5.0 to 0.5.1 in /install by @dependabot in #119
- workflows: add staging-tests by @woodruffw in #121
- CLI: Add
--outputand--forceby @woodruffw in #125 - cli: replace
--outputwith--no-default-filesby @woodruffw in #128 - README: add signing examples by @woodruffw in #129
- build(deps): bump requests from 2.27.1 to 2.28.0 in /install by @dependabot in #131
sigstore verify: support multiple inputs by @woodruffw in #130- sigstore: 0.6.0 by @woodruffw in #132
New Contributors
- @dependabot made their first contribution in #119
Full Changelog: v0.5.1...v0.6.0
Contributors
woodruffw and dependabot
Assets 2
v0.5.1
What's Changed
- Add a requirements file w/ hashes, and additional instructions for installing by @di in #114
- _cli, _verify: Add
--cert-oidc-issuerflag by @tetsuo-cpp in #112 - sigstore/verify: add more sigstore extension OIDs by @woodruffw in #117
- workflows/release: upload assets, dogfood verification by @woodruffw in #116
- sigstore: 0.5.1 by @woodruffw in #118
Full Changelog: v0.5.0...v0.5.1
Contributors
di, woodruffw, and tetsuo-cpp
Assets 8
Release 0.5.1rc2
10ab4f9
This commit was signed with the committer’s verified signature.
The key has expired.
woodruffw
William Woodruff
sigstore: 0.5.1rc2 Signed-off-by: William Woodruff <[email protected]>
Release 0.5.1rc1
4d0c9f1
This commit was signed with the committer’s verified signature.
The key has expired.
woodruffw
William Woodruff
workflows/release: put sigs and certs in their own directory To avoid confusing twine. Signed-off-by: William Woodruff <[email protected]>
Release 0.5.0
What's Changed
- _internal/fulcio: refactor SCT model by @woodruffw in #94
- oidc/ambient: Google: fail softly if the SMBIOS product name doesn't match by @woodruffw in #98
- oauth: Fix race in OIDC token retrieval by @tetsuo-cpp in #99
- cli: add
--output-signatureand--output-certificateby @woodruffw in #101 - _cli, _sign, _verify, oidc: Add
--fulcio-urland--rekor-urlby @tetsuo-cpp in #103 - _cli: Add
--stagingconvenience flag by @tetsuo-cpp in #104 - Support verifying embedded SCTs by @tetsuo-cpp in #84
- fulcio, _sign: Request certificates via CSR by @tetsuo-cpp in #80
- _verify: Add Fulcio intermediate certificate by @tetsuo-cpp in #110
- _cli, _verify: Wrap OpenSSL error with user-friendly text by @tetsuo-cpp in #113
- sigstore: 0.5.0 by @woodruffw in #111
Full Changelog: v0.4.2...v0.5.0
Contributors
woodruffw and tetsuo-cpp
Assets 2
Release 0.4.2
What's Changed
- treewide: ratchet down typing, move mypy config to pyproject by @woodruffw in #85
- sigstore: fix build by removing version indirection by @woodruffw in #87
- bandit: merge config into pyproject by @woodruffw in #86
- run through stepsecurity hardener by @wallies in #73
- Google Cloud ambient credential detection by @di in #88
- oidc/ambient: constrain nosec by @woodruffw in #89
- Support Google Cloud impersonation by @di in #91
- sigstore, test: more unit tests, rename mods by @woodruffw in #92
- Version 0.4.2 by @di in #93
New Contributors
Full Changelog: v0.4.1...v0.4.2
Contributors
di, wallies, and woodruffw
Assets 2
Release 0.4.1
What's Changed
- sigstore, README: add
--versionflag by @woodruffw in #79 - pyproject, sigstore: use flit as our build backend by @woodruffw in #81
- workflows/release: smoke-test each distribution by @woodruffw in #83
- version: 0.4.1 by @woodruffw in #82
Full Changelog: v0.4.0...v0.4.1
Contributors
woodruffw
Assets 2
Release 0.4.0
What's Changed
- cli: add a flag for disabling ambient OIDC detection by @woodruffw in #68
- build: move almost everything to pyproject.toml by @woodruffw in #70
- Support configurable OIDC issuers by @tetsuo-cpp in #62
- cli, verify: refactor, add logging by @woodruffw in #71
- fulcio, _sign: Request certificates via CSR by @tetsuo-cpp in #74
- Revert "fulcio, _sign: Request certificates via CSR (#74)" by @woodruffw in #75
- Update gitignore by @di in #76
- pyproject: pin pyjwt>=2.1 by @woodruffw in #77
- version: 0.4.0 by @woodruffw in #78
Full Changelog: v0.3.1...v0.4.0
Contributors
di, woodruffw, and tetsuo-cpp