Skip to content

Releases: sigstore/sigstore-ruby

v0.2.1

19 Nov 20:00
466294d
Compare
Choose a tag to compare

What's Changed

  • Split rubygems release to matrix by @segiddins in #176
  • Bump step-security/harden-runner from 2.10.1 to 2.10.2 in the actions group by @dependabot in #177
  • Fix path in release-rubygems gem push step by @segiddins in #178
  • Fix path in release-rubygems gem push step for attestation by @segiddins in #179

Full Changelog: v0.2.0...v0.2.1

v0.2.0

19 Nov 00:51
f57a65e
Compare
Choose a tag to compare

What's Changed

  • Bump the actions group with 2 updates by @dependabot in #148
  • Bump the actions group with 2 updates by @dependabot in #149
  • Bump actions/checkout from 4.2.1 to 4.2.2 in the actions group by @dependabot in #151
  • Bump rubygems/configure-rubygems-credentials from 2fc7b42c46c46844fa52a1554212acd445708860 to a2b9242bc411d79356771fc9b9ddebcc3cd1b5dd in the actions group by @dependabot in #152
  • Improve error handling by @segiddins in #153
  • Bump rexml from 3.3.8 to 3.3.9 in the bundler group by @dependabot in #154
  • Bump actions/dependency-review-action from 4.3.5 to 4.4.0 in the actions group by @dependabot in #155
  • Bump ruby/setup-ruby from 1.197.0 to 1.198.0 in the actions group by @dependabot in #156
  • Bump the actions group with 2 updates by @dependabot in #157
  • Bump sigstore/sigstore-conformance from e0d6a7e0d402c8f9abe1dca102de8c42de9179d5 to d93d46c0e864084fbb78015a5b7d4f5b1d7e641d in the actions group by @dependabot in #159
  • Bump ruby/setup-ruby from 1.199.0 to 1.200.0 in the actions group by @dependabot in #160
  • Bump net-http from 0.4.1 to 0.5.0 by @dependabot in #161
  • Bump uri from 0.13.1 to 1.0.0 by @dependabot in #163
  • Bump ruby/setup-ruby from 1.200.0 to 1.201.0 in the actions group by @dependabot in #162
  • Bump the actions group with 2 updates by @dependabot in #165
  • Bump softprops/action-gh-release from 2.0.9 to 2.1.0 in the actions group by @dependabot in #166
  • Bump uri from 1.0.0 to 1.0.1 by @dependabot in #164
  • Bump github/codeql-action from 3.27.1 to 3.27.3 in the actions group by @dependabot in #167
  • Bump uri from 1.0.1 to 1.0.2 by @dependabot in #168
  • Bump rubocop-performance from 1.22.1 to 1.23.0 by @dependabot in #172
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #173
  • Improve compatibility with sigstore-js mock server by @segiddins in #170
  • Concat into a single buffer for JSON.canonical_generate by @segiddins in #169
  • Extract cli into a separate gem we can publish by @segiddins in #174
  • Bump version to 0.2.0 by @segiddins in #175

Full Changelog: v0.1.1...v0.2.0

v0.1.1

21 Oct 18:27
f106999
Compare
Choose a tag to compare
v0.1.1 Pre-release
Pre-release

What's Changed

Full Changelog: v0.1.0...v0.1.1

v0.1.0

18 Oct 23:18
dae7235
Compare
Choose a tag to compare
v0.1.0 Pre-release
Pre-release

What's Changed

  • Adopt some github workflows from sigstore-python by @segiddins in #2
  • Bump rake from 13.1.0 to 13.2.1 by @dependabot in #5
  • Bump codecov/codecov-action from 4.0.1 to 4.3.0 in the actions group by @dependabot in #3
  • Bump rubocop from 1.60.2 to 1.63.4 by @dependabot in #4
  • [StepSecurity] Apply security best practices by @step-security-bot in #6
  • Update precommit config by @segiddins in #7
  • Bump the actions group with 4 updates by @dependabot in #8
  • Bump codecov/codecov-action from 4.3.0 to 4.3.1 in the actions group by @dependabot in #10
  • Better errors + x509 parsing by @segiddins in #9
  • Bump ruby/setup-ruby from 1.175.1 to 1.176.0 in the actions group by @dependabot in #12
  • Bump actions/checkout from 4.1.4 to 4.1.5 in the actions group by @dependabot in #13
  • Begin implementing dsse/in-toto support by @segiddins in #11
  • Bump github/codeql-action from 3.25.3 to 3.25.4 in the actions group by @dependabot in #14
  • Bump ossf/scorecard-action from 2.3.1 to 2.3.3 in the actions group by @dependabot in #16
  • Bump github/codeql-action from 3.25.4 to 3.25.5 in the actions group by @dependabot in #17
  • Bump codecov/codecov-action from 4.3.1 to 4.4.0 in the actions group by @dependabot in #18
  • Bump the actions group across 1 directory with 4 updates by @dependabot in #20
  • Bump step-security/harden-runner from 2.7.1 to 2.8.0 in the actions group by @dependabot in #21
  • Bump ruby/setup-ruby from 1.177.0 to 1.177.1 in the actions group by @dependabot in #22
  • Bump rubocop from 1.63.4 to 1.64.0 by @dependabot in #23
  • Use ruby 3.3.1 in development by @segiddins in #24
  • Bump webmock from 3.23.0 to 3.23.1 by @dependabot in #25
  • Bump rubocop from 1.64.0 to 1.64.1 by @dependabot in #26
  • Bump timecop from 0.9.8 to 0.9.9 by @dependabot in #29
  • Bump the actions group across 1 directory with 4 updates by @dependabot in #33
  • Bump the actions group with 3 updates by @dependabot in #34
  • Bump the actions group with 2 updates by @dependabot in #35
  • Bump timecop from 0.9.9 to 0.9.10 by @dependabot in #36
  • Bump ruby/setup-ruby from 1.180.0 to 1.180.1 in the actions group by @dependabot in #37
  • Add codeowners file by @segiddins in #43
  • Update staging root to version 8 by @segiddins in #41
  • Extract TUF config to a class by @segiddins in #39
  • Implement TUF hash/length verification by @segiddins in #40
  • Start adding some tests for merkle verification by @segiddins in #42
  • Bump ruby/setup-ruby from 1.180.1 to 1.182.0 in the actions group by @dependabot in #54
  • TSA verification by @segiddins in #44
  • Bump the actions group with 2 updates by @dependabot in #57
  • Extract TUF Updater into tuf/ by @segiddins in #56
  • Support DSSE 0.0.1 DSSE envelopes by @segiddins in #58
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #60
  • Bump ruby/setup-ruby from 1.185.0 to 1.187.0 in the actions group across 1 directory by @dependabot in #63
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #65
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #67
  • Bump rexml from 3.2.8 to 3.3.2 in the bundler group by @dependabot in #68
  • Refactor verifier to perform steps in the order given by the spec by @segiddins in #55
  • Bump ruby/setup-ruby from 1.187.0 to 1.188.0 in the actions group by @dependabot in #70
  • Conformance fixes on ruby-head in CI by @segiddins in #73
  • Exclude conformance tests from rubocop by @segiddins in #38
  • Add default excludes to rubocop by @segiddins in #77
  • Bump the actions group across 1 directory with 4 updates by @dependabot in #76
  • Bump rexml from 3.3.2 to 3.3.3 in the bundler group by @dependabot in #74
  • Bump step-security/harden-runner from 2.9.0 to 2.9.1 in the actions group by @dependabot in #78
  • Bump the actions group with 2 updates by @dependabot in #79
  • Bump github/codeql-action from 3.26.0 to 3.26.1 in the actions group by @dependabot in #80
  • Bump github/codeql-action from 3.26.1 to 3.26.2 in the actions group by @dependabot in #82
  • Add merkle inclusion proof tests by @segiddins in #83
  • TUF conformance by @segiddins in #69
  • Bump vcr from 6.2.0 to 6.3.0 by @dependabot in #84
  • Bump vcr from 6.3.0 to 6.3.1 by @dependabot in #87
  • Support rsa-pkcs1v15-sha256 keys by @segiddins in #86
  • Fix TUF rollback protection by @segiddins in #89
  • Bump rexml from 3.3.3 to 3.3.6 in the bundler group by @dependabot in #91
  • Update vendored trusted roots by @segiddins in #93
  • Fix walk of target delegations to be DFS by @segiddins in #95
  • Bump github/codeql-action from 3.26.2 to 3.26.5 in the actions group across 1 directory by @dependabot in #96
  • Bump theupdateframework/tuf-conformance from 2c8a0a73f2eea756ddc2e8b11077cb063aa221ed to a45d2183228f9bed664616669c11d19558e0be3f in the actions group by @dependabot in #97
  • Bump theupdateframework/tuf-conformance from a45d2183228f9bed664616669c11d19558e0be3f to b8f2205151cf52499becade10fd9cddf574e6bf1 in the actions group by @dependabot in #98
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #100
  • Bump the actions group across 1 directory with 3 updates by @dependabot in #106
  • Bump step-security/harden-runner from 2.9.1 to 2.10.0 in the actions group by @dependabot in #107
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #109
  • Bump rubocop-performance from 1.21.1 to 1.22.0 by @dependabot in #111
  • Bump the actions group across 1 directory with 2 updates by @dependabot in #113
  • Bump rubocop-performance from 1.22.0 to 1.22.1 by @dependabot in #114
  • Bump github/codeql-action from 3.26.7 to 3.26.8 in the actions group by @dependabot in #115
  • Bump theupdateframework/tuf-conformance from e9a3a160751549e8a9fd92b267a5c92247d9df82 to 307fb63cefc6c47d2c4c20e579f5e2f258c9e83f in the actions group by @dependabot in #116
  • Sigstore signer by @segiddins in #81
  • Bump rubocop from 1.64.1 to 1.66.1 by @dependabot in #104
  • Update vendored trusted roots by @segiddins in #112
  • Restrict ci workflow github token permissions by @segiddins in #117
  • Stop using RubyGems for conformance testing CLI by @segiddins in #120
  • Improved JRuby compatibility by @segiddins in https://github.com/sigsto...
Read more