Releases: sigstore/scaffolding
Releases · sigstore/scaffolding
Release list
v0.7.37
What's Changed
- Remove new-fulcio testdata config by @cmurphy in #1951
- Bump cloud-sql-connectors/cloud-sql-proxy from 2.21.2-alpine to 2.23.0-alpine in /deps by @dependabot[bot] in #1909
- Support rekor-tiles in release setup script, fix 404 check by @Hayden-IO in #1952
Full Changelog: v0.7.36...v0.7.37
v0.7.36
What's Changed
- Remove use of createcerts in Fulcio by @cmurphy in #1834
- Replace ct_server with TesseraCT in setup by @cmurphy in #1793
- fix payload for SearchLogQuery prober endpoint by @bobcallaway in #1844
- Move prober to sigstore-probers by @cmurphy in #1845
- Stop building tesseract by @cmurphy in #1846
- bump cloud-sql-proxy to v2.21.0 by @bobcallaway in #1854
- Add flags to control service startup by @aaronlew02 in #1827
- Remove managectroots command and image by @cmurphy in #1872
- Remove ct_server from hack by @cmurphy in #1871
- Serve signing-config from TUF in setup action by @cmurphy in #1876
- Upgrade setup-scaffolding to Rekor v2 by @cmurphy in #1874
- workflows: Allow insecure registries in tests by @jku in #1946
Full Changelog: v0.7.33...v0.7.36
v0.7.33
v0.7.31
v0.7.30
v0.7.29
What's Changed
This release reverts a previous change to the prober to allow for insecure gRPC connections, in favor of allowing for gRPC testing to be disabled.
- Allow disabling Fulcio gRPC testing via flag in #1787
Full Changelog: v0.7.28...v0.7.29
v0.7.28
v0.7.27
v0.7.26
v0.7.25
What's Changed
- Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @dependabot[bot] in #1617
- update docs and clean up scripts by @cpanato in #1624
- Parallelize service setup by @cmurphy in #1618
- Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #1626
- Bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #1629
- Bump github.com/letsencrypt/boulder from 0.0.0-20240620165639-de9c06129bec to 0.20250707.0 by @dependabot[bot] in #1630
- Bump cloud-sql-connectors/cloud-sql-proxy from 2.17.1-alpine to 2.18.0-alpine by @dependabot[bot] in #1632
- Bump github.com/go-jose/go-jose/v4 from 4.1.0 to 4.1.1 by @dependabot[bot] in #1622
- Clean up GHAs using zizmor by @haydentherapper in #1633
- Bump chainguard-dev/actions from 1.4.5 to 1.4.7 by @dependabot[bot] in #1644
- Bump google.golang.org/grpc from 1.73.0 to 1.74.2 by @dependabot[bot] in #1646
- Bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #1645
- Bump github.com/letsencrypt/boulder from 0.20250707.0 to 0.20250721.0 by @dependabot[bot] in #1647
- Create utility for generating Tink keysets by @haydentherapper in #1627
- Bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #1652
- Bump chainguard-dev/actions from 1.4.7 to 1.4.8 by @dependabot[bot] in #1651
- Bump go.step.sm/crypto from 0.67.0 to 0.68.0 by @dependabot[bot] in #1650
- Bump github.com/go-jose/go-jose/v4 from 4.1.1 to 4.1.2 by @dependabot[bot] in #1648
- Bump docker/login-action from 3.4.0 to 3.5.0 by @dependabot[bot] in #1658
- Bump github/codeql-action from 3.29.7 to 3.29.8 by @dependabot[bot] in #1657
- Bump go.step.sm/crypto from 0.68.0 to 0.69.0 by @dependabot[bot] in #1659
- Bump github.com/letsencrypt/boulder from 0.20250721.0 to 0.20250805.0 by @dependabot[bot] in #1654
- Bump chainguard-dev/actions from 1.4.8 to 1.4.9 by @dependabot[bot] in #1656
- Bump sigs.k8s.io/release-utils from 0.11.1 to 0.12.1 by @dependabot[bot] in #1653
- Add checkpoint key ID as output for create-tink-keyset by @haydentherapper in #1661
- macOS support for hermetic environment by @haydentherapper in #1662
- Bump chainguard-dev/actions from 1.4.9 to 1.4.10 by @dependabot[bot] in #1666
- Bump github.com/letsencrypt/boulder from 0.20250805.0 to 0.20250812.0 by @dependabot[bot] in #1674
- Bump k8s.io/api from 0.33.2 to 0.33.4 by @dependabot[bot] in #1672
- Bump github.com/sigstore/rekor-tiles from 0.1.6 to 0.1.9 by @dependabot[bot] in #1673
- Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #1667
- Bump k8s.io/client-go from 0.33.2 to 0.33.4 by @dependabot[bot] in #1671
- Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 by @dependabot[bot] in #1665
- Bump k8s.io/code-generator from 0.33.2 to 0.33.4 by @dependabot[bot] in #1669
- Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in #1675
- Bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 by @dependabot[bot] in #1677
- Bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #1676
- Bump github/codeql-action from 3.29.8 to 3.29.9 by @dependabot[bot] in #1668
- Move deps dockerfile to dedicated directory by @haydentherapper in #1678
- Bump projectsigstore/rekor-server from v1.3.9 to v1.4.0 in /config/rekor/rekor by @dependabot[bot] in #1683
- Bump projectsigstore/fulcio from v1.6.6 to v1.7.1 in /config/fulcio/fulcio by @dependabot[bot] in #1682
- Bump trillian-opensource-ci/db_server from
ce3a107to3dcf614in /config/trillian/mysql by @dependabot[bot] in #1680 - Bump github/codeql-action from 3.29.9 to 3.29.10 by @dependabot[bot] in #1679
- Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in #1685
- Bump chainguard-dev/actions from 1.4.10 to 1.4.12 by @dependabot[bot] in #1689
- Bump go.step.sm/crypto from 0.69.0 to 0.70.0 by @dependabot[bot] in #1691
- Bump trillian-opensource-ci/db_server from
3dcf614todfbfa89in /config/trillian/mysql by @dependabot[bot] in #1693 - Bump github.com/letsencrypt/boulder from 0.20250812.0 to 0.20250819.0 by @dependabot[bot] in #1690
- Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in #1687
- Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @dependabot[bot] in #1688
- Trigger Prober Unit Test on pull request by @aaronlew02 in #1694
- Bump projectsigstore/rekor-server from v1.4.0 to v1.4.1 in /config/rekor/rekor by @dependabot[bot] in #1704
- Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @dependabot[bot] in #1696
- Bump github.com/sigstore/rekor from 1.4.0 to 1.4.1 by @dependabot[bot] in #1697
- Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3 by @dependabot[bot] in #1637
- Bump github.com/sigstore/rekor-tiles from 0.1.9 to 0.1.10 by @dependabot[bot] in #1700
- drop 1.30 k8s, add 1.34 and update knative by @cpanato in #1705
- Bump projectsigstore/rekor-server from v1.4.1 to v1.4.2 in /config/rekor/rekor by @dependabot[bot] in #1716
- Bump trillian-opensource-ci/db_server from
dfbfa89toce905c8in /config/trillian/mysql by @dependabot[bot] in #1715 - Bump github.com/prometheus/client_golang from 1.23.0 to 1.23.2 by @dependabot[bot] in #1712
- Bump golang.org/x/time from 0.12.0 to 0.13.0 by @dependabot[bot] in #1711
- Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in #1710
- Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #1707
- Bump github/codeql-action from 3.29.10 to 3.30.1 by @dependabot[bot] in #1706
- Bump chainguard-dev/actions from 1.4.13 to 1.4.14 by @dependabot[bot] in #1708
- Bump k8s.io/client-go from 0.33.4 to 0.34.0 by @dependabot[bot] in #1698
- Bump sigstore/cosign-installer from 3.9.0 to 3.9.2 by @dependabot[bot] in #1635
- Bump cloud-sql-connectors/cloud-sql-proxy from 2.18.0-alpine to 2.18.2-alpine in /deps by @dependabot[bot] in #1684
- Bump github.com/letsencrypt/boulder from 0.20250819.0 to 0.20250902.0 by @dependabot[bot] in #1714
- Bump k8s.io/code-generator from 0.33.4 to 0.34.0 by @dependabot[bot] in #1709
- Bump github.com/sigstore/rekor from 1.4.1 to 1.4.2 by @dependabot[bot] in #1713
- Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @dependabot[bot] in #1721
- Bump chainguard-dev/actions from 1.4.14 to 1.4.15 by @dependabot[bot] in #1720
- Bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in #1722
- Bump github.com/sigstore/timestamp-authority from 1.2.8 to 1.2.9 by @dependabot[bot] in #1726
- Bump github.com/sigstore/rekor-tiles from 0.1.10 to 0.1.11 by @dependabot[bot] in #1723
- Bump golang.org/x/net from 0.43.0 to 0.44.0 by @depen...