Releases: in-toto/witness
Releases · in-toto/witness
v0.11.0
Immutable
release. Only release title and notes can be modified.
Changelog
Bug fixes
- e4e91a6: fix(policy): add public key validation in policy check command (#749) (@Jaydeep869)
- 772b369: fix: properly retain attestor options on witness run (#750) (@Jaydeep869)
Others
- 5342829: chore: bump github.com/go-git/go-git/v5 from 5.16.0 to 5.16.5 (#722) (@dependabot[bot])
- d76696c: chore: bump the all-gha group across 1 directory with 8 updates (#720) (@dependabot[bot])
- 120b88a: chore: bump the all-go-mod group across 1 directory with 5 updates (#723) (@dependabot[bot])
- 0b4c575: chore: bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.4.1 (#718) (@dependabot[bot])
- 1074111: chore: bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (#715) (@dependabot[bot])
- edc05ac: chore: bump undici from 7.16.0 to 7.18.2 in /docs-website in the npm_and_yarn group across 1 directory (#710) (@dependabot[bot])
- 3059e31: chore: bump the npm_and_yarn group across 1 directory with 4 updates (#724) (@dependabot[bot])
- e7785ee: chore: bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (#726) (@dependabot[bot])
- 67fa1d2: chore: bump github/codeql-action from 4.32.2 to 4.32.3 in the all-gha group (#725) (@dependabot[bot])
- f93583e: fix(archivista client): nil pointer dereference (#676) (@manzil-infinity180)
- 66c6d50: chore: bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (#730) (@dependabot[bot])
- b030acf: chore: bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#731) (@dependabot[bot])
- e101901: chore: bump the all-gha group across 1 directory with 7 updates (#733) (@dependabot[bot])
- 542c8fd: chore: bump the all-go-mod group across 1 directory with 2 updates (#732) (@dependabot[bot])
- 99de651: chore: bump svgo from 2.8.0 to 2.8.2 in /docs-website in the npm_and_yarn group across 1 directory (#734) (@dependabot[bot])
- a072dc7: chore: bump github.com/docker/cli from 29.0.3+incompatible to 29.2.0+incompatible (#735) (@dependabot[bot])
- 02901b9: chore: bump the all-gha group across 1 directory with 7 updates (#737) (@dependabot[bot])
- 9521a68: Fix Aditya's name (#738) (@adityasaky)
- 35a7aff: chore: bump undici from 7.18.2 to 7.24.1 in /docs-website in the npm_and_yarn group across 1 directory (#739) (@dependabot[bot])
- 8c1032c: chore: bump the all-go-mod group with 2 updates (#740) (@dependabot[bot])
- 44b8404: chore: bump google.golang.org/grpc from 1.79.1 to 1.79.3 (#741) (@dependabot[bot])
- c598df6: chore: bump k8s.io/apimachinery from 0.35.2 to 0.35.3 in the all-go-mod group (#742) (@dependabot[bot])
- b1613d0: chore: bump yaml from 1.10.2 to 1.10.3 in /docs-website in the npm_and_yarn group across 1 directory (#744) (@dependabot[bot])
- 043b0fa: chore: bump the all-gha group across 1 directory with 5 updates (#745) (@dependabot[bot])
- 34290a1: chore: bump node-forge from 1.3.2 to 1.4.0 in /docs-website in the npm_and_yarn group across 1 directory (#746) (@dependabot[bot])
- f1b5254: chore: bump github.com/open-policy-agent/opa from 1.14.1 to 1.15.0 in the all-go-mod group (#747) (@dependabot[bot])
- 698876d: chore: bump github.com/go-git/go-git/v5 from 5.16.5 to 5.17.1 (#748) (@dependabot[bot])
- f9ba228: chore: bump github.com/buger/jsonparser from 1.1.1 to 1.1.2 (#751) (@dependabot[bot])
- bfe3bf4: chore: bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#752) (@dependabot[bot])
- c9d1520: chore: bump picomatch from 2.3.1 to 2.3.2 in /docs-website in the npm_and_yarn group across 1 directory (#754) (@dependabot[bot])
- 5a8d811: chore: bump lodash from 4.17.23 to 4.18.1 in /docs-website in the npm_and_yarn group across 1 directory (#755) (@dependabot[bot])
- a4658e4: chore: bump github.com/open-policy-agent/opa from 1.15.0 to 1.15.1 in the all-go-mod group (#759) (@dependabot[bot])
- d481de6: chore: bump the all-gha group across 1 directory with 5 updates (#766) (@dependabot[bot])
- 70dd040: chore: bump axios from 1.13.5 to 1.15.0 in /docs-website in the npm_and_yarn group across 1 directory (#764) (@dependabot[bot])
- 31b8225: chore: bump github.com/open-policy-agent/opa from 1.15.1 to 1.15.2 in the all-go-mod group across 1 directory (#765) (@dependabot[bot])
- fbd3199: chore: bump github.com/sigstore/timestamp-authority/v2 from 2.0.3 to 2.0.6 (#767) (@dependabot[bot])
- 8de1d7d: chore: bump follow-redirects from 1.15.11 to 1.16.0 in /docs-website in the npm_and_yarn group across 1 directory (#768) (@dependabot[bot])
- 4f94e9f: Update deps (#762) (@jkjell)
Contributors
jkjell, adityasaky, and 3 other contributors
Assets 33
- 13.5 MB
2026-04-14T19:17:42Z - 3.41 MB
2026-04-14T19:17:44Z - 9.57 KB
2026-04-14T19:17:47Z - 9.63 KB
2026-04-14T19:17:46Z - 1.42 KB
2026-04-14T19:17:45Z - 9.73 KB
2026-04-14T19:17:47Z - 22.3 MB
2026-04-14T19:17:42Z - 356 KB
2026-04-14T19:17:44Z - 9.66 KB
2026-04-14T19:17:47Z - 9.66 KB
2026-04-14T19:17:46Z -
2026-04-14T19:02:43Z -
2026-04-14T19:02:43Z -
2026-04-14T19:02:43Z - Loading
v0.10.2
Immutable
release. Only release title and notes can be modified.
Changelog
Features
- e10a919: feat(policy): add policy check command (#681) (@manzil-infinity180)
Documentation
- e9c1361: docs(attestor): vex, secretscan, k8smanifest, system-packages (#679) (@manzil-infinity180)
Others
- 9ac9b5d: chore: added documentation for omnitrail attestor (#673) (@manzil-infinity180)
- 5b7b17d: chore: bump the all-gha group across 1 directory with 5 updates (#680) (@dependabot[bot])
- 188e65f: chore: bump golang.org/x/crypto from 0.39.0 to 0.45.0 (#686) (@dependabot[bot])
- c81b3f1: chore: bump the all-gha group across 1 directory with 7 updates (#688) (@dependabot[bot])
- 61da106: chore: bump node-forge from 1.3.1 to 1.3.2 in /docs-website in the npm_and_yarn group across 1 directory (#689) (@dependabot[bot])
- 262527b: chore: bump github.com/sigstore/fulcio from 1.7.1 to 1.8.3 (#690) (@dependabot[bot])
- 360684a: chore: bump the all-go-mod group across 1 directory with 4 updates (#692) (@dependabot[bot])
- 154fb32: chore: bump the all-gha group with 4 updates (#693) (@dependabot[bot])
- ac66267: chore: bump mdast-util-to-hast from 13.2.0 to 13.2.1 in /docs-website in the npm_and_yarn group across 1 directory (#694) (@dependabot[bot])
- d1dbbe7: chore: bump the all-gha group with 6 updates (#699) (@dependabot[bot])
- 68ccf8b: test: add cmd/config (#677) (@manzil-infinity180)
- 7998f21: chore: update gorelease config to enable immutable releases (#696) (@jkjell)
- 9be09ec: chore: bump the all-go-mod group with 3 updates (#701) (@dependabot[bot])
- e157ad6: chore: bump the all-gha group across 1 directory with 2 updates (#703) (@dependabot[bot])
- 09b07ed: chore: bump github.com/open-policy-agent/opa from 1.12.1 to 1.12.2 in the all-go-mod group (#705) (@dependabot[bot])
- fd39378: chore: bump qs from 6.13.0 to 6.14.1 in /docs-website in the npm_and_yarn group across 0 directory (#706) (@dependabot[bot])
- e714d76: chore: update maintainers and affiliations (#708) (@mikhailswift)
- dfa9faf: chore: bump github.com/sigstore/cosign/v2 from 2.5.0 to 2.6.2 (#707) (@dependabot[bot])
- 0af1bb5: chore: bump github.com/sigstore/fulcio from 1.8.4 to 1.8.5 (#709) (@dependabot[bot])
Contributors
jkjell, mikhailswift, and 2 other contributors
Assets 33
v0.10.2-rc5
Immutable
release. Only release title and notes can be modified.
v0.10.2-rc5
This tag was signed with the committer’s verified signature.
jkjell
John Kjell
Changelog
Features
- e10a919: feat(policy): add policy check command (#681) (@manzil-infinity180)
Documentation
- e9c1361: docs(attestor): vex, secretscan, k8smanifest, system-packages (#679) (@manzil-infinity180)
Others
- 9ac9b5d: chore: added documentation for omnitrail attestor (#673) (@manzil-infinity180)
- 5b7b17d: chore: bump the all-gha group across 1 directory with 5 updates (#680) (@dependabot[bot])
- 188e65f: chore: bump golang.org/x/crypto from 0.39.0 to 0.45.0 (#686) (@dependabot[bot])
- c81b3f1: chore: bump the all-gha group across 1 directory with 7 updates (#688) (@dependabot[bot])
- 61da106: chore: bump node-forge from 1.3.1 to 1.3.2 in /docs-website in the npm_and_yarn group across 1 directory (#689) (@dependabot[bot])
- 262527b: chore: bump github.com/sigstore/fulcio from 1.7.1 to 1.8.3 (#690) (@dependabot[bot])
- 360684a: chore: bump the all-go-mod group across 1 directory with 4 updates (#692) (@dependabot[bot])
- 154fb32: chore: bump the all-gha group with 4 updates (#693) (@dependabot[bot])
- ac66267: chore: bump mdast-util-to-hast from 13.2.0 to 13.2.1 in /docs-website in the npm_and_yarn group across 1 directory (#694) (@dependabot[bot])
- 86d2585: chore: update gorelease config to enable immutable releases (@jkjell)
Contributors
jkjell, dependabot, and manzil-infinity180
Assets 33
v0.10.1
Changelog
Changes from go-witness v0.9.1
- feat(schemagen): only update schema files when content changes by @colek42 in in-toto/go-witness#506
- feat: add MultiExporter interface for multiple attestation exports by @colek42 in in-toto/go-witness#507
- feat(attestation): adds aws codebuild attestor by @kriscoleman in in-toto/go-witness#477
- fix(ci): updates tsa server url and ca by @kriscoleman in in-toto/go-witness#531
- added test for gitlab attestation by @manzil-infinity180 in in-toto/go-witness#553
- log failed attestor name for better debugging by @rabajaj0509 in in-toto/go-witness#565
- feat: Add Azure Key Vault KMS core implementation by @fkautz in in-toto/go-witness#529
- signer/file: add passphrase support for encrypted PKCS#8 keys; add tests by @fkautz in in-toto/go-witness#564
- fix(fulcio): improve fulcio signer resilience and error handling by @kriscoleman in in-toto/go-witness#568
- add the current valid AWS certs to valid AWS identity documents by @jkjell in in-toto/go-witness#576
Bug fixes
- 143f0e7: fix: gitignore profile.cov file (#632) (@manzil-infinity180)
- b23aebc: fix: links in the concepts/attestor (#646) (@manzil-infinity180)
- c007331: fix(docs): witness run cmd in kms (#656) (@manzil-infinity180)
Documentation
- 34f5f2d: docs: add TestifySec sponsorship to README (#607) (@colek42)
- 43209a6: docs: added development steps to CONTRIBUTING.MD (#642) (@manzil-infinity180)
- 8457db6: docs: add azure key vault (#665) (@manzil-infinity180)
Others
- 65e9180: Make getting started the first item. (#624) (@matglas)
- 57538fa: Remove announcement bar with docs survey callout (#626) (@ChaosInTheCRD)
- b0ffd87: test: added for the options/sign.go (#637) (@manzil-infinity180)
- 4a6fc81: test: added for the options/root.go (#638) (@manzil-infinity180)
- 27138ac: test: add cmd/version.go (#633) (@manzil-infinity180)
- 2ded5fb: test: added for the options/verify.go (#640) (@manzil-infinity180)
- 16d15de: fix the link of Sigstore Cosign project (#647) (@manzil-infinity180)
- 00c6bda: add docker attester usage docs (#653) (@rabajaj0509)
- 6db12a8: test: add for the options/run.go (#641) (@manzil-infinity180)
- 38ffa99: fix the favicon path in docusaurus config file (#669) (@manzil-infinity180)
- ba902d8: Update to v0.9.1 of go-witness (#672) (@jkjell)
Contributors
jkjell, fkautz, and 6 other contributors
Assets 47
v0.10.0
Immutable
release. Only release title and notes can be modified.
Changelog
Features
- 2ad5fe1: feat(test): added test for SignCmd (#635) (@manzil-infinity180)
- a4a3afb: feat(test): added test for log.go (#636) (@manzil-infinity180)
- 5927c64: feat: added test for the cmd/attestors and cmd/completion (#650) (@manzil-infinity180)
Bug fixes
- 143f0e7: fix: gitignore profile.cov file (#632) (@manzil-infinity180)
- b23aebc: fix: links in the concepts/attestor (#646) (@manzil-infinity180)
- c007331: fix(docs): witness run cmd in kms (#656) (@manzil-infinity180)
Documentation
- 34f5f2d: docs: add TestifySec sponsorship to README (#607) (@colek42)
- 43209a6: docs: added development steps to CONTRIBUTING.MD (#642) (@manzil-infinity180)
- 8457db6: docs: add azure key vault (#665) (@manzil-infinity180)
Others
- bd04d3b: chore: bump the all-gha group with 5 updates (#601) (@dependabot[bot])
- d27ff8a: chore: bump github.com/olekukonko/tablewriter from 0.0.5 to 1.0.2 in the all-go-mod group (#597) (@dependabot[bot])
- 95bb89d: chore: bump ossf/scorecard-action from 2.4.1 to 2.4.2 in the all-gha group (#603) (@dependabot[bot])
- 9b8f2e0: chore: bump github.com/olekukonko/tablewriter from 1.0.6 to 1.0.7 in the all-go-mod group (#604) (@dependabot[bot])
- abedf58: Update README with origin statement and support information (#611) (@colek42)
- 3fb4da0: chore: bump github/codeql-action from 3.28.18 to 3.28.19 in the all-gha group (#610) (@dependabot[bot])
- 94769a4: chore: bump the all-gha group with 3 updates (#614) (@dependabot[bot])
- d99fae8: chore: bump k8s.io/apimachinery from 0.33.1 to 0.33.2 in the all-go-mod group (#615) (@dependabot[bot])
- 48d4756: chore: bump sigstore/cosign-installer from 3.8.2 to 3.9.0 in the all-gha group (#616) (@dependabot[bot])
- 8c2b5bd: chore: bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in the go_modules group (#617) (@dependabot[bot])
- d585ad8: chore: bump the all-gha group with 2 updates (#618) (@dependabot[bot])
- f600048: chore: bump github.com/olekukonko/tablewriter from 1.0.7 to 1.0.8 in the all-go-mod group (#619) (@dependabot[bot])
- 8b77986: chore: bump the all-gha group with 3 updates (#620) (@dependabot[bot])
- cd5498e: chore: bump the all-gha group with 3 updates (#621) (@dependabot[bot])
- f31243b: chore: bump the all-go-mod group with 2 updates (#622) (@dependabot[bot])
- 6a3aa8a: chore: bump form-data from 4.0.1 to 4.0.4 in /docs-website in the npm_and_yarn group across 1 directory (#623) (@dependabot[bot])
- d616c95: chore: bump the all-gha group with 3 updates (#625) (@dependabot[bot])
- 65e9180: Make getting started the first item. (#624) (@matglas)
- 57538fa: Remove announcement bar with docs survey callout (#626) (@ChaosInTheCRD)
- 42f88d4: chore: bump github/codeql-action from 3.29.4 to 3.29.5 in the all-gha group (#628) (@dependabot[bot])
- 27982d2: chore: bump github.com/olekukonko/tablewriter from 1.0.8 to 1.0.9 in the all-go-mod group (#629) (@dependabot[bot])
- 57c4500: chore: bump the all-gha group with 4 updates (#630) (@dependabot[bot])
- b0ffd87: test: added for the options/sign.go (#637) (@manzil-infinity180)
- d762d03: chore: bump k8s.io/apimachinery from 0.33.3 to 0.33.4 in the all-go-mod group (#644) (@dependabot[bot])
- d616c78: chore: bump the all-gha group with 3 updates (#643) (@dependabot[bot])
- 4a6fc81: test: added for the options/root.go (#638) (@manzil-infinity180)
- 27138ac: test: add cmd/version.go (#633) (@manzil-infinity180)
- 2ded5fb: test: added for the options/verify.go (#640) (@manzil-infinity180)
- a36653e: chore: bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in the go_modules group (#645) (@dependabot[bot])
- 6f458cf: chore: bump github.com/stretchr/testify from 1.10.0 to 1.11.0 in the all-go-mod group (#648) (@dependabot[bot])
- e3d30f7: chore: bump the all-gha group with 3 updates (#649) (@dependabot[bot])
- 16d15de: fix the link of Sigstore Cosign project (#647) (@manzil-infinity180)
- 9a43c2b: chore: bump actions/dependency-review-action from 4.7.2 to 4.7.3 in the all-gha group (#652) (@dependabot[bot])
- 00c6bda: add docker attester usage docs (#653) (@rabajaj0509)
- 6db12a8: test: add for the options/run.go (#641) (@manzil-infinity180)
- 1d95648: chore: bump axios from 1.8.2 to 1.12.1 in /docs-website in the npm_and_yarn group across 1 directory (#658) (@dependabot[bot])
- 7ed05f2: chore: bump the all-go-mod group across 1 directory with 6 updates (#662) (@dependabot[bot])
- a96fbfb: chore: bump the all-gha group with 7 updates (#664) (@dependabot[bot])
- dd170dd: chore: bump the all-gha group with 3 updates (#667) (@dependabot[bot])
- 38ffa99: fix the favicon path in docusaurus config file (#669) (@manzil-infinity180)
- 0134527: chore: bump the all-gha group with 2 updates (#670) (@dependabot[bot])
- 9a344c6: Update go-witness version (#671) (@jkjell)
- ba902d8: Update to v0.9.1 of go-witness (#672) (@jkjell)
Contributors
jkjell, matglas, and 5 other contributors
Assets 3
v0.9.2
Changelog
Features
- 9dbd5b6: feat: add ability to pass headers when making requests to archivista (#600) (@mikhailswift)
Documentation
- 03feedc: docs: fix markdown (#590) (@suzuki-shunsuke)
Others
- 3b0efb7: chore: bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules group (#586) (@dependabot[bot])
- 7c05fad: chore: bump github/codeql-action from 3.28.13 to 3.28.15 in the all-gha group (#589) (@dependabot[bot])
- 67d820e: chore: updates to go-witness 0.8.4 (#593) (@mikhailswift)
- 1d9eaa5: chore: updates workflows to use witness v0.9.1 (#594) (@mikhailswift)
- 478652e: chore: bump the all-gha group with 5 updates (#591) (@dependabot[bot])
- 01dee0d: chore: bump the all-gha group with 2 updates (#595) (@dependabot[bot])
- 6578c09: chore: bump github.com/open-policy-agent/opa from 1.3.0 to 1.4.0 in the go_modules group (#596) (@dependabot[bot])
- bd820bb: chore: bump the all-gha group with 2 updates (#598) (@dependabot[bot])
- 51a2b45: chore: bump undici from 6.21.1 to 6.21.3 in /docs-website in the npm_and_yarn group across 1 directory (#599) (@dependabot[bot])
Contributors
mikhailswift, suzuki-shunsuke, and dependabot
Assets 47
v0.9.1
Changelog
Documentation
- 03feedc: docs: fix markdown (#590) (@suzuki-shunsuke)
Others
- 3b0efb7: chore: bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules group (#586) (@dependabot[bot])
- 7c05fad: chore: bump github/codeql-action from 3.28.13 to 3.28.15 in the all-gha group (#589) (@dependabot[bot])
- 67d820e: chore: updates to go-witness 0.8.4 (#593) (@mikhailswift)
- 470e889: chore: updates workflows to use witness v0.9.1-rc1 (@mikhailswift)
Contributors
mikhailswift, suzuki-shunsuke, and dependabot
Assets 47
v0.9.0
Changelog
Others
- 449c4e4: chore: fix some comments (#569) (@linghuying)
- 79e5681: chore: bump the all-gha group across 1 directory with 8 updates (#572) (@dependabot[bot])
- 3d991a3: chore: bump the all-go-mod group with 2 updates (#566) (@dependabot[bot])
- 34cb841: chore: bump golang.org/x/net from 0.34.0 to 0.36.0 in the go_modules group (#565) (@dependabot[bot])
- 9418116: chore: bump prismjs from 1.29.0 to 1.30.0 in /docs-website in the npm_and_yarn group across 1 directory (#564) (@dependabot[bot])
- 76cf46d: chore: bump github.com/spf13/viper from 1.20.0 to 1.20.1 in the all-go-mod group (#574) (@dependabot[bot])
- 656ba04: chore: bump the npm_and_yarn group across 1 directory with 3 updates (#576) (@dependabot[bot])
- 98356bf: Update affiliation (#579) (@)
- c8b27fd: chore: bump image-size from 1.1.1 to 1.2.1 in /docs-website in the npm_and_yarn group across 1 directory (#578) (@dependabot[bot])
- 4ac699b: chore: bump estree-util-value-to-estree from 3.2.1 to 3.3.3 in /docs-website in the npm_and_yarn group across 1 directory (#581) (@dependabot[bot])
- 8253eef: chore: bump the all-gha group across 1 directory with 4 updates (#580) (@dependabot[bot])
- 0218622: chore: bump github.com/sigstore/fulcio from 1.6.6 to 1.7.0 in the all-go-mod group (#582) (@dependabot[bot])
- 4ebb0e7: chore: update to go-witness v0.8.3, remove unneeded replace directives (#583) (@mikhailswift)
- c674871: changed --env-exclude-sensitive-key to --env-allow-sensitive-key (#563) (@Horiodino)
- 7f91b00: chore: bump http-proxy-middleware from 2.0.7 to 2.0.9 in /docs-website in the npm_and_yarn group across 1 directory (#585) (@dependabot[bot])
Contributors
mikhailswift, dependabot, and 2 other contributors
Assets 47
v0.8.1
Changelog
Fix
- --dirhash-glob fails with symlinked directories (in-toto/go-witness#442) by @jrampon in in-toto/go-witness#445
Others
- dc8550b: chore: Add documentation on environment attestor (#555) (@matglas)
- ac0a137: chore: bump the all-gha group with 6 updates (#554) (@dependabot[bot])
- ae7b73b: chore: bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 in the go_modules group (#557) (@dependabot[bot])
- 89faf44: chore: bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 in the go_modules group (#558) (@dependabot[bot])
- 999722c: chore: bump the all-gha group with 2 updates (#559) (@dependabot[bot])
- 4f6a03e: chore: bump axios from 1.7.8 to 1.8.2 in /docs-website in the npm_and_yarn group across 1 directory (#560) (@dependabot[bot])
- ee0f1e4: chore: bump github.com/in-toto/go-witness from 0.8.0 to 0.8.1 in the all-go-mod group (#562) (@dependabot[bot])
- a16c4f9: chore: bump github/codeql-action from 3.28.10 to 3.28.11 in the all-gha group (#561) (@dependabot[bot])
Contributors
jrampon, matglas, and dependabot
Assets 47
v0.8.0
Changelog
Features
go-witness v0.8.0
- feat: New environment variable obfuscation functionality by @matglas in in-toto/go-witness#355
- feat: Add lockfile attestor by @fkautz in in-toto/go-witness#370
- bug(fulcio): Fixes Witness #535 by @jkjell in in-toto/go-witness#402
Others
Contributors
jkjell, fkautz, and matglas