UD2026.08 (7.28.0) CiD

Supported platforms

• NPU3720 Intel® Core™ Ultra Processors (Series 1) (Products formerly known as Meteor Lake and Arrow Lake)
• NPU4000 Intel® Core™ Ultra Processors (Series 2) (Products known as Lunar Lake)
• NPU5010 Intel® Core™ Ultra Processors (Series 3) (Products known as Panther Lake)

Release notes

The UD206.08 Release Notes have been published as part of the Intel® NPU Windows Driver release notes, including the integrated NPU Compiler component.

Dependencies

• OpenVINO - openvino_config.json.
• OpenCV - opencv_version.json.
• Open Model Zoo - omz_version.json

NPU Linux Driver

The following driver version was used for NPU Compiler UD2026.08 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json.

The following driver version contains NPU Compiler UD2026.08 as a binary component

• Linux NPU Driver v1.30.0

Artifacts Information and supply-chain security

Click to expand

📦 Artifacts Information

This release provides three CiD (Compiler-in-Driver) binary packages for integration into the NPU Driver on the following platforms:

• Windows 11
• Ubuntu 22.04
• Ubuntu 24.04

To ensure end-to-end supply-chain security, both the release and each individual artifact are protected by multiple integrity guarantees:

• Digital signatures via Sigstore Cosign — any modification to a signed artifact invalidates the signature.
• GitHub artifact provenance attestations — each artifact is accompanied by a build-provenance attestation published on the repository’s attestations page.
• Immutable GitHub Release — the release tag and all assets are permanently locked after publication and cannot be modified, replaced, or deleted.

All commands below work on any platform. On Windows (CMD/PowerShell), simply replace the line-continuation symbol \ with ^.

---

🔐 Cosign Digital Signatures

Cosign provides cryptographic verification of both the artifact content and the associated Rekor entry. Together, these systems guarantee that each artifact originates exactly from this repository’s CI pipeline and has not been modified post-publication and allow anyone to validate that this artifact was produced by the official GitHub Actions workflow for this repository.
Each release artifact includes a signature bundle named:

<artifact>.sigstore.json

This bundle contains:

• A Sigstore Fulcio certificate. Fulcio issues a short-lived signing certificate that binds the signature to the GitHub Actions workflow identity.
• A Rekor transparency log entry. Rekor stores the transparency log record, ensuring the signature is publicly auditable and cannot be altered.
• Signature metadata (SCT, inclusion proof, signature, etc.)

Verify the Signature Online

You can verify the published transparency-log record using:

https://search.sigstore.dev/?hash=<sha256>

To get the <sha256> digest, use the Copy SHA256 button next to any release asset in the GitHub release UI.

Verify the Signature Locally

1. Install Cosign
   Follow the official guide: https://docs.sigstore.dev/cosign/system_config/installation
2. Download the files
   • <artifact_name>
   • <artifact_name>.sigstore.json
3. Run the verification

   cosign verify-blob \
       --bundle <artifact_name>.sigstore.json \
       --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2026_08_rc1 \
       --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
       <artifact_name>

   Note: On Windows, the Cosign executable may be named differently (for example, cosign-windows-amd64.exe). Adjust the command accordingly when running verification.
4. Successful verification

   Verified OK
   

---

🧾 GitHub Release Asset Attestations (Build Provenance)

GitHub automatically generates a build-provenance attestation for each artifact created by GitHub Actions.

These attestations confirm:

• Which workflow built the artifact
• Which commit and tag were used
• That the artifact content matches the workflow output exactly

Verify Attestation Locally

1. Install & authenticate GitHub CLI
   Installation: https://cli.github.com/
   Login:

   gh auth login

2. Verify the artifact attestation

   gh attestation verify <artifact_name> \
     --repo openvinotoolkit/npu_compiler \
     --source-ref refs/tags/npu_ud_2026_08_rc1 \
     --signer-workflow "github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2026_08_rc1"

3. Successful verification

   Loaded digest sha256:05675051621c7d06e91357facc17a908544ecaa8045a269e0440da7735234f64 for file://w_vpux_compiler_l0_win_windows_2022-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1946.zip
   Loaded 1 attestation from GitHub API
   
   The following policy criteria will be enforced:
   - Predicate type must match:................ https://slsa.dev/provenance/v1
   - Source Repository Owner URI must match:... https://github.com/openvinotoolkit
   - Source Repository URI must match:......... https://github.com/openvinotoolkit/npu_compiler
   - Source repo ref must match:............... refs/tags/npu_ud_2026_08_rc1
   - Subject Alternative Name must match regex: ^https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2026_08_rc1
   - OIDC Issuer must match:................... https://token.actions.githubusercontent.com
   
   ✓ Verification succeeded!
   
   The following 1 attestation matched the policy criteria
   
   - Attestation #1
     - Build repo:..... openvinotoolkit/npu_compiler
     - Build workflow:. .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2026_08_rc1
     - Signer repo:.... openvinotoolkit/npu_compiler
     - Signer workflow: .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2026_08_rc1
   

---

🛡️ Immutable GitHub Release Verification

Immutable Releases ensure that neither the release tag nor the associated assets can be changed after publication. This prevents supply-chain tampering and increases long-term auditability.

Verify the Integrity of the Release itself

1. Install & authenticate GitHub CLI

   gh auth login

2. Verify the immutable release

   gh release verify \
     --repo openvinotoolkit/npu_compiler \
     npu_ud_2026_08_rc1

3. Successful verification
   GitHub CLI confirms that the release is immutable and the attestation is valid

    Resolved tag npu_ud_2026_08_rc1 to sha1:3339860ddc94d3b3f4b86f82a481cf11e01e3486
    Loaded attestation from GitHub API
    ✓ Release npu_ud_2026_08_rc1 verified!
    
    Assets
    NAME                                                                                                                                                 DIGEST
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1945.tar.gz                sha256:9df9357caea91d707391a7bd6de0beb8253b1eac337f7755fe436c217ffd5863
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1945.tar.gz.sigstore.json  sha256:1dd7a48246f76628806517a45c86d8592505d09f6a8fc4633c3626ad656fcd4a
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1944.tar.gz                sha256:e9410db34b19a870eea07fe5eb67fbefefd7a9b9750f9c4becc9c281ea7bee90
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1944.tar.gz.sigstore.json  sha256:6d92319ecb53adfeb9dd0ac8d5adbbf95a8759b07d8d296d0e1370a250683bca
    w_vpux_compiler_l0_win_windows_2022-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1946.zip                     sha256:05675051621c7d06e91357facc17a908544ecaa8045a269e0440da7735234f64
    w_vpux_compiler_l0_win_windows_2022-7_6_0-Release_dyntbb_postcommit_cid_4d598db24bf13b7826f510a0f5e956edc9ff8aac_260214_1946.zip.sigstore.j...
   

UD2026.08 (7.28.0) CiP

Supported platforms

• NPU3720 Intel® Core™ Ultra Processors (Series 1) (Products formerly known as Meteor Lake and Arrow Lake)
• NPU4000 Intel® Core™ Ultra Processors (Series 2) (Products known as Lunar Lake)
• NPU5010 Intel® Core™ Ultra Processors (Series 3) (Products known as Panther Lake)

Release notes

The UD206.08 Release Notes have been published as part of the Intel® NPU Windows Driver release notes, including the integrated NPU Compiler component.
The CiP (Compiler in Plugin) version of UD2026.08 (7.28.0) supports weightless compiled blobs and is designed to be integrated into OpenVINO as a binary dependency.

Dependencies

• OpenVINO - openvino_config.json.
• OpenCV - opencv_version.json.
• Open Model Zoo - omz_version.json

NPU Linux Driver

The following driver version was used for NPU Compiler UD2026.08 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json.

The following driver version contains NPU Compiler UD2026.08 as a binary component

• Linux NPU Driver v1.30.0

Artifacts Information and supply-chain security

Click to expand

📦 Artifacts Information

This release provides three CP (Compiler-in-Plugin) binary packages for integration into the OpenVINO NPU Plugin on the following platforms:

• Windows 11
• Ubuntu 22.04
• Ubuntu 24.04

To ensure end-to-end supply-chain security, both the release and each individual artifact are protected by multiple integrity guarantees:

• Digital signatures via Sigstore Cosign — any modification to a signed artifact invalidates the signature.
• GitHub artifact provenance attestations — each artifact is accompanied by a build-provenance attestation published on the repository’s attestations page.
• Immutable GitHub Release — the release tag and all assets are permanently locked after publication and cannot be modified, replaced, or deleted.

All commands below work on any platform. On Windows (CMD/PowerShell), simply replace the line-continuation symbol \ with ^.

---

🔐 Cosign Digital Signatures

Cosign provides cryptographic verification of both the artifact content and the associated Rekor entry. Together, these systems guarantee that each artifact originates exactly from this repository’s CI pipeline and has not been modified post-publication and allow anyone to validate that this artifact was produced by the official GitHub Actions workflow for this repository.
Each release artifact includes a signature bundle named:

<artifact>.sigstore.json

This bundle contains:

• A Sigstore Fulcio certificate. Fulcio issues a short-lived signing certificate that binds the signature to the GitHub Actions workflow identity.
• A Rekor transparency log entry. Rekor stores the transparency log record, ensuring the signature is publicly auditable and cannot be altered.
• Signature metadata (SCT, inclusion proof, signature, etc.)

Verify the Signature Online

You can verify the published transparency-log record using:

https://search.sigstore.dev/?hash=<sha256>

To get the <sha256> digest, use the Copy SHA256 button next to any release asset in the GitHub release UI.

Verify the Signature Locally

1. Install Cosign
   Follow the official guide: https://docs.sigstore.dev/cosign/system_config/installation
2. Download the files
   • <artifact_name>
   • <artifact_name>.sigstore.json
3. Run the verification

   cosign verify-blob \
       --bundle <artifact_name>.sigstore.json \
       --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_cip_ud_2026_08_rc1 \
       --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
       <artifact_name>

   Note: On Windows, the Cosign executable may be named differently (for example, cosign-windows-amd64.exe). Adjust the command accordingly when running verification.
4. Successful verification

   Verified OK
   

---

🧾 GitHub Release Asset Attestations (Build Provenance)

GitHub automatically generates a build-provenance attestation for each artifact created by GitHub Actions.

These attestations confirm:

• Which workflow built the artifact
• Which commit and tag were used
• That the artifact content matches the workflow output exactly

Verify Attestation Locally

1. Install & authenticate GitHub CLI
   Installation: https://cli.github.com/
   Login:

   gh auth login

2. Verify the artifact attestation

   gh attestation verify <artifact_name> \
     --repo openvinotoolkit/npu_compiler \
     --source-ref refs/tags/npu_cip_ud_2026_08_rc1 \
     --signer-workflow "github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_cip_ud_2026_08_rc1"

3. Successful verification

   Loaded digest sha256:c440f649fb5d1bc17eac027e18078afcc04046aacbaade2dbed30f720b967a88 for file://w_vpux_compiler_l0_win_windows_2022-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1948.zip
   Loaded 1 attestation from GitHub API
   
   The following policy criteria will be enforced:
   - Predicate type must match:................ https://slsa.dev/provenance/v1
   - Source Repository Owner URI must match:... https://github.com/openvinotoolkit
   - Source Repository URI must match:......... https://github.com/openvinotoolkit/npu_compiler
   - Source repo ref must match:............... refs/tags/npu_cip_ud_2026_08_rc1
   - Subject Alternative Name must match regex: ^https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_cip_ud_2026_08_rc1
   - OIDC Issuer must match:................... https://token.actions.githubusercontent.com
   
   ✓ Verification succeeded!
   
   The following 1 attestation matched the policy criteria
   
   - Attestation #1
     - Build repo:..... openvinotoolkit/npu_compiler
     - Build workflow:. .github/workflows/job_build_cid.yml@refs/tags/npu_cip_ud_2026_08_rc1
     - Signer repo:.... openvinotoolkit/npu_compiler
     - Signer workflow: .github/workflows/job_build_cid.yml@refs/tags/npu_cip_ud_2026_08_rc1
   

---

🛡️ Immutable GitHub Release Verification

Immutable Releases ensure that neither the release tag nor the associated assets can be changed after publication. This prevents supply-chain tampering and increases long-term auditability.

Verify the Integrity of the Release itself

1. Install & authenticate GitHub CLI

   gh auth login

2. Verify the immutable release

   gh release verify \
     --repo openvinotoolkit/npu_compiler \
     npu_cip_ud_2026_08_rc1

3. Successful verification
   GitHub CLI confirms that the release is immutable and the attestation is valid

    Resolved tag npu_cip_ud_2026_08_rc1 to sha1:2b5a0f9e9ece98caf05c93d49a344f001d8aa7c2
    Loaded attestation from GitHub API
    ✓ Release npu_cip_ud_2026_08_rc1 verified!
    
    Assets
    NAME                                                                                                                                                 DIGEST
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1946.tar.gz                sha256:266de58b3d01ceeb3863dac75c01786288145a24cd8b4d463d3dbe495d1b8fd9
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1946.tar.gz.sigstore.json  sha256:4b82a46ed90cb58cab8582024ef556aa956bc52c3f6ef58a287a394a52ff6fa0
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1946.tar.gz                sha256:32aa5a57f45e8ab362123b50a7b99ff75dbbff364889c8e8b390f1ff38af660b
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1946.tar.gz.sigstore.json  sha256:ff5c6fa30d396d2d91cc8b801bc9d494d8575e4b02f7a41ad64081a8dc88ae22
    w_vpux_compiler_l0_win_windows_2022-7_6_0-Release_dyntbb_postcommit_cid_90246fdd4971a0edde0ed4d8888efbd829360008_260214_1948.zip               ...
   

UD2025.48 (7.26.0)

Supported platforms

• NPU3720 Intel® Core™ Ultra Processors (Series 1) (Products formerly known as Meteor Lake and Arrow Lake)
• NPU4000 Intel® Core™ Ultra Processors (Series 2) (Products known as Lunar Lake)
• NPU5010 Intel® Core™ Ultra Processors (Series 3) (Products known as Panther Lake)

Release notes

The UD2025.48 Release Notes have been published as part of the Intel® NPU Windows Driver release notes, including the integrated NPU Compiler component.

Dependencies

• OpenVINO - openvino_config.json.
• OpenCV - opencv_version.json.

NPU Linux Driver

The following driver version was used for NPU Compiler UD2025.48 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json.

The following driver version contains NPU Compiler UD2025.48 as a binary component

• Linux NPU Driver v1.28.0

Artifacts Information and supply-chain security

Click to expand

📦 Artifacts Information

This release provides three CiD (Compiler-in-Driver) binary packages for integration into the NPU Driver on the following platforms:

• Windows 11
• Ubuntu 22.04
• Ubuntu 24.04

To ensure end-to-end supply-chain security, both the release and each individual artifact are protected by multiple integrity guarantees:

• Digital signatures via Sigstore Cosign — any modification to a signed artifact invalidates the signature.
• GitHub artifact provenance attestations — each artifact is accompanied by a build-provenance attestation published on the repository’s attestations page.
• Immutable GitHub Release — the release tag and all assets are permanently locked after publication and cannot be modified, replaced, or deleted.

All commands below work on any platform. On Windows (CMD/PowerShell), simply replace the line-continuation symbol \ with ^.

---

🔐 Cosign Digital Signatures

Cosign provides cryptographic verification of both the artifact content and the associated Rekor entry. Together, these systems guarantee that each artifact originates exactly from this repository’s CI pipeline and has not been modified post-publication and allow anyone to validate that this artifact was produced by the official GitHub Actions workflow for this repository.
Each release artifact includes a signature bundle named:

<artifact>.sigstore.json

This bundle contains:

• A Sigstore Fulcio certificate. Fulcio issues a short-lived signing certificate that binds the signature to the GitHub Actions workflow identity.
• A Rekor transparency log entry. Rekor stores the transparency log record, ensuring the signature is publicly auditable and cannot be altered.
• Signature metadata (SCT, inclusion proof, signature, etc.)

Verify the Signature Online

You can verify the published transparency-log record using:

https://search.sigstore.dev/?hash=<sha256>

To get the <sha256> digest, use the Copy SHA256 button next to any release asset in the GitHub release UI.

Verify the Signature Locally

1. Install Cosign
   Follow the official guide: https://docs.sigstore.dev/cosign/system_config/installation
2. Download the files
   • <artifact_name>
   • <artifact_name>.sigstore.json
3. Run the verification

   cosign verify-blob \
       --bundle <artifact_name>.sigstore.json \
       --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_48_rc1 \
       --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
       <artifact_name>

   Note: On Windows, the Cosign executable may be named differently (for example, cosign-windows-amd64.exe). Adjust the command accordingly when running verification.
4. Successful verification

   Verified OK
   

---

🧾 GitHub Release Asset Attestations (Build Provenance)

GitHub automatically generates a build-provenance attestation for each artifact created by GitHub Actions.

These attestations confirm:

• Which workflow built the artifact
• Which commit and tag were used
• That the artifact content matches the workflow output exactly

Verify Attestation Locally

1. Install & authenticate GitHub CLI
   Installation: https://cli.github.com/
   Login:

   gh auth login

2. Verify the artifact attestation

   gh attestation verify <artifact_name> \
     --repo openvinotoolkit/npu_compiler \
     --source-ref refs/tags/npu_ud_2025_48_rc1 \
     --signer-workflow "github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_48_rc1"

3. Successful verification

   The following policy criteria will be enforced:
   - Predicate type must match:................ https://slsa.dev/provenance/v1
   - Source Repository Owner URI must match:... https://github.com/openvinotoolkit
   - Source Repository URI must match:......... https://github.com/openvinotoolkit/npu_compiler
   - Source repo ref must match:............... refs/tags/npu_ud_2025_48_rc1
   - Subject Alternative Name must match regex: ^https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_48_rc1
   - OIDC Issuer must match:................... https://token.actions.githubusercontent.com
   
   ✓ Verification succeeded!
   
   The following 1 attestation matched the policy criteria
   
   - Attestation #1
     - Build repo:..... openvinotoolkit/npu_compiler
     - Build workflow:. .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_48_rc1
     - Signer repo:.... openvinotoolkit/npu_compiler
     - Signer workflow: .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_48_rc1
   

---

🛡️ Immutable GitHub Release Verification

Immutable Releases ensure that neither the release tag nor the associated assets can be changed after publication. This prevents supply-chain tampering and increases long-term auditability.

Verify the Integrity of the Release itself

1. Install & authenticate GitHub CLI

   gh auth login

2. Verify the immutable release

   gh release verify \
     --repo openvinotoolkit/npu_compiler \
     npu_ud_2025_48_rc1

3. Successful verification
   GitHub CLI confirms that the release is immutable and the attestation is valid

    Resolved tag npu_ud_2025_48_rc1 to sha1:216aab6488bb9be5893235d42d084945aded7f1f
    Loaded attestation from GitHub API
    ✓ Release npu_ud_2025_48_rc1 verified!
    
    Assets
    NAME                                                                                                                                                 DIGEST
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1334.tar.gz                sha256:e3bf9679f7b378dfcf00b936880182bf9d2db4998bc91d053b74f0594026a2d0
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1334.tar.gz.sigstore.json  sha256:249b4daf136cbbbb204df6daccdf6e1386274e916952f66987cc598e1e6cd06a
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1334.tar.gz                sha256:48de71e2121329e2e30216009a9fe2362f5543cb97e38f67878896baeb0138f7
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1334.tar.gz.sigstore.json  sha256:0f8dcdefb88e62f0cfae47594c457e3718a9a5859dbe4a7148518fc6d5d96844
    w_vpux_compiler_l0_win_windows_2022-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1336.zip                     sha256:720a48f5bdc4ae2deeb9827ac3a37153776c57e9887817e6391e543579800641
    w_vpux_compiler_l0_win_windows_2022-7_5_0-Release_dyntbb_postcommit_cid_a1ae54e94faea6f35566ef4ed03ee98156808306_251217_1336.zip.sigstore.json       sha256:4b42013aacba2f78c13e8c567cd3228139ca3b2cc67203a20b8cc1c36e9496de
   

UD2025.44

Supported platforms

• NPU37XX Intel® Core™ Ultra Processors (Series 1) (Products formerly known as Meteor Lake and Arrow Lake)
• NPU40XX Intel® Core™ Ultra Processors (Series 2) (Products known as Lunar Lake)

Release notes

The UD2025.44 Release Notes have been published as part of the Intel® NPU Windows Driver release notes, including the integrated NPU Compiler component.

Dependencies

• OpenVINO - openvino_config.json.
• OpenCV - opencv_version.json.

NPU Linux Driver

The following driver version was used for NPU Compiler UD2025.44 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json.

The following driver version contains NPU Compiler UD2025.44 as a binary component

• Linux NPU Driver v1.26.0

Artifacts Information and supply-chain security

Click to expand

📦 Artifacts Information

This release provides three CiD (Compiler-in-Driver) binary packages for integration into the NPU Driver on the following platforms:

• Windows 11
• Ubuntu 22.04
• Ubuntu 24.04

To ensure end-to-end supply-chain security, both the release and each individual artifact are protected by multiple integrity guarantees:

• Digital signatures via Sigstore Cosign — any modification to a signed artifact invalidates the signature.
• GitHub artifact provenance attestations — each artifact is accompanied by a build-provenance attestation published on the repository’s attestations page.
• Immutable GitHub Release — the release tag and all assets are permanently locked after publication and cannot be modified, replaced, or deleted.

All commands below work on any platform. On Windows (CMD/PowerShell), simply replace the line-continuation symbol \ with ^.

---

🔐 Cosign Digital Signatures

Cosign provides cryptographic verification of both the artifact content and the associated Rekor entry. Together, these systems guarantee that each artifact originates exactly from this repository’s CI pipeline and has not been modified post-publication and allow anyone to validate that this artifact was produced by the official GitHub Actions workflow for this repository.
Each release artifact includes a signature bundle named:

<artifact>.sigstore.json

This bundle contains:

• A Sigstore Fulcio certificate. Fulcio issues a short-lived signing certificate that binds the signature to the GitHub Actions workflow identity.
• A Rekor transparency log entry. Rekor stores the transparency log record, ensuring the signature is publicly auditable and cannot be altered.
• Signature metadata (SCT, inclusion proof, signature, etc.)

Verify the Signature Online

You can verify the published transparency-log record using:

https://search.sigstore.dev/?hash=<sha256>

To get the <sha256> digest, use the Copy SHA256 button next to any release asset in the GitHub release UI.

Verify the Signature Locally

1. Install Cosign
   Follow the official guide: https://docs.sigstore.dev/cosign/system_config/installation
2. Download the files
   • <artifact_name>
   • <artifact_name>.sigstore.json
3. Run the verification

   cosign verify-blob \
       --bundle <artifact_name>.sigstore.json \
       --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_44_rc1 \
       --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
       <artifact_name>

   Note: On Windows, the Cosign executable may be named differently (for example, cosign-windows-amd64.exe). Adjust the command accordingly when running verification.
4. Successful verification

   Verified OK
   

---

🧾 GitHub Release Asset Attestations (Build Provenance)

GitHub automatically generates a build-provenance attestation for each artifact created by GitHub Actions.

These attestations confirm:

• Which workflow built the artifact
• Which commit and tag were used
• That the artifact content matches the workflow output exactly

Verify Attestation Locally

1. Install & authenticate GitHub CLI
   Installation: https://cli.github.com/
   Login:

   gh auth login

2. Verify the artifact attestation

   gh attestation verify <artifact_name> \
     --repo openvinotoolkit/npu_compiler \
     --source-ref refs/tags/npu_ud_2025_44_rc1 \
     --signer-workflow "github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_44_rc1"

3. Successful verification

   The following policy criteria will be enforced:
   - Predicate type must match:................ https://slsa.dev/provenance/v1
   - Source Repository Owner URI must match:... https://github.com/openvinotoolkit
   - Source Repository URI must match:......... https://github.com/openvinotoolkit/npu_compiler
   - Source repo ref must match:............... refs/tags/npu_ud_2025_44_rc1
   - Subject Alternative Name must match regex: ^https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_44_rc1
   - OIDC Issuer must match:................... https://token.actions.githubusercontent.com
   
   ✓ Verification succeeded!
   
   The following 1 attestation matched the policy criteria
   
   - Attestation #1
     - Build repo:..... openvinotoolkit/npu_compiler
     - Build workflow:. .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_44_rc1
     - Signer repo:.... openvinotoolkit/npu_compiler
     - Signer workflow: .github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_44_rc1
   

---

🛡️ Immutable GitHub Release Verification

Immutable Releases ensure that neither the release tag nor the associated assets can be changed after publication. This prevents supply-chain tampering and increases long-term auditability.

Verify the Integrity of the Release itself

1. Install & authenticate GitHub CLI

   gh auth login

2. Verify the immutable release

   gh release verify \
     --repo openvinotoolkit/npu_compiler \
     npu_ud_2025_44_rc1

3. Successful verification
   GitHub CLI confirms that the release is immutable and the attestation is valid

    Resolved tag npu_ud_2025_44_rc1 to sha1:a934b15d7494c4961afd51cf6c896b15d1fabd8c
    Loaded attestation from GitHub API
    ✓ Release npu_ud_2025_44_rc1 verified!
    
    Assets
    NAME                                                                                                                                                 DIGEST
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2122.tar.gz                sha256:5550c378d21cad5d5ea3d95b07ae565626132abe218d8b09dfbefe43d54ea26c
    l_vpux_compiler_l0_linux_ubuntu_22_04-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2122.tar.gz.sigstore.json  sha256:26e87ab8ff67a5eba916b508db381e9091e6676177d0483deee198bbb2558b64
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2204.tar.gz                sha256:328059b6af98ac8b97dfaf6d3585381401872239cdc06fdbbc7bf6d449d771a6
    l_vpux_compiler_l0_linux_ubuntu_24_04-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2204.tar.gz.sigstore.json  sha256:f4b9bd6752b86ef030ac471ab2b7223a228670cbe0bfeb73e9fd12f4d3516a58
    w_vpux_compiler_l0_win_windows_2022-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2122.zip                     sha256:e4ebae74faef881c4fa175c4e88f311fcc0a5da0e2e053af938a49c6ce69238a
    w_vpux_compiler_l0_win_windows_2022-7_4_3-Release_dyntbb_postcommit_cid_a934b15d7494c4961afd51cf6c896b15d1fabd8c_251119_2122.zip.sigstore.json       sha256:8ce7298b79a9f2b461cc2fdf85eb034e87c51e02560e2abd48c5554a4c63de54
   

UD2025.38

NPU Compiler UD2025.38 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvino_config.json.
• OpenCV - opencv_version.json.

NPU Linux Driver

The following driver version was used for NPU Compiler UD2025.38 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json.

The following driver version contains NPU Compiler UD2025.38 as a binary component

• Linux NPU Driver v1.24.0

Cosign digital signature

Detailed information about the digital signature

Summary

Starting with UD2025.38, every CiD (Compiler in Driver) package is digitally signed using the open-source Sigstore Cosign tool.
This guarantees the authenticity and integrity of each release artifact: any modification after signing will invalidate the signature.

Each release asset includes:

• <artifact>.sig — the signature file
• <artifact>.pem — the signing certificate issued by Sigstore Fulcio

These files allow anyone to independently verify that a given CiD package was produced by the official GitHub Actions workflow for this repository.

Verify the signature online

You can confirm the existence of the public Sigstore record (Rekor transparency log) using the following links:

• Linux CiD package:
  https://search.sigstore.dev/?hash=sha256:7097f3d12cca491ffcd2418826ac708dbd92a563340a856cd529c1bc0a3cf9d1
• Windows CiD package:
  https://search.sigstore.dev/?hash=sha256:329ab7e03bafbf4de6e28cae6aaae74216302ba3c702ddde56446e94934ae8db

Verify the signature locally

1. Install Sigstore Cosign: follow the official installation guide https://docs.sigstore.dev/cosign/system_config/installation
2. Run Cosign verification

• Windows (CMD or PowerShell):

  cosign-windows-amd64 verify-blob ^
      --certificate <artifact_name>.pem ^
      --signature <artifact_name>.sig ^
      --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_38_rc4 ^
      --certificate-oidc-issuer "https://token.actions.githubusercontent.com" ^
      <artifact_name>

• Linux / macOS (Bash):

  cosign verify-blob \
      --certificate <artifact_name>.pem \
      --signature <artifact_name>.sig \
      --certificate-identity https://github.com/openvinotoolkit/npu_compiler/.github/workflows/job_build_cid.yml@refs/tags/npu_ud_2025_38_rc4 \
      --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
      <artifact_name>

3. If the verification succeeds, Cosign prints:

Verified OK

Additional information

• Fulcio provides the short-lived signing certificate bound to the official GitHub Actions workflow identity.
• Rekor records each signature in an immutable, public transparency log.
• Cosign verifies both the cryptographic integrity and the log entry, ensuring that the artifact originates from this repository’s CI pipeline.

UD2025.32

NPU Compiler UD2025.32 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvino_config.json from openvinotoolkit/openvino.
• OpenCV - opencv_version.json from opencv/opencv.

NPU Linux Driver

The following driver version was used for NPU Compiler UD2025.32 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json from intel/linux-npu-driver.

The following driver version contains NPU Compiler UD2025.32 as a binary component

• Linux NPU Driver v1.23.0

UD2025.28

NPU Compiler UD2025.28 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvino_config.json from openvinotoolkit/openvino.
• OpenCV - opencv_version.json from opencv/opencv.

NPU Linux Driver

The following driver version was used for NPU Compiler UD2025.28 Continuous Integration.

• Linux NPU Driver - linux_npu_driver_config.json from intel/linux-npu-driver.

The following driver version contains NPU Compiler UD2025.28 as a binary component

• Linux NPU Driver v1.22.0

UD2025.24

NPU Compiler UD2025.24 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvino_config.json from openvinotoolkit/openvino.
• OpenCV - opencv_version.json from opencv/opencv.

NPU Linux Driver

The following driver version contains NPU Compiler UD2025.24 as a binary component

• Linux NPU Driver v1.19.0

UD2025.18

NPU Compiler UD2025.18 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvino_config.json from openvinotoolkit/openvino.
• OpenCV - opencv_version.json from opencv/opencv.

NPU Linux Driver

The following driver version contains NPU Compiler UD2025.18 as a binary component

• Linux NPU Driver v1.17.0

UD2025.12

NPU Compiler UD2025.12 release for NPU37XX and NPU40XX

Dependencies

• OpenVINO - openvinotoolkit/openvino@8d5f583 from master branch
• OpenCV - opencv_version.json

NPU Linux Driver

The following driver version contains NPU Compiler UD2025.12 as a binary component

• Linux NPU Driver v1.16.0