Skip to content

Commit 3f32cea

Browse files
haydentherapperhaydentherapper
authored
Add changelog for v3.0.3 (#4572)
Signed-off-by: Hayden <[email protected]> Co-authored-by: Hayden <[email protected]>
1 parent 901b44d commit 3f32cea

File tree

1 file changed

+36
-0
lines changed

1 file changed

+36
-0
lines changed

CHANGELOG.md

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,39 @@
1+
# v3.0.3
2+
3+
Thank you for all of your feedback on Cosign v3! v3.0.3 fixes a number of bugs reported by
4+
the community along with adding compatibility for the new bundle format and attestation
5+
storage in OCI to additional commands. We're continuing to work on compatibility with
6+
the remaining commands and will have a new release shortly. If you run into any problems,
7+
please [file an issue](https://github.com/sigstore/cosign/issues)
8+
9+
## Changes
10+
11+
* 4554: Closes 4554 - Add warning when --output* is used (#4556)
12+
* Protobuf bundle support for subcommand `clean` (#4539)
13+
* Add staging flag to initialize with staging TUF metadata
14+
* Updating sign-blob to also support signing with a certificate (#4547)
15+
* Protobuf bundle support for subcommands `save` and `load` (#4538)
16+
* Fix cert attachment for new bundle with signing config
17+
* Fix OCI verification with local cert - old bundle
18+
* Deprecate tlog-upload flag (#4458)
19+
* fix: Use signal context for `sign` cli package.
20+
* update offline verification directions (#4526)
21+
* Fix signing/verifying annotations for new bundle
22+
* Add support to download and attach for protobuf bundles (#4477)
23+
* Add --signing-algorithm flag (#3497)
24+
* Refactor signcommon bundle helpers
25+
* Add --bundle and fix --upload for new bundle
26+
* Pass insecure registry flags through to referrers
27+
* Add protobuf bundle support for tree subcommand (#4491)
28+
* Remove stale embed import (#4492)
29+
* Support multiple container identities
30+
* Fix segfault when no attestations are found (#4472)
31+
* Use overridden repository for new bundle format (#4473)
32+
* Remove --out flag from `cosign initialize` (#4462)
33+
* Deprecate offline flag (#4457)
34+
* Deduplicate code in sign/attest* and verify* commands (#4449)
35+
* Cache signing config when calling initialize (#4456)
36+
137
# v3.0.2
238

339
v3.0.2 is a functionally equivalent release to v3.0.0 and v3.0.1, with a fix for CI to publish signed releases in the new bundle format.

0 commit comments

Comments
 (0)