v0.3.0
This is a testing release before the 1.0 release.
What's Changed
- add chunk size experiment by @spencerschrock in #341
- fix: forward args to containerized cli by @miyunari in #345
- fix: grant release job pkg write permission by @miyunari in #347
- change default chunk size to 1 MB by @spencerschrock in #342
- small bugfix do not indicate wrong results by @susperius in #348
- bench: return the intoto payload if requested by @spencerschrock in #349
- add shard benchmark experiment by @spencerschrock in #356
- change default shard size to 1GB by @spencerschrock in #357
- fix: ensure verify terminates on model validation failure by @miyunari in #352
- arg parsing bugfix by @susperius in #362
- PKI verifier behavior change and bugfix by @susperius in #365
- [cleanup] Remove obsolete TODO by @mihaimaruseac in #366
- remove _FileDigestTree from serialize_by_file.DigestSerializer by @spencerschrock in #364
- address zizmor findings in CI definitions by @bobcallaway in #369
- Make the package executable. by @mihaimaruseac in #375
- cli: Add support for ignoring paths when signing or verifying by @stefanberger in #373
- Remove duplicated conversions, use generic types. by @mihaimaruseac in #376
- Remove artifact signing, keep only DDSE/in-toto. by @mihaimaruseac in #377
- Make default Python version be 3.12 by @mihaimaruseac in #378
- Add a binary script for the CLI. by @mihaimaruseac in #380
- Fix typo, add space by @mihaimaruseac in #384
- Split the public API into three modules. by @mihaimaruseac in #381
- Don't ignore md files in CI for model signing. by @mihaimaruseac in #389
- README: Adjust examples to use -m model_signing now by @stefanberger in #387
- Make hashing private and with consistent comments. by @mihaimaruseac in #388
- ECKeySigner: Filter keys by supported curves and use their parameters by @stefanberger in #390
- Simplify manifest interface by @mihaimaruseac in #391
- Make manifest public again. by @mihaimaruseac in #392
- Simplify and make serialization private by @mihaimaruseac in #393
- Reduce verbosity in file hashing by @mihaimaruseac in #395
- Remove test-only dead code. by @mihaimaruseac in #396
- Remove one level of class hierarchy. by @mihaimaruseac in #397
- Remove unused intoto formats. by @mihaimaruseac in #398
- Fold payload classes up the class hierarchy by @mihaimaruseac in #399
- Only run SLSA CI for SLSA related changes. by @mihaimaruseac in #400
- codestyle: Reformat files with 'ruff format' by @stefanberger in #404
- cli: add --use_staging option to
verify sigstoreby @spencerschrock in #405 - Give descriptive names to test models. by @mihaimaruseac in #406
- setup workflow to sign and verify on different OS by @spencerschrock in #403
- Change to new format for the signing payload by @mihaimaruseac in #407
- Rename
SigningPayloadand remove static method by @mihaimaruseac in #408 - Simplify payload to manifest transformation by @mihaimaruseac in #409
- add round-trip test for intoto signature files by @spencerschrock in #412
- Merge
signingandsignatureand fix multiple bugs with the traditional signing support by @mihaimaruseac in #413 - Renames to simplify the API by @mihaimaruseac in #415
- Minor bump to allow API testing in colab. by @mihaimaruseac in #394
- Make the API fully configurable by @mihaimaruseac in #416
New Contributors
- @stefanberger made their first contribution in #373
Full Changelog: v0.2.0...v0.3.0
Contributors
mihaimaruseac, susperius, and 4 other contributors