Skip to content

Releases: sigstore/sigstore-js

[email protected]

15 May 16:27
@github-actions github-actions
[email protected]
404f167
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

Patch Changes

  • cab068e: Propagate retry/timeout options to the Timestamp Authority client
Loading

@sigstore/[email protected]

15 May 16:27
@github-actions github-actions
@sigstore/[email protected]
404f167
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@sigstore/[email protected]

Patch Changes

Loading

@sigstore/[email protected]

15 May 17:22
@github-actions github-actions
@sigstore/[email protected]
2330014
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@sigstore/[email protected]

Patch Changes

  • e8d440e: Add missing @oclif/color dependency
Loading

@sigstore/[email protected]

15 May 16:26
@github-actions github-actions
@sigstore/[email protected]
404f167
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@sigstore/[email protected]

Patch Changes

Loading

v1.5.0

11 May 16:38
@github-actions github-actions
v1.5.0
b83096d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.5.0

Minor Changes

  • f4c677e: Generated bundle excludes Fulcio root and intermediate certificates
  • 5ca42a0: New tsaServerURL option for requesting a timestamp from a Timestamp Authority API
  • 4e715c9: Exposes a new tuf.client function which returns a client for retrieving targets from the Sigstore TUF repository.
  • 4b97516: New tlogUpload option for sign and attest to control signature uploads to the transparency log
  • f927296: New retry and timeout options to control fetch behavior when errors occur

Patch Changes

  • 2e5e733: Certificate chain verification enforces pathlen constraint for CA certs
  • 3205ce9: Updates certificate verification to ignore all but the first certificate present in the bundle
  • bb2006b: Updating embedded Sigstore TUF root to v7
Loading

v1.4.0

24 Apr 15:26
@github-actions github-actions
v1.4.0
b4e96a2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.4.0

Minor Changes

  • 99093bb: add specific errors codes for InternalErrors
  • 99093bb: export error classes
Loading

v1.3.2

20 Apr 12:37
@github-actions github-actions
v1.3.2
82f1f65
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.3.2

Patch Changes

  • 6ba4fd1: Print the rekor search entry when running the sigstore attest command
Loading

v1.3.1

20 Apr 08:34
@github-actions github-actions
v1.3.1
5e476ee
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.3.1

Patch Changes

  • d2d0702: Update CLI sign cmd to output a link to search.sigstore.dev
Loading

v1.3.0

18 Apr 17:45
@github-actions github-actions
v1.3.0
dae8bd8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.3.0

Minor Changes

  • c2e3dd5: Add support for verification of certificate extension values encoded as UTF8String
  • 6fd6e22: Exposes a new tuf.getTarget function to retrieve targets from the Sigstore TUF repository
  • da0bfd7: Added new token provider for looking up OIDC tokens in the SIGSTORE_ID_TOKEN environment variable.

Patch Changes

Loading

v1.2.0

23 Mar 17:41
@github-actions github-actions
v1.2.0
5b8c080
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.0

Minor Changes

  • 54d6de4: Adds new redirectURL config option when signing with an OAuth identity provider

Patch Changes

Loading