Commit Graph

43 Commits

Author SHA1 Message Date
Thomas Gerbet
b551e5c632 cosign: 2.1.0 -> 2.1.1
https://github.com/sigstore/cosign/releases/tag/v2.1.1
2023-06-27 11:20:28 +02:00
Thomas Gerbet
0a40cd1f96 cosign: 2.0.2 -> 2.1.0
Release notes:
https://github.com/sigstore/cosign/releases/tag/v2.1.0
2023-06-24 11:36:10 +02:00
Batuhan Apaydın
53655d967a
cosign: 2.0.1 -> 2.0.2
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
2023-04-24 23:05:14 +03:00
Thomas Gerbet
ddba54b657 cosign: 2.0.0 -> 2.0.1
https://github.com/sigstore/cosign/releases/tag/v2.0.1
2023-04-06 22:15:38 +02:00
Batuhan Apaydın
000960c351 cosign: add developer-guy to the maintainers 2023-02-27 23:25:33 +01:00
Stephan Heßelmann
79396a2aa8 cosign: allow darwin networking for tests 2023-02-25 16:06:25 +01:00
Thomas Gerbet
6dd6e88a88 cosign: 1.13.1 -> 2.0.0
https://github.com/sigstore/cosign/releases/tag/v2.0.0
69c9b37f2a/CHANGELOG.md
2023-02-25 10:01:44 +01:00
Thomas Gerbet
5e50e2bc4a cosign: 1.13.0 -> 1.13.1
https://github.com/sigstore/cosign/releases/tag/v1.13.1
2022-10-17 21:54:43 +02:00
Thomas Gerbet
679cd3462f sget: init at unstable-2022-10-04
This binary was provided by the `cosign` package until now but it is in
the process of being removed, see https://github.com/sigstore/cosign/pull/2019

Since it might be removed during the 22.11 cycle we drop it
preventively. This will make possible security backports easier if we
need them.
2022-10-08 19:58:11 +02:00
R. Ryantm
8e4d39a07f cosign: 1.12.1 -> 1.13.0 2022-10-08 17:46:58 +10:00
Thomas Gerbet
a2784b942f cosign: 1.12.0 -> 1.12.1
https://github.com/sigstore/cosign/releases/tag/v1.12.1
2022-09-22 08:42:43 +02:00
R. Ryantm
f5357321ba cosign: 1.11.1 -> 1.12.0 2022-09-16 16:53:43 +10:00
Thomas Gerbet
f9cd86edd5 cosign: 1.11.0 -> 1.11.1
https://github.com/sigstore/cosign/releases/tag/v1.11.1
2022-08-26 08:47:06 +02:00
R. Ryantm
c7f4385e84 cosign: 1.10.1 -> 1.11.0 2022-08-19 17:21:23 +10:00
Thomas Gerbet
958dd9a8c7 cosign: 1.10.0 -> 1.10.1
https://github.com/sigstore/cosign/releases/tag/v1.10.1

Includes a fix for CVE-2022-35929
https://github.com/sigstore/cosign/security/advisories/GHSA-vjxv-45g9-9296
2022-08-06 06:59:26 +10:00
Thomas Gerbet
595932cd2b cosign: 1.9.0 -> 1.10.0
`cosigned` is no more part of the cosign repository and it has been moved
into a `sigstore/policy-controller` repository. A new package should probably
be created to replace it.

https://github.com/sigstore/cosign/releases/tag/v1.10.0
2022-08-01 16:26:26 +02:00
Thomas Gerbet
85ac5d8c9b cosign: 1.8.0 -> 1.9.0
Release notes:
https://github.com/sigstore/cosign/releases/tag/v1.9.0
2022-06-03 16:14:21 +02:00
06kellyjac
b2a98c5680 cosign: 1.7.2 -> 1.8.0 2022-04-27 15:27:12 +01:00
06kellyjac
8181a1756a cosign: 1.7.1 -> 1.7.2 2022-04-12 15:36:21 +01:00
Thomas Gerbet
55fd703986 cosign: 1.6.0 -> 1.7.1
https://github.com/sigstore/cosign/releases/tag/v1.7.1
2022-04-06 20:32:51 +10:00
06kellyjac
b489e63c3c cosign: 1.5.2 -> 1.6.0
Co-authored-by: Thomas Gerbet <thomas@gerbet.me>
2022-03-04 16:40:41 +00:00
Thomas Gerbet
95fbeff9ac cosign: 1.5.1 -> 1.5.2
Fixes CVE-2022-23649.
https://github.com/sigstore/cosign/security/advisories/GHSA-ccxc-vr6p-4858
2022-02-19 10:26:45 +01:00
Thomas Gerbet
fabcd012ee cosign: 1.5.0 -> 1.5.1
https://github.com/sigstore/cosign/releases/tag/v1.5.1
2022-02-01 20:34:48 +10:00
Thomas Gerbet
d33a77c056 cosign: 1.4.1 -> 1.5.0
https://github.com/sigstore/cosign/releases/tag/v1.5.0
2022-01-25 22:14:54 +10:00
Thomas Gerbet
0ea02a2bc8 cosign: 1.4.0 -> 1.4.1
https://github.com/sigstore/cosign/releases/tag/v1.4.1
2021-12-14 12:53:47 +10:00
Thomas Gerbet
706c8c5e12 cosign: 1.3.1 -> 1.4.0
https://github.com/sigstore/cosign/releases/tag/v1.4.0
2021-12-07 17:59:10 +10:00
Thomas Gerbet
b37d18e731 cosign: 1.3.0 -> 1.3.1
https://github.com/sigstore/cosign/releases/tag/v1.3.1
2021-12-05 06:10:59 +10:00
Thomas Gerbet
6ba92e5f30 cosign: 1.2.1 -> 1.3.0
https://github.com/sigstore/cosign/releases/tag/v1.3.0
2021-11-03 11:24:59 +01:00
Thomas Gerbet
76a7ec237a cosign: 1.2.0 -> 1.2.1
https://github.com/sigstore/cosign/releases/tag/v1.2.1

`cosign version` outputs its version again.
2021-09-21 11:09:48 +02:00
Thomas Gerbet
4c89019ad9 cosign: 1.1.0 -> 1.2.0
https://github.com/sigstore/cosign/releases/tag/v1.2.0
2021-09-15 08:47:30 +02:00
Thomas Gerbet
df7d41ecb5 cosign: 1.0.1 -> 1.1.0
https://github.com/sigstore/cosign/releases/tag/v1.1.0
2021-08-26 00:17:41 +02:00
zowoq
925b2e4b8a cosign: buildFlagsArray -> tags 2021-08-07 12:30:19 +10:00
06kellyjac
361c55a03d cosign: 1.0.0 -> 1.0.1 2021-08-02 12:13:37 +01:00
Thomas Gerbet
93e0d92ccb cosign: 0.6.0 -> 1.0.0
https://github.com/sigstore/cosign/releases/tag/v1.0.0
2021-07-28 17:24:29 +02:00
Thomas Gerbet
da58fe1b2c cosign: add the sget client to the package
Since Cosign v0.5.0 a client is available to securely fetch blobs from
registries [0].

[0] eab1d40249
2021-07-22 19:36:58 +02:00
Thomas Gerbet
48e281f963 cosign: enable PIV key support
This was disabled by default in cosign 0.5.0 [0] and we did not enabled
it back when we upgraded cosign [1].

The support for PIV keys is enabled by default and can be disabled if
needed.

[0] 749c7e3e5d
[1] de0014a227
2021-07-14 20:08:39 +02:00
Thomas Gerbet
4112eb273e cosign: 0.5.0 -> 0.6.0
https://github.com/sigstore/cosign/releases/tag/v0.6.0
2021-07-13 08:47:28 +02:00
Thomas Gerbet
b3c2321264 cosign: 0.3.1 -> 0.5.0
https://github.com/sigstore/cosign/releases/tag/v0.4.0
https://github.com/sigstore/cosign/releases/tag/v0.5.0
2021-06-04 09:10:06 +02:00
06kellyjac
5a304b17ed cosign: use buildFlagsArray
And add myself as a maintainer
2021-04-21 09:06:45 +01:00
Thomas Gerbet
22a2c39a74 cosign: 0.3.0 -> 0.3.1
Also, `cosign version` now displays the version.
2021-04-21 08:59:20 +02:00
Thomas Gerbet
647960c60b cosign: 0.2.0 -> 0.3.0
Release notes:
https://github.com/sigstore/cosign/releases/tag/v0.3.0
2021-04-20 19:13:36 +02:00
Thomas Gerbet
b067647ead cosign: 0.1.0 -> 0.2.0
Release notes:
https://github.com/sigstore/cosign/releases/tag/v0.2.0
2021-03-29 22:46:10 +02:00
Thomas Gerbet
48e14cf92a cosign: init at 0.1.0 2021-03-27 18:31:13 +01:00