v0.2.3
·
216 commits
to main
since this release
v0.2.3
marcofranssen
Marco Franssen
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
1ae8ad7
This commit was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
- 623068b: Add code signing to release assets (@marcofranssen)
- 052ec4d: Add container provenance (@marcofranssen)
- 24b0d01: Add signing of provenance for github release (@marcofranssen)
- 9f8b373: Few slight improvements on release (@marcofranssen)
- 993fba4: Fix cli version in Docker image (@marcofranssen)
- 1ae8ad7: Fix signature upload (@marcofranssen)
- 50435c9: Improve versioning Docker and labels (@marcofranssen)
- e2d12de: Reuse some variables in Makefile (@marcofranssen)
- 9acf4eb: Utilize new setup-go action 'check-latest' (@marcofranssen)
- 83b3a20: explicitly define permissions for workflow (@marcofranssen)
Version bumps
- 1ef4c36: Bump Go from 1.16 to 1.17 (@marcofranssen)
- ce4e189: Bump actions/cache from 2.1.6 to 2.1.7 (@dependabot[bot])
- a96d112: Bump actions/checkout from 2.3.5 to 2.4.0 (@dependabot[bot])
- 8db2140: Bump actions/setup-go from 2.1.4 to 2.1.5 (@dependabot[bot])
- 565b62d: Bump actions/setup-go from 2.1.5 to 2.2.0 (@dependabot[bot])
- d691c81: Bump cloud.google.com/go indirect dependencies (@marcofranssen)
- 7f74603: Bump github.com/google indirect dependencies (@marcofranssen)
- 0711656: Bump github.com/hashicorp indirect dependencies (@marcofranssen)
- 465654d: Bump github.com/hashicorp/vault/api from 1.1.1 to 1.3.0 (@dependabot[bot])
- 40cbaa8: Bump github.com/hashicorp/vault/api from 1.3.0 to 1.3.1 (@dependabot[bot])
- 77021f1: Bump github.com/spiffe/go-spiffe/v2 from 2.0.0-beta.10 to 2.0.0-beta.11 (@dependabot[bot])
- 4382600: Bump go.opentelemetry.io indirect dependencies (@marcofranssen)
- 9fa4c5c: Bump go.uber.org indirect dependencies (@marcofranssen)
- caf4def: Bump golang.org/x indirect dependencies (@marcofranssen)
- a335021: Bump philips-labs/slsa-provenance-action from 0.2.0 to 0.2.2 (@dependabot[bot])
- a5c9151: Bump philips-labs/slsa-provenance-action from 0.2.2 to 0.4.0 (@dependabot[bot])
- 0a9e574: Bump slsa-provenance-action to v0.7.0 (@marcofranssen)
- 010580f: Bump some more hashicorp/vault indirect dependencies (@marcofranssen)
Full Changelog: philips-labs/slsa-provenance-action@v0.2.2...v0.2.3
Contributors
marcofranssen and dependabot