Skip to content

Releases: transparency-dev/distributor

v0.2.1

23 Oct 15:42
d1c70b9
Compare
Choose a tag to compare

Primary motivation for this release is to (re-)use timestamped cosignature format, and ensure freshness of signatures on distributed checkpoints.

What's Changed

New Contributors

Full Changelog: v0.2.0...v0.2.1

v0.2.0 - stable release

17 Oct 15:07
52edc76
Compare
Choose a tag to compare

Release with full set of provisioned witnesses. Also contains important fixes to cosignature verification which previously had little/big endian confusion.

What's Changed

  • 🌱(deps): Bump the all-go-deps group with 4 updates by @dependabot in #148
  • 🌱(deps): Bump codecov/codecov-action from 4.1.1 to 4.3.0 in the all-gha-deps group by @dependabot in #149
  • Bump prod to v0.1.2 by @AlCutter in #147
  • Create dashboard for liveness graphs. by @jiggoha in #150
  • Define liveness alert policy and add its graph to the dashboard. by @jiggoha in #151
  • Add CI fused devices by @AlCutter in #152
  • Check error returned for Body.Close in defer by @mhutchinson in #154
  • Fix final sum bug in live witnesses alert. by @jiggoha in #153
  • 🌱(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in #156
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #157
  • 🌱(deps): Bump cloud.google.com/go/cloudsqlconn from 1.8.1 to 1.9.0 in the all-go-deps group by @dependabot in #158
  • 🌱(deps): Bump the all-gha-deps group across 1 directory with 5 updates by @dependabot in #160
  • Bump golang from 1.22.2-alpine3.19 to 1.22.3-alpine3.19 in /cmd by @dependabot in #161
  • 🌱(deps): Bump the all-gha-deps group with 3 updates by @dependabot in #162
  • 🌱(deps): Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 in the all-go-deps group by @dependabot in #163
  • Bump golang from 2a88224 to 282ddcd in /cmd by @dependabot in #164
  • Bump golang from 282ddcd to f1fe698 in /cmd by @dependabot in #165
  • 🌱(deps): Bump the all-gha-deps group with 3 updates by @dependabot in #167
  • 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #166
  • Bump alpine from 3.19.1 to 3.20.0 in /cmd by @dependabot in #168
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #169
  • 🌱(deps): Bump cloud.google.com/go/cloudsqlconn from 1.10.0 to 1.10.1 in the all-go-deps group by @dependabot in #170
  • 🌱(deps): Bump github/codeql-action from 3.25.6 to 3.25.7 in the all-gha-deps group by @dependabot in #172
  • Bump golang from 1.22.3-alpine3.19 to 1.22.4-alpine3.19 in /cmd by @dependabot in #173
  • 🌱(deps): Bump golang.org/x/mod from 0.17.0 to 0.18.0 in the all-go-deps group by @dependabot in #174
  • 🌱(deps): Bump github/codeql-action from 3.25.7 to 3.25.8 in the all-gha-deps group by @dependabot in #175
  • 🌱(deps): Bump the all-gha-deps group with 3 updates by @dependabot in #178
  • Bump golang from 65b5d2d to d9b1f00 in /cmd by @dependabot in #177
  • 🌱(deps): Bump cloud.google.com/go/cloudsqlconn from 1.10.1 to 1.11.0 in the all-go-deps group by @dependabot in #176
  • Bump golang from d9b1f00 to c46c460 in /cmd by @dependabot in #180
  • Bump alpine from 3.20.0 to 3.20.1 in /cmd by @dependabot in #179
  • 🌱(deps): Bump github/codeql-action from 3.25.10 to 3.25.11 in the all-gha-deps group by @dependabot in #181
  • Move dependabot to weekly by @mhutchinson in #183
  • Update version of go, and run vuln checking by @mhutchinson in #184
  • Bump golang from 1.22.4-alpine3.19 to 1.22.5-alpine3.19 in /cmd by @dependabot in #185
  • 🌱(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all-gha-deps group by @dependabot in #186
  • 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #187
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #189
  • 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #188
  • 🌱(deps): Bump github/codeql-action from 3.25.12 to 3.25.13 in the all-gha-deps group by @dependabot in #190
  • Bump golang from 0642d4f to 2a88294 in /cmd by @dependabot in #192
  • Bump alpine from 3.20.1 to 3.20.2 in /cmd by @dependabot in #191
  • Bump golang from 2a88294 to 48aac60 in /cmd by @dependabot in #193
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #194
  • 🌱(deps): Bump github.com/docker/docker from 24.0.9+incompatible to 26.1.4+incompatible by @dependabot in #195
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #197
  • 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #196
  • Bump golang from 1.22.5-alpine3.19 to 1.22.6-alpine3.19 in /cmd by @dependabot in #199
  • Update token used for scorecard by @mhutchinson in #198
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #200
  • 🌱(deps): Bump github.com/ory/dockertest/v3 from 3.10.0 to 3.11.0 in the all-go-deps group by @dependabot in #201
  • Bump golang from 1.22.6-alpine3.19 to 1.23.0-alpine3.19 in /cmd by @dependabot in #203
  • Add new shard for Rekor by @haydentherapper in #204
  • 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #206
  • 🌱(deps): Bump github/codeql-action from 3.26.0 to 3.26.3 in the all-gha-deps group across 1 directory by @dependabot in #207
  • 🌱(deps): Bump github/codeql-action from 3.26.3 to 3.26.5 in the all-gha-deps group by @dependabot in #209
  • 🌱(deps): Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 in the all-go-deps group by @dependabot in #208
  • 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #210
  • 🌱(deps): Bump google.golang.org/grpc from 1.65.0 to 1.66.0 in the all-go-deps group by @dependabot in #211
  • Bump golang from 1.23.0-alpine3.19 to 1.23.1-alpine3.19 in /cmd by @dependabot in #212
  • Bump go and golangci-lint to latest version by @roger2hk in #216
  • 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #215
  • Bump golang from 90a6622 to e0ea2a1 in /cmd by @dependabot in #213
  • Bump alpine from 3.20.2 to 3.20.3 in /cmd by @dependabot in #214
  • 🌱(deps): Bump google.golang.org/grpc from 1.66.0 to 1.66.2 in the all-go-deps group by @dependabot in #218
  • 🌱(deps): Bump github/codeql-action from 3.26.6 to 3.26.7 in the all-gha-deps group by @dependabot in #219
  • Add some simple device metrics to dashboard by @AlCutter in #220
  • 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #222
  • 🌱(deps): Bump github/codeql-action from 3.26.7 to 3.26.8 in the all-gha-deps group by @dependabot in https:...
Read more

v0.1.2 - patch release

09 Apr 17:36
659fcb5
Compare
Choose a tag to compare

What's Changed

Adds: new witness IDs to prod, resilience improvements, finer-grained metrics, and dependency bumps.

Full Changelog: v0.1.1...v0.1.2

Patch release for security

28 Feb 09:58
a8796f0
Compare
Choose a tag to compare

What's Changed

Primary motivation for release is that base image of Dockerfile used for serving has been bumped, which closes known vulnerabilities in openssl in that base image.

This release also includes the new endpoint to get all witnesses the distributor is configured with.

Full Changelog: v0.1.0...v0.1.1

v0.1.0: Initial release

22 Feb 10:56
61a169f
Compare
Choose a tag to compare

Initial release of the distributor. This is still a v0 and any of the public HTTP API or Go APIs could change.

Full Changelog: https://github.com/transparency-dev/distributor/commits/v0.1.0