- Add Rekor logo to README (sigstore#650)
- update API calls to v5 (sigstore#591)
- Refactor helm type to remove intermediate state. (sigstore#575)
- Refactor the shard map parsing so we can pass it down into the API object. (sigstore#564)
- Refactor the alpine type to reduce intermediate state. (sigstore#573)
- Add logic to GET artifacts via old or new UUID (sigstore#587)
- helpful error message for hashedrekord types (sigstore#605)
- Set Accept header in dynamic counter requests (sigstore#594)
- Add sharding package and update validators (sigstore#583)
- rekor-cli: show the url in case of error (sigstore#581)
- Enable parsing of incomplete minisign keys, to enable re-indexing. (sigstore#567)
- Cleanups on the TUF pluggable type. (sigstore#563)
- Refactor the RPM type to remove more intermediate state. (sigstore#566)
- Do some cleanups of the jar type to remove intermediate state. (sigstore#561)
- Update Makefile (sigstore#621)
- update version comments since dependabot doesn't do it (sigstore#617)
- Use workload identity provider instead of GitHub Secret for GCR access (sigstore#600)
- add OSSF scorecard action (sigstore#599)
- enable the sbom for rekor releases (sigstore#586)
- Point to the official website (instead of a 404) (sigstore#580)
- add milestone to closed prs (sigstore#574)
- Add a Makefile target for the "ko apply" step. (sigstore#572)
- types/README.md: Corrected documentation link (sigstore#568)
- Bump github.com/prometheus/client_golang from 1.12.0 to 1.12.1 (sigstore#636)
- Bump github.com/go-openapi/runtime from 0.21.1 to 0.22.0 (sigstore#635)
- Bump github.com/go-openapi/swag from 0.19.15 to 0.20.0 (sigstore#634)
- Bump golang from
f71d4cato301609e(sigstore#627) - Bump golang from
0fa6504tof71d4ca(sigstore#624) - Bump google.golang.org/grpc from 1.43.0 to 1.44.0 (sigstore#622)
- Bump github/codeql-action from 1.0.29 to 1.0.30 (sigstore#619)
- Bump ossf/scorecard-action from 1.0.1 to 1.0.2 (sigstore#618)
- bump swagger and go mod tidy (sigstore#616)
- Bump github.com/go-openapi/runtime from 0.21.0 to 0.21.1 (sigstore#614)
- Bump github.com/go-openapi/errors from 0.20.1 to 0.20.2 (sigstore#613)
- Bump google-github-actions/auth from 0.4.4 to 0.5.0 (sigstore#612)
- Bump github/codeql-action from 1.0.28 to 1.0.29 (sigstore#611)
- Bump gopkg.in/ini.v1 from 1.66.2 to 1.66.3 (sigstore#608)
- Bump github.com/google/go-cmp from 0.5.6 to 0.5.7 (sigstore#609)
- Update github/codeql-action requirement to 8a4b243fbf9a03a93e93a71c1ec257347041f9c4 (sigstore#606)
- Bump github.com/prometheus/client_golang from 1.11.0 to 1.12.0 (sigstore#607)
- Bump ossf/scorecard-action from 0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a to 1.0.1 (sigstore#603)
- Bump goreleaser/goreleaser-action from 2.8.0 to 2.8.1 (sigstore#602)
- Bump golang from
8c0269dto0fa6504(sigstore#597) - Pin dependencies in github action workflows and Dockerfile (sigstore#595)
- update release image to use go 1.17.6 (sigstore#589)
- Bump golang from 1.17.5 to 1.17.6 (sigstore#588)
- Bump go.uber.org/goleak from 1.1.11 to 1.1.12 (sigstore#585)
- Bump go.uber.org/zap from 1.19.1 to 1.20.0 (sigstore#584)
- Bump github.com/go-playground/validator/v10 from 10.9.0 to 10.10.0 (sigstore#579)
- Bump actions/github-script from 4 to 5 (sigstore#577)
- Asra Ali (@asraa)
- Bob Callaway (@bobcallaway)
- Carlos Tadeu Panato Junior (@cpanato)
- Dan Lorenc (@dlorenc)
- Jason Hall (@imjasonh)
- Lily Sturmann (@lkatalin)
- Morten Linderud (@Foxboron)
- Nathan Smith (@nsmith5)
- Sylvestre Ledru (@sylvestre)
- Trishank Karthik Kuppusamy (@trishankatdatadog)
- Adds hashed rekord type that can be used to upload signatures along with the hashed content signed (sigstore#501)
- Update the schema to match that of Trillian repo. The map specific (sigstore#528)
- allow setting the user-agent string sent from the client (sigstore#521)
- update key usage for ts cert (sigstore#504)
- api/index/retrieve: allow searching on indicies with sha1 hashes (sigstore#499)
- Only include Attestation data if attestation storage enabled (sigstore#494)
- Fuzzing RequestFromRekor API (sigstore#488)
- Included pprof for profiling the application. (sigstore#485)
- refactor release and add signing (sigstore#483)
- More verbose error message for redis connection failure (sigstore#479) (sigstore#480)
- Fixed modtime for reproducible goreleaser (sigstore#473)
- add goreleaser and cloudbuild for releases (sigstore#443)
- Add dynamic JS tree size counter (sigstore#468)
- check that entry UUID == leafHash of returned entry (sigstore#469)
- chore: upgrade cosign version (sigstore#465)
- Reproducible builds with trimpath (sigstore#464)
- correct links, add Table of Contents of sorts (sigstore#449)
- update go tuf for rsa key impl (sigstore#446)
- Canonicalize JSON before inserting into trillian (sigstore#445)
- Export search UUIDs field (sigstore#438)
- Add a flag to start specifying log index ranges for virtual indices. (sigstore#435)
- Cleanup some initialization/flag parsing in rekor-server. (sigstore#433)
- Drop 404 errors down to a warning. (sigstore#426)
- Cleanup the output of search (the text goes to stderr not stdout). (sigstore#421)
- remove extradata field from types (sigstore#418)
- Update usage of ./cmd/rekor-cli/ from
rekortorekor-cli(sigstore#417) - Add TUF type (sigstore#383)
- Updates to INSTALLATION.md notes (sigstore#415)
- Update snippets to use
consoletype for snippets (sigstore#410) - version: add way to display a version when using go get or go install (sigstore#405)
- Use an in memory timestamping key (sigstore#402)
- Links are case sensitive (sigstore#401)
- Installation guide (sigstore#400)
- Add a SignedTimestampNote (sigstore#397)
- Provide instructions on verifying releases (sigstore#399)
- rekor-server: add html page when humans reach the server via the browser (sigstore#394)
- use go modules to track tools (sigstore#395)
- bug: fix minisign prehashed entries (sigstore#639)
- fix timestamp addition and unmarshal (sigstore#525)
- Correct & parallelize tests (sigstore#522)
- Fix fuzz go.sum issue (sigstore#509)
- fix validation error (sigstore#503)
- Correct Helm index keys (sigstore#474)
- Fix a bug in x509 certificate handling. (sigstore#461)
- Fix a conflict from parallel dependabot merges. (sigstore#456)
- fix tuf metadata marshalling (sigstore#447)
- Switch DSSE provider to go-securesystemslib (sigstore#442)
- fix unmarshalling sth (sigstore#409)
- Fix port flag override (sigstore#396)
- makefile: small fix on the makefile for the rekor-server (sigstore#393)
- Bump github.com/spf13/viper from 1.9.0 to 1.10.0 (sigstore#531)
- Bump sigstore/cosign-installer from 1.3.1 to 1.4.1 (sigstore#530)
- Bump the DSSE signing library. (sigstore#529)
- Bump golang from 1.17.4 to 1.17.5 (sigstore#527)
- Bump golang from 1.17.3 to 1.17.4 (sigstore#523)
- Bump gopkg.in/ini.v1 from 1.66.0 to 1.66.2 (sigstore#520)
- Bump github.com/mitchellh/mapstructure from 1.4.2 to 1.4.3 (sigstore#517)
- Bump github.com/secure-systems-lab/go-securesystemslib (sigstore#516)
- Bump gopkg.in/ini.v1 from 1.64.0 to 1.66.0 (sigstore#513)
- Upgraded go-playground/validator module to v10 (sigstore#507)
- Bump gopkg.in/ini.v1 from 1.63.2 to 1.64.0 (sigstore#495)
- Bump github.com/go-openapi/strfmt from 0.21.0 to 0.21.1 (sigstore#510)
- Bump the trillian import to v1.4.0. (sigstore#502)
- Bump the trillian versions to v1.4.0 in our docker-compose setup. (sigstore#500)
- update go.mod for go-fuzz (sigstore#496)
- Bump sigstore/cosign-installer from 1.3.0 to 1.3.1 (sigstore#491)
- Bump golang from 1.17.2 to 1.17.3 (sigstore#482)
- Bump google.golang.org/grpc from 1.41.0 to 1.42.0 (sigstore#478)
- Bump actions/checkout from 2.3.5 to 2.4.0 (sigstore#477)
- Bump github.com/go-openapi/runtime from 0.20.0 to 0.21.0 (sigstore#470)
- bump go-swagger to v0.28.0 (sigstore#463)
- Bump github.com/in-toto/in-toto-golang from 0.3.2 to 0.3.3 (sigstore#459)
- Bump actions/checkout from 2.3.4 to 2.3.5 (sigstore#458)
- Bump github.com/mediocregopher/radix/v4 from 4.0.0-beta.1 to 4.0.0 (sigstore#460)
- Bump github.com/go-openapi/runtime from 0.19.31 to 0.20.0 (sigstore#451)
- Bump github.com/go-openapi/spec from 0.20.3 to 0.20.4 (sigstore#454)
- Bump github.com/go-openapi/validate from 0.20.2 to 0.20.3 (sigstore#453)
- Bump github.com/go-openapi/strfmt from 0.20.2 to 0.20.3 (sigstore#452)
- Bump github.com/go-openapi/loads from 0.20.2 to 0.20.3 (sigstore#450)
- Bump golang from 1.17.1 to 1.17.2 (sigstore#448)
- Bump google.golang.org/grpc from 1.40.0 to 1.41.0 (sigstore#441)
- Bump golang.org/x/mod from 0.5.0 to 0.5.1 (sigstore#440)
- Bump github.com/spf13/viper from 1.8.1 to 1.9.0 (sigstore#439)
- Bump gopkg.in/ini.v1 from 1.63.0 to 1.63.2 (sigstore#437)
- Bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2 (sigstore#436)
- Bump gocloud to v0.24.0. (sigstore#434)
- Bump golang from 1.17.0 to 1.17.1 (sigstore#432)
- Bump go.uber.org/zap from 1.19.0 to 1.19.1 (sigstore#431)
- Bump gopkg.in/ini.v1 from 1.62.0 to 1.63.0 (sigstore#429)
- Bump github.com/go-openapi/runtime from 0.19.30 to 0.19.31 (sigstore#425)
- Bump github.com/go-openapi/errors from 0.20.0 to 0.20.1 (sigstore#423)
- Bump github.com/go-openapi/strfmt from 0.20.1 to 0.20.2 (sigstore#422)
- Bump golang from 1.16.7 to 1.17.0 (sigstore#413)
- Bump golang.org/x/mod from 0.4.2 to 0.5.0 (sigstore#412)
- Bump google.golang.org/grpc from 1.39.1 to 1.40.0 (sigstore#411)
- Bump github.com/go-openapi/runtime from 0.19.29 to 0.19.30 (sigstore#408)
- Bump go.uber.org/zap from 1.18.1 to 1.19.0 (sigstore#407)
- Bump golang from 1.16.6 to 1.16.7 (sigstore#403)
- Bump google.golang.org/grpc from 1.39.0 to 1.39.1 (sigstore#404)
- Aditya Sirish (@adityasaky)
- Andrew Block (@sabre1041)
- Asra Ali (@asraa)
- Axel Simon (@axelsimon)
- Batuhan Apaydın (@developer-guy)
- Bob Callaway (@bobcallaway)
- Carlos Panato (@cpanato)
- Dan Lorenc (@dlorenc)
- Dan Luhring (@luhring)
- Harry Fallows (@harryfallows)
- Hector Fernandez (@hectorj2f)
- Jake Sanders (@dekkagaijin)
- Jason Hall (@imjasonh)
- Lily Sturmann (@lkatalin)
- Luke Hinds (@lukehinds)
- Marina Moore (@mnm678)
- Mikhail Swift (@mikhailswift)
- Naveen Srinivasan (@naveensrinivasan)
- Robert James Hernandez (@sarcasticadmin)
- Santiago Torres (@SantiagoTorres)
- Tiziano Santoro (@tiziano88)
- Trishank Karthik Kuppusamy (@trishankatdatadog)
- Ville Aikas (@vaikas)
- kpcyrd (@kpcyrd)