Releases · DataDog/go-tuf

25 Jul 19:29

github-actions

v1.1.1-0.5.2

8c61504

v1.1.1-0.5.2 Pre-release

Pre-release

Changelog

Bug fixes

8c61504: fix: 5.3.11 rollback attack recovery (#70) (@moth-a)

Others

0b2cc16: ci: Upgrade to golangci-lint v8 and config yml spec v2 (@moth-a)

Contributors

moth-a

Assets 18

10 Aug 16:12

github-actions

v0.6.0

9774d79

v0.6.0 Latest

Latest

Changelog

Breaking changes

9774d79: feat!: add deprecating message for the encrypted package (theupdateframework#521) (@rdimitrov)

Features

6aa3072: feat: increase scrypt parameters (theupdateframework#470) (@Zenithar)

Bug fixes

5a019c3: fix: golangci-lint failures when tested against Go 1.20 (theupdateframework#457) (@rdimitrov)
6b93a5a: fix: sign-payload shouldn't recanonicalize payload (theupdateframework#479) (@znewman01)
2adcfe7: fix: Update the ecdsa key type to the latest spec (1.0.32). (theupdateframework#508) (@kommendorkapten)

Others

2cea368: chore(deps): bump goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (theupdateframework#453) (@dependabot[bot])
f077110: chore(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (theupdateframework#451) (@dependabot[bot])
0cd000c: chore(deps): bump arnested/go-version-action from 1.1.6 to 1.1.7 (theupdateframework#454) (@dependabot[bot])
fab805a: chore(deps): bump amannn/action-semantic-pull-request from 5.0.2 to 5.1.0 (theupdateframework#458) (@dependabot[bot])
96a25a4: chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (theupdateframework#466) (@dependabot[bot])
075e800: chore(deps): bump golang.org/x/term from 0.0.0-20210927222741-03fcf44c2211 to 0.5.0 (theupdateframework#465) (@dependabot[bot])
7b0f249: chore(deps): bump golang.org/x/crypto from 0.0.0-20211117183948-ae814b36b871 to 0.6.0 (theupdateframework#464) (@dependabot[bot])
c386074: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.4.0 to 0.5.0 (theupdateframework#459) (@dependabot[bot])
ad9ad10: chore(deps): bump golang.org/x/term from 0.5.0 to 0.6.0 (theupdateframework#468) (@dependabot[bot])
ba794d1: chore(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 (theupdateframework#469) (@dependabot[bot])
d271873: chore(deps): bump securesystemslib from 0.26.0 to 0.27.0 (theupdateframework#471) (@dependabot[bot])
493ab6c: chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (theupdateframework#472) (@dependabot[bot])
7f231b3: chore(deps): bump amannn/action-semantic-pull-request from 5.1.0 to 5.2.0 (theupdateframework#473) (@dependabot[bot])
7cddf58: docs: Update install instructions in README (theupdateframework#474) (@haydentherapper)
30b7aae: chore(deps): bump golang.org/x/term from 0.6.0 to 0.7.0 (theupdateframework#477) (@dependabot[bot])
ab35782: chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (theupdateframework#478) (@dependabot[bot])
c7d649b: ci(build): Add arm64 to build (theupdateframework#463) (@udf2457)
7986772: chore(deps): bump arnested/go-version-action from 1.1.7 to 1.1.8 (theupdateframework#480) (@dependabot[bot])
7a57438: chore(deps): bump securesystemslib from 0.27.0 to 0.28.0 (theupdateframework#481) (@dependabot[bot])
c79b5e6: chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (theupdateframework#482) (@dependabot[bot])
8edc996: chore(deps): bump shogo82148/actions-goveralls from 1.6.0 to 1.7.0 (theupdateframework#483) (@dependabot[bot])
e077a68: chore(deps): bump requests from 2.28.2 to 2.29.0 (theupdateframework#484) (@dependabot[bot])
39f588c: chore(deps): bump golang.org/x/term from 0.7.0 to 0.8.0 (theupdateframework#487) (@dependabot[bot])
dfbd21a: chore(deps): bump requests from 2.29.0 to 2.30.0 (theupdateframework#488) (@dependabot[bot])
56698a3: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.5.0 to 0.6.0 (theupdateframework#486) (@dependabot[bot])
b4feccd: chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (theupdateframework#489) (@dependabot[bot])
ed58d45: chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (theupdateframework#491) (@dependabot[bot])
e9da9a9: chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (theupdateframework#493) (@dependabot[bot])
d1450a5: chore: Bump spec version (theupdateframework#495) (@znewman01)
401f689: chore(deps): bump requests from 2.30.0 to 2.31.0 (theupdateframework#496) (@dependabot[bot])
a41f2d2: chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (theupdateframework#497) (@dependabot[bot])
1f98392: chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (theupdateframework#498) (@dependabot[bot])
6e5284c: chore(deps): bump arnested/go-version-action from 1.1.8 to 1.1.9 (theupdateframework#499) (@dependabot[bot])
c95b553: chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (theupdateframework#501) (@dependabot[bot])
0bf668e: ci: Disable daily checking for version but not security updates (theupdateframework#500) (@trishankatdatadog)
44727bf: chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (theupdateframework#502) (@dependabot[bot])
4e506c4: chore(deps): bump iso8601 from 1.1.0 to 2.0.0 (theupdateframework#503) (@dependabot[bot])
c844873: docs: add go-tuf security assessment report (theupdateframework#504) (@rdimitrov)
842dc87: chore(deps): bump golang.org/x/term from 0.8.0 to 0.9.0 (theupdateframework#505) (@dependabot[bot])
caa9677: chore(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (theupdateframework#507) (@dependabot[bot])
f21355b: chore(deps): bump golang.org/x/crypto from 0.9.0 to 0.10.0 (theupdateframework#506) (@dependabot[bot])
31dbaec: docs: added myself (kommendorkapten) as a maintainer (theupdateframework#510) (@kommendorkapten)
6adc195: chore(deps): bump arnested/go-version-action from 1.1.9 to 1.1.11 (theupdateframework#511) (@dependabot[bot])
4b9fd32: docs: add list with alternative implementations (theupdateframework#169) (@mnm678)
aa1a857: chore(deps): bump golang.org/x/term from 0.9.0 to 0.10.0 (theupdateframework#513) (@dependabot[bot])
5ed6239: chore(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 (theupdateframework#514) (@dependabot[bot])
030ef07: chore(deps): bump arnested/go-version-action from 1.1.11 to 1.1.12 (theupdateframework#520) (@dependabot[bot])
e2f53d9: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 (theupdateframework#518) (@dependabot[bot])

Contributors

Zenithar, znewman01, and 7 other contributors

Assets 18

tuf-0.6.0.tar.gz

521 KB 2023-08-10T16:12:08Z
tuf-client-0.6.0.tar.gz

521 KB 2023-08-10T16:12:16Z
tuf-client_0.6.0_checksums.txt

708 Bytes 2023-08-10T16:12:15Z
tuf-client_0.6.0_darwin_amd64.tar.gz

2.51 MB 2023-08-10T16:12:16Z
tuf-client_0.6.0_darwin_arm64.tar.gz

2.41 MB 2023-08-10T16:12:15Z
tuf-client_0.6.0_linux_amd64.tar.gz

2.42 MB 2023-08-10T16:12:16Z
tuf-client_0.6.0_linux_arm64.tar.gz

2.23 MB 2023-08-10T16:12:17Z
tuf-client_0.6.0_windows_amd64.tar.gz

2.41 MB 2023-08-10T16:12:16Z
tuf-client_0.6.0_windows_arm64.tar.gz

2.23 MB 2023-08-10T16:12:15Z
tuf_0.6.0_checksums.txt

659 Bytes 2023-08-10T16:12:05Z
Source code (zip)

2023-07-21T08:11:04Z
Source code (tar.gz)

2023-07-21T08:11:04Z

20 Jul 13:58

github-actions

v1.0.1-0.5.2

37b520c

v1.0.1-0.5.2 Pre-release

Pre-release

Changelog

Bug fixes

37b520c: fix(localMeta): Ignore non-existent remote metadata files when filling localMeta (@BaptisteFoy)

Contributors

BaptisteFoy

Assets 18

17 Jul 15:52

github-actions

v1.0.0-0.5.2

4535088

v1.0.0-0.5.2 Pre-release

Pre-release

Changelog

Features

6aa3072: feat: increase scrypt parameters (theupdateframework#470) (@Zenithar)

Bug fixes

5a019c3: fix: golangci-lint failures when tested against Go 1.20 (theupdateframework#457) (@rdimitrov)
6b93a5a: fix: sign-payload shouldn't recanonicalize payload (theupdateframework#479) (@znewman01)
2adcfe7: fix: Update the ecdsa key type to the latest spec (1.0.32). (theupdateframework#508) (@kommendorkapten)
4535088: fix(fork): Make package reference itself instead of theupdateframework/go-tuf. See 0654cc1. (@BaptisteFoy)

Others

2cea368: chore(deps): bump goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (theupdateframework#453) (@dependabot[bot])
f077110: chore(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (theupdateframework#451) (@dependabot[bot])
0cd000c: chore(deps): bump arnested/go-version-action from 1.1.6 to 1.1.7 (theupdateframework#454) (@dependabot[bot])
fab805a: chore(deps): bump amannn/action-semantic-pull-request from 5.0.2 to 5.1.0 (theupdateframework#458) (@dependabot[bot])
96a25a4: chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (theupdateframework#466) (@dependabot[bot])
075e800: chore(deps): bump golang.org/x/term from 0.0.0-20210927222741-03fcf44c2211 to 0.5.0 (theupdateframework#465) (@dependabot[bot])
7b0f249: chore(deps): bump golang.org/x/crypto from 0.0.0-20211117183948-ae814b36b871 to 0.6.0 (theupdateframework#464) (@dependabot[bot])
c386074: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.4.0 to 0.5.0 (theupdateframework#459) (@dependabot[bot])
ad9ad10: chore(deps): bump golang.org/x/term from 0.5.0 to 0.6.0 (theupdateframework#468) (@dependabot[bot])
ba794d1: chore(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 (theupdateframework#469) (@dependabot[bot])
d271873: chore(deps): bump securesystemslib from 0.26.0 to 0.27.0 (theupdateframework#471) (@dependabot[bot])
493ab6c: chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (theupdateframework#472) (@dependabot[bot])
7f231b3: chore(deps): bump amannn/action-semantic-pull-request from 5.1.0 to 5.2.0 (theupdateframework#473) (@dependabot[bot])
7cddf58: docs: Update install instructions in README (theupdateframework#474) (@haydentherapper)
30b7aae: chore(deps): bump golang.org/x/term from 0.6.0 to 0.7.0 (theupdateframework#477) (@dependabot[bot])
ab35782: chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (theupdateframework#478) (@dependabot[bot])
c7d649b: ci(build): Add arm64 to build (theupdateframework#463) (@udf2457)
7986772: chore(deps): bump arnested/go-version-action from 1.1.7 to 1.1.8 (theupdateframework#480) (@dependabot[bot])
7a57438: chore(deps): bump securesystemslib from 0.27.0 to 0.28.0 (theupdateframework#481) (@dependabot[bot])
c79b5e6: chore(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (theupdateframework#482) (@dependabot[bot])
8edc996: chore(deps): bump shogo82148/actions-goveralls from 1.6.0 to 1.7.0 (theupdateframework#483) (@dependabot[bot])
e077a68: chore(deps): bump requests from 2.28.2 to 2.29.0 (theupdateframework#484) (@dependabot[bot])
39f588c: chore(deps): bump golang.org/x/term from 0.7.0 to 0.8.0 (theupdateframework#487) (@dependabot[bot])
dfbd21a: chore(deps): bump requests from 2.29.0 to 2.30.0 (theupdateframework#488) (@dependabot[bot])
56698a3: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.5.0 to 0.6.0 (theupdateframework#486) (@dependabot[bot])
b4feccd: chore(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 (theupdateframework#489) (@dependabot[bot])
ed58d45: chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (theupdateframework#491) (@dependabot[bot])
e9da9a9: chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (theupdateframework#493) (@dependabot[bot])
d1450a5: chore: Bump spec version (theupdateframework#495) (@znewman01)
401f689: chore(deps): bump requests from 2.30.0 to 2.31.0 (theupdateframework#496) (@dependabot[bot])
a41f2d2: chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (theupdateframework#497) (@dependabot[bot])
1f98392: chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (theupdateframework#498) (@dependabot[bot])
6e5284c: chore(deps): bump arnested/go-version-action from 1.1.8 to 1.1.9 (theupdateframework#499) (@dependabot[bot])
c95b553: chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (theupdateframework#501) (@dependabot[bot])
0bf668e: ci: Disable daily checking for version but not security updates (theupdateframework#500) (@trishankatdatadog)
44727bf: chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (theupdateframework#502) (@dependabot[bot])
4e506c4: chore(deps): bump iso8601 from 1.1.0 to 2.0.0 (theupdateframework#503) (@dependabot[bot])
c844873: docs: add go-tuf security assessment report (theupdateframework#504) (@rdimitrov)
842dc87: chore(deps): bump golang.org/x/term from 0.8.0 to 0.9.0 (theupdateframework#505) (@dependabot[bot])
caa9677: chore(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (theupdateframework#507) (@dependabot[bot])
f21355b: chore(deps): bump golang.org/x/crypto from 0.9.0 to 0.10.0 (theupdateframework#506) (@dependabot[bot])
31dbaec: docs: added myself (kommendorkapten) as a maintainer (theupdateframework#510) (@kommendorkapten)
6adc195: chore(deps): bump arnested/go-version-action from 1.1.9 to 1.1.11 (theupdateframework#511) (@dependabot[bot])
4b9fd32: docs: add list with alternative implementations (theupdateframework#169) (@mnm678)
aa1a857: chore(deps): bump golang.org/x/term from 0.9.0 to 0.10.0 (theupdateframework#513) (@dependabot[bot])
5ed6239: chore(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 (theupdateframework#514) (@dependabot[bot])
030ef07: chore(deps): bump arnested/go-version-action from 1.1.11 to 1.1.12 (theupdateframework#520) (@dependabot[bot])
e2f53d9: chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 (theupdateframework#518) (@dependabot[bot])

Contributors

Zenithar, znewman01, and 8 other contributors

Assets 18

28 Sep 20:22

arbll

v0.3.0-GHSA-3633-5h82-39pq-fix

2e56197

v0.3.0-GHSA-3633-5h82-39pq-fix

Fixes GHSA-3633-5h82-39pq

Assets 2

15 Sep 12:38

BaptisteFoy

v0.3.0--fix-localmeta

198f913

v0.3.0--fix-localmeta

Adds our local fix for localMeta. See theupdateframework#384

Assets 2

Releases: DataDog/go-tuf

v1.1.1-0.5.2

Changelog

Bug fixes

Others

Contributors

Uh oh!

v0.6.0

Changelog

Breaking changes

Features

Bug fixes

Others

Contributors

Uh oh!

v1.0.1-0.5.2

Changelog

Bug fixes

Contributors

Uh oh!

v1.0.0-0.5.2

Changelog

Features

Bug fixes

Others

Contributors

Uh oh!

v0.3.0-GHSA-3633-5h82-39pq-fix

Uh oh!

v0.3.0--fix-localmeta

Uh oh!