Skip to content

Releases: open-component-model/ocm

v0.38.0-rc.1

10 Mar 09:54
@github-actions github-actions
v0.38.0-rc.1
4499ce7

Choose a tag to compare

View all tags
v0.38.0-rc.1 Pre-release
Pre-release

What's Changed

🐛 Bug Fixes

  • fix(deps): Fix dependency bump by updating another deprecated dependency by @frewilhelm in #1856

⬆️ Dependencies

  • chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 by @dependabot[bot] in #1839
  • chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 by @dependabot[bot] in #1844
  • chore(deps): bump the go group with 15 updates by @dependabot[bot] in #1843
  • chore(deps): bump golang from 1.25.7-alpine3.22 to 1.26.1-alpine3.22 by @dependabot[bot] in #1854
  • chore(deps): update to go 1.26.1 by @matthiasbruns in #1859

🧰 Maintenance

  • chore: bump VERSION to 0.38.0-dev by @ocmbot[bot] in #1837

Full Changelog: v0.37...v0.38.0

Contributors

matthiasbruns, dependabot, and frewilhelm
Loading

v0.37.0

10 Mar 10:13
@github-actions github-actions
v0.37.0
c881585

Choose a tag to compare

View all tags
v0.37.0 Latest
Latest

What's Changed

🚀 Features

🐛 Bug Fixes

  • fix: the version comment on codeql is incorrect by @Skarlso in #1828
  • fix: revert feat: add registry client timeout attribute (#1823) by @piotrjanik in #1835
  • fix: increase token scope to create PRs or sent events in other repositories by @frewilhelm in #1834

⬆️ Dependencies

8 changes
  • chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 by @dependabot[bot] in #1788
  • chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 by @dependabot[bot] in #1798
  • chore(deps): bump the go group with 11 updates by @dependabot[bot] in #1804
  • chore: update Go version to 1.25.7 by @morri-son in #1811
  • chore(deps): bump the go group across 1 directory with 6 updates by @Skarlso in #1817
  • chore(deps): bump the go group with 10 updates by @dependabot[bot] in #1825
  • chore: update mongodb for security compliance fixes by @Skarlso in #1827
  • chore(deps): bump the go group with 7 updates by @dependabot[bot] in #1831

🧰 Maintenance

  • chore: bump VERSION to 0.37.0-dev by @ocmbot[bot] in #1796
  • chore: correct brew and readme by @morri-son in #1815
  • chore: bump VERSION to 0.38.0-dev by @ocmbot[bot] in #1819
  • chore: update to use create-github-app-token action instead of deprecated tibdex by @Skarlso in #1829
  • chore: Revert "chore: bump VERSION to 0.38.0-dev (#1819)" by @frewilhelm in #1836

Full Changelog: v0.36...v0.37.0

Contributors

Skarlso, piotrjanik, and 3 other contributors
Assets 41

latest ocm-cli

07 Jul 12:35
@ocmbot ocmbot
ocm-cli/latest
b6505ee
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
latest ocm-cli Pre-release
Pre-release

holds always the latest ocm-cli binaries

Loading

v0.37.0-rc.1

24 Feb 11:36
@github-actions github-actions
v0.37.0-rc.1
040a5cb

Choose a tag to compare

View all tags
v0.37.0-rc.1 Pre-release
Pre-release

What's Changed

🚀 Features

🐛 Bug Fixes

  • fix: the version comment on codeql is incorrect by @Skarlso in #1828
  • fix: revert feat: add registry client timeout attribute (#1823) by @piotrjanik in #1835
  • fix: increase token scope to create PRs or sent events in other repositories by @frewilhelm in #1834

⬆️ Dependencies

8 changes
  • chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 by @dependabot[bot] in #1788
  • chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 by @dependabot[bot] in #1798
  • chore(deps): bump the go group with 11 updates by @dependabot[bot] in #1804
  • chore: update Go version to 1.25.7 by @morri-son in #1811
  • chore(deps): bump the go group across 1 directory with 6 updates by @Skarlso in #1817
  • chore(deps): bump the go group with 10 updates by @dependabot[bot] in #1825
  • chore: update mongodb for security compliance fixes by @Skarlso in #1827
  • chore(deps): bump the go group with 7 updates by @dependabot[bot] in #1831

🧰 Maintenance

  • chore: bump VERSION to 0.37.0-dev by @ocmbot[bot] in #1796
  • chore: correct brew and readme by @morri-son in #1815
  • chore: bump VERSION to 0.38.0-dev by @ocmbot[bot] in #1819
  • chore: update to use create-github-app-token action instead of deprecated tibdex by @Skarlso in #1829
  • chore: Revert "chore: bump VERSION to 0.38.0-dev (#1819)" by @frewilhelm in #1836

Full Changelog: v0.36...v0.37.0

Contributors

Skarlso, piotrjanik, and 3 other contributors
Loading

v0.36.0

24 Feb 07:23
@github-actions github-actions
v0.36.0
8462719

Choose a tag to compare

View all tags
v0.36.0

What's Changed

‼️ Breaking Changes

  • fix!: use Fulcio certificate instead of public key and upgrade Sigstore Cosign from v2 to v3 by @morri-son in #1726
  • fix: chart access artifact set media type by @fabianburth in #1786

🚀 Features

🐛 Bug Fixes

  • fix: add --oci-layout flag for OCI Image Layout blob paths by @piotrjanik in #1723
  • fix: update image reference name to use the open-component-model organization repository by @piotrjanik in #1784
  • fix(1560): add more explicit errors on get cv by @matthiasbruns in #1787

⬆️ Dependencies

14 changes

🧰 Maintenance

  • chore: bump VERSION to 0.36.0-dev by @ocmbot[bot] in #1724

New Contributors

Full Changelog: v0.35...v0.36.0

Contributors

piotrjanik, matthiasbruns, and 5 other contributors
Loading

v0.36.0-rc.2

10 Feb 08:50
@github-actions github-actions
v0.36.0-rc.2
877eec6

Choose a tag to compare

View all tags
v0.36.0-rc.2 Pre-release
Pre-release

What's Changed

‼️ Breaking Changes

  • fix!: use Fulcio certificate instead of public key and upgrade Sigstore Cosign from v2 to v3 by @morri-son in #1726
  • fix: chart access artifact set media type by @fabianburth in #1786

📋 Migration Notices

Sigstore v3 Upgrade: Keyless Signing Changes (#1726)

What Changed:

  • Cosign upgraded from v2 to v3, changing OIDC token handling
  • New sigstore-v2 algorithm available for Sigstore Bundle compliance
  • Existing sigstore signatures remain fully verifiable

Required Action for GitHub Actions Workflows: Add id-token: write permission and explicit OIDC token handling before keyless signing steps. Then acquire and export the OIDC token .

Other CI/CD Platforms: No action required (always required explicit OIDC handling).

Full Migration Guide: PR #1726

🚀 Features

🐛 Bug Fixes

  • fix(deps): pin github.com/klauspost/compress to version that does not change the digest on transfer by @frewilhelm in #1738
  • fix: add --oci-layout flag for OCI Image Layout blob paths by @piotrjanik in #1723
  • fix: update image reference name to use the open-component-model organization repository by @piotrjanik in #1784
  • fix(1560): add more explicit errors on get cv by @matthiasbruns in #1787

⬆️ Dependencies

14 changes

🧰 Maintenance

  • chore: bump VERSION to 0.36.0-dev by @ocmbot[bot] in #1724

New Contributors

Full Changelog: v0.35...v0.36.0

Contributors

piotrjanik, matthiasbruns, and 5 other contributors
Loading

v0.36.0-rc.1

25 Jan 23:11
@github-actions github-actions
v0.36.0-rc.1
884c21c

Choose a tag to compare

View all tags
v0.36.0-rc.1 Pre-release
Pre-release

What's Changed

‼️ Breaking Changes

  • fix!: use Fulcio certificate instead of public key and upgrade Sigstore Cosign from v2 to v3 by @morri-son in #1726
  • fix: chart access artifact set media type by @fabianburth in #1786

🚀 Features

🐛 Bug Fixes

  • fix(deps): pin github.com/klauspost/compress to version that does not change the digest on transfer by @frewilhelm in #1738
  • fix: add --oci-layout flag for OCI Image Layout blob paths by @piotrjanik in #1723
  • fix: update image reference name to use the open-component-model organization repository by @piotrjanik in #1784
  • fix(1560): add more explicit errors on get cv by @matthiasbruns in #1787

⬆️ Dependencies

14 changes

🧰 Maintenance

  • chore: bump VERSION to 0.36.0-dev by @ocmbot[bot] in #1724

New Contributors

Full Changelog: v0.35...v0.36.0

Contributors

piotrjanik, matthiasbruns, and 5 other contributors
Loading

v0.35.0

19 Jan 09:52
@github-actions github-actions
v0.35.0
01e45fd

Choose a tag to compare

View all tags
v0.35.0

What's Changed

🚀 Features

  • feat(transfer): Optimized approach for OCM transfer by implementing a concurrent worker pool by @jakobmoellerdev in #1676

🐛 Bug Fixes

  • fix: Address concurrent setting of log level for yq-lib by @dee0sap in #1690
  • bugfix: Correct the usage of sync.OnceFunc by @dee0sap in #1696

⬆️ Dependencies

13 changes

🧰 Maintenance

  • chore: bump VERSION to 0.35.0-dev by @ocmbot[bot] in #1685

Full Changelog: v0.34...v0.35.0

Contributors

dependabot, frewilhelm, and 2 other contributors
Loading

v0.35.0-rc.3

23 Dec 11:32
@github-actions github-actions
v0.35.0-rc.3
253933d

Choose a tag to compare

View all tags
v0.35.0-rc.3 Pre-release
Pre-release

What's Changed

🚀 Features

  • feat(transfer): Optimized approach for OCM transfer by implementing a concurrent worker pool by @jakobmoellerdev in #1676

🐛 Bug Fixes

  • fix: Address concurrent setting of log level for yq-lib by @dee0sap in #1690
  • bugfix: Correct the usage of sync.OnceFunc by @dee0sap in #1696

⬆️ Dependencies

13 changes

🧰 Maintenance

  • chore: bump VERSION to 0.35.0-dev by @ocmbot[bot] in #1685

Full Changelog: v0.34...v0.35.0

Contributors

dependabot, frewilhelm, and 2 other contributors
Loading

v0.34.3

23 Dec 10:59
@github-actions github-actions
v0.34.3
f4ccfd3

Choose a tag to compare

View all tags
v0.34.3

What's Changed

⬆️ Dependencies

🧰 Maintenance

  • chore: bump VERSION to 0.34.3-dev by @ocmbot[bot] in #1747

Full Changelog: v0.34.2...v0.34.3

Contributors

frewilhelm
Loading