Skip to content

Releases: openvex/vexctl

v0.4.4

Choose a tag to compare

@github-actions github-actions released this 16 Jun 17:11
Immutable release. Only release title and notes can be modified.
d344883

What's Changed

  • Bump github.com/sigstore/cosign/v2 from 2.6.0 to 2.6.1 in the all group by @dependabot[bot] in #350
  • Bump the all group with 2 updates by @dependabot[bot] in #351
  • Bump softprops/action-gh-release from 2.3.4 to 2.4.0 in the all group by @dependabot[bot] in #352
  • Bump the all group with 2 updates by @dependabot[bot] in #353
  • Bump chainguard-dev/actions from 1.5.4 to 1.5.6 in the all group by @dependabot[bot] in #354
  • Bump chainguard-dev/actions from 1.5.6 to 1.5.7 in the all group by @dependabot[bot] in #356
  • Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #357
  • Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 by @dependabot[bot] in #355
  • Bump the all group across 1 directory with 3 updates by @dependabot[bot] in #361
  • Bump github.com/sigstore/rekor from 1.4.2 to 1.4.3 in the all group by @dependabot[bot] in #360
  • Bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in #363
  • Bump actions/setup-go from 6.0.0 to 6.1.0 in the all group by @dependabot[bot] in #364
  • Bump actions/checkout from 5.0.1 to 6.0.0 by @dependabot[bot] in #365
  • Bump golangci/golangci-lint-action from 8.0.0 to 9.1.0 by @dependabot[bot] in #366
  • Bump chainguard-dev/actions from 1.5.9 to 1.5.10 in the all group by @dependabot[bot] in #367
  • Bump github.com/google/go-containerregistry from 0.20.6 to 0.20.7 in the all group by @dependabot[bot] in #368
  • Bump softprops/action-gh-release from 2.4.2 to 2.5.0 in the all group by @dependabot[bot] in #369
  • Bump actions/checkout from 6.0.0 to 6.0.1 in the all group by @dependabot[bot] in #370
  • Bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 in the all group by @dependabot[bot] in #371
  • Bump github.com/spf13/cobra from 1.10.1 to 1.10.2 in the all group by @dependabot[bot] in #372
  • Bump actions/upload-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #376
  • Updates by @cpanato in #373
  • Bump github.com/secure-systems-lab/go-securesystemslib from 0.9.1 to 0.10.0 by @dependabot[bot] in #379
  • Bump github.com/sigstore/sigstore from 1.9.6-0.20250729224751-181c5d3339b3 to 1.10.3 by @dependabot[bot] in #377
  • Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.3 by @dependabot[bot] in #374
  • Bump chainguard-dev/actions from 1.5.10 to 1.5.11 in the all group by @dependabot[bot] in #380
  • Bump github.com/sigstore/cosign/v2 from 2.6.1 to 2.6.2 in the all group by @dependabot[bot] in #381
  • Bump github.com/sigstore/fulcio from 1.8.4 to 1.8.5 by @dependabot[bot] in #382
  • Bump actions/setup-go from 6.1.0 to 6.2.0 in the all group by @dependabot[bot] in #383
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #386
  • Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.4.1 by @dependabot[bot] in #392
  • Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 by @dependabot[bot] in #388
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #391
  • Bump chainguard-dev/actions from 1.5.13 to 1.5.14 in the all group by @dependabot[bot] in #393
  • Bump chainguard-dev/actions from 1.5.14 to 1.5.16 in the all group by @dependabot[bot] in #394
  • Bump chainguard-dev/actions from 1.5.16 to 1.6.0 in the all group by @dependabot[bot] in #395
  • Bump chainguard-dev/actions from 1.6.0 to 1.6.1 in the all group by @dependabot[bot] in #396
  • Bump chainguard-dev/actions from 1.6.1 to 1.6.2 in the all group by @dependabot[bot] in #397
  • Bump chainguard-dev/actions from 1.6.2 to 1.6.4 in the all group by @dependabot[bot] in #400
  • Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 by @dependabot[bot] in #401
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #404
  • Bump actions/upload-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in #403
  • Bump github.com/package-url/packageurl-go from 0.1.3 to 0.1.4 in the all group by @dependabot[bot] in #398
  • Bump github.com/google/go-containerregistry from 0.20.7 to 0.21.0 by @dependabot[bot] in #399
  • Bump chainguard-dev/actions from 1.6.5 to 1.6.6 in the all group by @dependabot[bot] in #405
  • Bump the all group with 2 updates by @dependabot[bot] in #406
  • Bump the all group across 1 directory with 3 updates by @dependabot[bot] in #411
  • Bump the all group across 1 directory with 5 updates by @dependabot[bot] in #415
  • Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by @dependabot[bot] in #421
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #420
  • Port to new intoto/attestation by @puerco in #417
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #423
  • fix(add): allow add without --product flag by @ricardbejarano in #422
  • Bump google.golang.org/grpc from 1.78.0 to 1.79.3 by @dependabot[bot] in #412
  • Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.10.0 by @dependabot[bot] in #390
  • Bump kubernetes-sigs/release-actions from 0.4.2 to 0.4.3 in the all group by @dependabot[bot] in #424
  • Bump github.com/google/go-containerregistry from 0.21.3 to 0.21.4 in the all group by @dependabot[bot] in #425
  • Bump actions/upload-artifact from 7.0.0 to 7.0.1 in the all group by @dependabot[bot] in #427
  • Bump github.com/sigstore/cosign/v2 from 2.6.2 to 2.6.3 in the all group by @dependabot[bot] in #426
  • Bump github.com/sigstore/timestamp-authority/v2 from 2.0.3 to 2.0.6 by @dependabot[bot] in #433
  • Bump github.com/google/go-containerregistry from 0.21.4 to 0.21.5 in the all group across 1 directory by @dependabot[bot] in #432
  • Bump softprops/action-gh-release from 2.6.1 to 3.0.0 by @dependabot[bot] in #431
  • Bump chainguard-dev/actions from 1.6.13 to 1.6.14 in the all group by @dependabot[bot] in #430
  • Bump the all group with 2 updates by @dependabot[bot] in #434
  • Bump github.com/secure-systems-lab/go-securesystemslib from 0.10.0 to 0.11.0 by @dependabot[bot] in #435
  • Bump github.com/package-url/packageurl-go from 0.1.5 to 0.1.6 in the all group by @dependabot[bot] in #437
  • Bump the all group with 2 updates by @dependabot[bot] in #436
  • Bump chainguard-dev/actions from 1.6.16 to 1.6.17 in the all group by @dependabot[bot] in #438
  • Bump chainguard-dev/actions from 1.6.17 to 1.6.19 in the all group by @dependabot[bot] in #439
  • Bump sigstore/cosign-installer from 4.1.1 to 4.1.2 in the all group by @dependabot[bot] in #440
  • build(deps): Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #443
  • build(deps): Bump goreleaser/goreleaser-action from 7.2.1 to 7.2.2 in the all group by @dependabot[bot] in #442
  • build(deps): Bump golangci/golangci-lint-action from 9.2.0 to 9.2.1 in the all group by @dependabot[bot] in #445
  • build(deps): Bump github.com/sigstore/rekor from 1.5.1 to 1.5.2 in the all group by @dependabot[bot] in #446
  • build(deps): Bump github.com/sigstore/sigstore from 1.10.6 to 1.10.8 in the all group by @dependabot[bot] in #447
  • build(deps): Bump the all group with 2 updates by @dependabot[bot] in #448
  • build(deps): Bump chainguard-dev/actions from 1.6.21 to 1.6.22 in the all group by @dependabot[bot] in #449
  • build(deps): Bump chainguard-dev/actions from 1.6...
Read more

v0.4.1

Choose a tag to compare

@github-actions github-actions released this 02 Oct 01:15
54a0fde

ℹ️ This minor release corrects a problem where the naming scheme of the binaries was reversed in v0.4.0, breaking the installer action. No code changes.

What's Changed

New Contributors

Full Changelog: v0.4.0...v0.4.1

v0.4.0

Choose a tag to compare

@github-actions github-actions released this 29 Sep 14:54
4407433

What's Changed

  • upgrade to go1.23 by @cpanato in #245
  • Bump sigs.k8s.io/release-utils from 0.8.4 to 0.8.5 in the all group by @dependabot[bot] in #246
  • Bump actions/checkout from 4.1.7 to 4.2.0 in the all group by @dependabot[bot] in #247
  • Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 in the all group by @dependabot[bot] in #249
  • Bump github.com/sigstore/cosign/v2 from 2.4.0 to 2.4.1 in the all group by @dependabot[bot] in #248
  • Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 in the all group by @dependabot[bot] in #250
  • Bump the all group with 2 updates by @dependabot[bot] in #251
  • Bump actions/upload-artifact from 4.4.1 to 4.4.2 in the all group by @dependabot[bot] in #252
  • Bump actions/upload-artifact from 4.4.2 to 4.4.3 in the all group by @dependabot[bot] in #253
  • Bump github.com/sigstore/sigstore from 1.8.9 to 1.8.10 in the all group by @dependabot[bot] in #254
  • Bump kubernetes-sigs/release-actions from 0.2.0 to 0.3.0 in the all group by @dependabot[bot] in #255
  • Bump actions/checkout from 4.2.1 to 4.2.2 in the all group by @dependabot[bot] in #256
  • Bump actions/setup-go from 5.0.2 to 5.1.0 in the all group by @dependabot[bot] in #257
  • Bump softprops/action-gh-release from 2.0.8 to 2.0.9 in the all group by @dependabot[bot] in #258
  • Bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 in the all group by @dependabot[bot] in #259
  • Bump softprops/action-gh-release from 2.0.9 to 2.1.0 in the all group by @dependabot[bot] in #261
  • Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group by @dependabot[bot] in #260
  • Bump the all group with 2 updates by @dependabot[bot] in #263
  • Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in the go_modules group by @dependabot[bot] in #264
  • Bump actions/upload-artifact from 4.4.3 to 4.5.0 in the all group by @dependabot[bot] in #266
  • Bump softprops/action-gh-release from 2.2.0 to 2.2.1 in the all group by @dependabot[bot] in #267
  • Bump actions/upload-artifact from 4.5.0 to 4.6.0 in the all group by @dependabot[bot] in #269
  • Bump ko-build/setup-ko from 0.7 to 0.8 in the all group by @dependabot[bot] in #270
  • Bump go dependencies manually by @puerco in #272
  • Bump sigs.k8s.io/release-utils from 0.8.5 to 0.9.0 by @dependabot[bot] in #273
  • Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 in the all group by @dependabot[bot] in #274
  • Bump actions/setup-go from 5.2.0 to 5.3.0 in the all group by @dependabot[bot] in #275
  • Bump github.com/sigstore/rekor from 1.3.8 to 1.3.9 in the all group by @dependabot[bot] in #276
  • Bump sigs.k8s.io/release-utils from 0.9.0 to 0.10.0 by @dependabot[bot] in #277
  • Bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 in the all group by @dependabot[bot] in #280
  • Bump the all group with 2 updates by @dependabot[bot] in #279
  • Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 in the all group by @dependabot[bot] in #281
  • Bump golangci/golangci-lint-action from 6.3.0 to 6.3.2 in the all group by @dependabot[bot] in #282
  • Bump goreleaser/goreleaser-action from 6.1.0 to 6.2.1 in the all group by @dependabot[bot] in #283
  • Bump golangci/golangci-lint-action from 6.3.2 to 6.3.3 in the all group by @dependabot[bot] in #284
  • Bump github.com/sigstore/sigstore from 1.8.12 to 1.8.14 in the all group by @dependabot[bot] in #285
  • Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot[bot] in #286
  • Bump golangci/golangci-lint-action from 6.3.3 to 6.5.0 in the all group by @dependabot[bot] in #287
  • use go1.24 and update golangci-lint by @cpanato in #288
  • Bump the all group with 2 updates by @dependabot[bot] in #289
  • Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 in the all group by @dependabot[bot] in #290
  • Bump actions/upload-artifact from 4.6.0 to 4.6.1 in the all group by @dependabot[bot] in #291
  • Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 in the go_modules group by @dependabot[bot] in #292
  • Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 in the go_modules group by @dependabot[bot] in #293
  • Bump golang.org/x/net from 0.35.0 to 0.36.0 in the go_modules group by @dependabot[bot] in #297
  • Bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 in the all group by @dependabot[bot] in #296
  • Bump golangci/golangci-lint-action from 6.5.1 to 6.5.2 in the all group by @dependabot[bot] in #299
  • Bump the all group with 2 updates by @dependabot[bot] in #300
  • Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 in the go_modules group by @dependabot[bot] in #301
  • Bump github.com/sigstore/sigstore from 1.8.15 to 1.9.1 by @dependabot[bot] in #295
  • Bump sigs.k8s.io/release-utils from 0.11.0 to 0.11.1 in the all group by @dependabot[bot] in #303
  • Bump goreleaser/goreleaser-action from 6.2.1 to 6.3.0 in the all group by @dependabot[bot] in #304
  • Bump ko-build/setup-ko from 0.8 to 0.9 in the all group by @dependabot[bot] in #308
  • Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 by @dependabot[bot] in #306
  • Bump kubernetes-sigs/release-actions from 0.3.0 to 0.3.1 in the all group by @dependabot[bot] in #309
  • Bump softprops/action-gh-release from 2.2.1 to 2.2.2 in the all group by @dependabot[bot] in #310
  • Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 in the all group by @dependabot[bot] in #311
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #307
  • Bump github.com/sigstore/sigstore from 1.9.3 to 1.9.4 in the all group by @dependabot[bot] in #312
  • Bump actions/setup-go from 5.4.0 to 5.5.0 in the all group by @dependabot[bot] in #314
  • Bump github.com/google/go-containerregistry from 0.20.3 to 0.20.4 in the all group by @dependabot[bot] in #315
  • Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 in the go_modules group by @dependabot[bot] in #318
  • Bump softprops/action-gh-release from 2.2.2 to 2.3.0 in the all group by @dependabot[bot] in #317
  • Bump softprops/action-gh-release from 2.3.0 to 2.3.2 in the all group by @dependabot[bot] in #319
  • Bump the all group across 1 directory with 2 updates by @dependabot[bot] in #320
  • Bump the all group with 2 updates by @dependabot[bot] in #322
  • Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 in the all group by @dependabot[bot] in #323
  • Bump github.com/sigstore/cosign/v2 from 2.5.1 to 2.5.2 in the all group by @dependabot[bot] in #324
  • Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 in the all group by @dependabot[bot] in #325
  • Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in the go_modules group by @dependabot[bot] in #326
  • Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3 in the all group by @dependabot[bot] in #327
  • Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 in the all group by @dependabot[bot] in #329
  • Bump sigs.k8s.io/release-utils from 0.11.1 to 0.12.0 by @dependabot[bot] in #328
  • Bump github.com/sigstore/rekor from 1.3.10 to 1.4.0 by @dependabot[bot] in #330
  • Bump github.com/secure-systems-lab/go-securesystemslib from 0.9.0 to 0.9.1 in the all group by @dependabot[bot] in #331
  • Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #332
  • update release-utils and fix pkg n...
Read more

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 10 Sep 01:57
c613023

What's Changed

New Contributors

Full Changelog: v0.2.6...v0.3.0

v0.2.6

Choose a tag to compare

@github-actions github-actions released this 15 Dec 11:42
13fa934

What's Changed

  • revamp release job, cleanups and add snapshot job by @cpanato in #138
  • Bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 by @dependabot in #140
  • Move release actions to kubernetes-sigs by @puerco in #141
  • Bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 by @dependabot in #142
  • Update examples to v0.2.0 by @puerco in #145
  • Fix bug when updating documents in place. by @puerco in #144
  • Bump github.com/sigstore/cosign/v2 from 2.2.1 to 2.2.2 by @dependabot in #146
  • Fix keyless verification of openvex attesatations by @puerco in #147
  • Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #148
  • Bump sigstore/cosign-installer from 3.2.0 to 3.3.0 by @dependabot in #149
  • vexctl generate by @puerco in #150

Full Changelog: v0.2.5...v0.2.6

v0.2.5

Choose a tag to compare

@github-actions github-actions released this 21 Nov 23:44
d64a2b0

What's Changed

New Contributors

Full Changelog: v0.2.3...v0.2.5

v0.2.3

Choose a tag to compare

@github-actions github-actions released this 21 Jul 19:39
a1d4be0

What's Changed

Full Changelog: v0.2.2...v0.2.3

v0.2.0

Choose a tag to compare

@puerco puerco released this 20 Jan 05:59

What's Changed

  • vexctl: Forked repo kickstart by @puerco in #1
  • Break dependency on old chainguard/vex module by @puerco in #2
  • switch CVE to official 'sample' ID by @attritionorg in #5
  • Restore attestation capability after repo split by @puerco in #6
  • Update import paths to openvex/go-vex by @puerco in #7

New Contributors

Full Changelog: v0.1.0...v0.2.0