Releases: photostructure/git-ssh-signing-action
Releases · photostructure/git-ssh-signing-action
v1.1.0
- 📦 Updated GitHub Actions workflow versions
- 📦 Updated package.json: updated dev dependencies, added automated GHA updates, and fixed metadata fields
Full Changelog: v1.0...v1.1.0
v1.0.0
Promote v0.3.0 to v1.0.0
v0.3.0
Added
-
GitHub Actions workflow for automated tag updates on release to support
v0orv0.1"floating" versions (#d36120a) -- and use ourself to sign the tags -
Release documentation with detailed release process instructions
Changed
- Updated markdown-lint configuration
Full Changelog: v0.2.0...v0.3.0
v0.2.0
Added
- Configurable Git config scope with
localas default (#f88be7e)
Changed
- Improved documentation and clarified machine user setup (#93912a1, #9369bd0)
- Streamlined README for clarity and conciseness (#9369bd0)
- Enhanced test suite by consolidating to favor integration tests over heavy mocking (#f3e2e71)
Full Changelog: v0.1.0...v0.2.0
v0.1.0
Added
- Initial release of Git SSH Signing Action
- Support for SSH commit signing with Ed25519, RSA, and ECDSA keys
- Automatic SSH key installation and Git configuration
- Post-action cleanup to remove keys and restore original Git config
- SSH agent integration for key management
- Support for creating allowed signers file for signature verification
- Configurable Git signing options (commit, tag, push)
- Output values for key path, public key, and fingerprint
- Comprehensive test suite with >90% coverage
- GitHub Actions workflows for CI/CD, CodeQL analysis, and dependency updates
- Security policy and contribution guidelines
- TypeScript implementation for better type safety and maintainability
Security
- Secure file permissions (0600) for private SSH keys
- No logging of sensitive information
- Automatic cleanup of credentials after use
- Integration with GitHub security features (Dependabot, CodeQL)
Full Changelog: https://github.com/photostructure/git-ssh-signing-action/commits/v0.1.0