v0.1.0
Pre-release
Pre-release
What's Changed
- Adopt some github workflows from sigstore-python by @segiddins in #2
- Bump rake from 13.1.0 to 13.2.1 by @dependabot in #5
- Bump codecov/codecov-action from 4.0.1 to 4.3.0 in the actions group by @dependabot in #3
- Bump rubocop from 1.60.2 to 1.63.4 by @dependabot in #4
- [StepSecurity] Apply security best practices by @step-security-bot in #6
- Update precommit config by @segiddins in #7
- Bump the actions group with 4 updates by @dependabot in #8
- Bump codecov/codecov-action from 4.3.0 to 4.3.1 in the actions group by @dependabot in #10
- Better errors + x509 parsing by @segiddins in #9
- Bump ruby/setup-ruby from 1.175.1 to 1.176.0 in the actions group by @dependabot in #12
- Bump actions/checkout from 4.1.4 to 4.1.5 in the actions group by @dependabot in #13
- Begin implementing dsse/in-toto support by @segiddins in #11
- Bump github/codeql-action from 3.25.3 to 3.25.4 in the actions group by @dependabot in #14
- Bump ossf/scorecard-action from 2.3.1 to 2.3.3 in the actions group by @dependabot in #16
- Bump github/codeql-action from 3.25.4 to 3.25.5 in the actions group by @dependabot in #17
- Bump codecov/codecov-action from 4.3.1 to 4.4.0 in the actions group by @dependabot in #18
- Bump the actions group across 1 directory with 4 updates by @dependabot in #20
- Bump step-security/harden-runner from 2.7.1 to 2.8.0 in the actions group by @dependabot in #21
- Bump ruby/setup-ruby from 1.177.0 to 1.177.1 in the actions group by @dependabot in #22
- Bump rubocop from 1.63.4 to 1.64.0 by @dependabot in #23
- Use ruby 3.3.1 in development by @segiddins in #24
- Bump webmock from 3.23.0 to 3.23.1 by @dependabot in #25
- Bump rubocop from 1.64.0 to 1.64.1 by @dependabot in #26
- Bump timecop from 0.9.8 to 0.9.9 by @dependabot in #29
- Bump the actions group across 1 directory with 4 updates by @dependabot in #33
- Bump the actions group with 3 updates by @dependabot in #34
- Bump the actions group with 2 updates by @dependabot in #35
- Bump timecop from 0.9.9 to 0.9.10 by @dependabot in #36
- Bump ruby/setup-ruby from 1.180.0 to 1.180.1 in the actions group by @dependabot in #37
- Add codeowners file by @segiddins in #43
- Update staging root to version 8 by @segiddins in #41
- Extract TUF config to a class by @segiddins in #39
- Implement TUF hash/length verification by @segiddins in #40
- Start adding some tests for merkle verification by @segiddins in #42
- Bump ruby/setup-ruby from 1.180.1 to 1.182.0 in the actions group by @dependabot in #54
- TSA verification by @segiddins in #44
- Bump the actions group with 2 updates by @dependabot in #57
- Extract TUF Updater into tuf/ by @segiddins in #56
- Support DSSE 0.0.1 DSSE envelopes by @segiddins in #58
- Bump the actions group across 1 directory with 2 updates by @dependabot in #60
- Bump ruby/setup-ruby from 1.185.0 to 1.187.0 in the actions group across 1 directory by @dependabot in #63
- Bump the actions group across 1 directory with 2 updates by @dependabot in #65
- Bump the actions group across 1 directory with 2 updates by @dependabot in #67
- Bump rexml from 3.2.8 to 3.3.2 in the bundler group by @dependabot in #68
- Refactor verifier to perform steps in the order given by the spec by @segiddins in #55
- Bump ruby/setup-ruby from 1.187.0 to 1.188.0 in the actions group by @dependabot in #70
- Conformance fixes on ruby-head in CI by @segiddins in #73
- Exclude conformance tests from rubocop by @segiddins in #38
- Add default excludes to rubocop by @segiddins in #77
- Bump the actions group across 1 directory with 4 updates by @dependabot in #76
- Bump rexml from 3.3.2 to 3.3.3 in the bundler group by @dependabot in #74
- Bump step-security/harden-runner from 2.9.0 to 2.9.1 in the actions group by @dependabot in #78
- Bump the actions group with 2 updates by @dependabot in #79
- Bump github/codeql-action from 3.26.0 to 3.26.1 in the actions group by @dependabot in #80
- Bump github/codeql-action from 3.26.1 to 3.26.2 in the actions group by @dependabot in #82
- Add merkle inclusion proof tests by @segiddins in #83
- TUF conformance by @segiddins in #69
- Bump vcr from 6.2.0 to 6.3.0 by @dependabot in #84
- Bump vcr from 6.3.0 to 6.3.1 by @dependabot in #87
- Support rsa-pkcs1v15-sha256 keys by @segiddins in #86
- Fix TUF rollback protection by @segiddins in #89
- Bump rexml from 3.3.3 to 3.3.6 in the bundler group by @dependabot in #91
- Update vendored trusted roots by @segiddins in #93
- Fix walk of target delegations to be DFS by @segiddins in #95
- Bump github/codeql-action from 3.26.2 to 3.26.5 in the actions group across 1 directory by @dependabot in #96
- Bump theupdateframework/tuf-conformance from 2c8a0a73f2eea756ddc2e8b11077cb063aa221ed to a45d2183228f9bed664616669c11d19558e0be3f in the actions group by @dependabot in #97
- Bump theupdateframework/tuf-conformance from a45d2183228f9bed664616669c11d19558e0be3f to b8f2205151cf52499becade10fd9cddf574e6bf1 in the actions group by @dependabot in #98
- Bump the actions group across 1 directory with 2 updates by @dependabot in #100
- Bump the actions group across 1 directory with 3 updates by @dependabot in #106
- Bump step-security/harden-runner from 2.9.1 to 2.10.0 in the actions group by @dependabot in #107
- Bump the actions group across 1 directory with 2 updates by @dependabot in #109
- Bump rubocop-performance from 1.21.1 to 1.22.0 by @dependabot in #111
- Bump the actions group across 1 directory with 2 updates by @dependabot in #113
- Bump rubocop-performance from 1.22.0 to 1.22.1 by @dependabot in #114
- Bump github/codeql-action from 3.26.7 to 3.26.8 in the actions group by @dependabot in #115
- Bump theupdateframework/tuf-conformance from e9a3a160751549e8a9fd92b267a5c92247d9df82 to 307fb63cefc6c47d2c4c20e579f5e2f258c9e83f in the actions group by @dependabot in #116
- Sigstore signer by @segiddins in #81
- Bump rubocop from 1.64.1 to 1.66.1 by @dependabot in #104
- Update vendored trusted roots by @segiddins in #112
- Restrict ci workflow github token permissions by @segiddins in #117
- Stop using RubyGems for conformance testing CLI by @segiddins in #120
- Improved JRuby compatibility by @segiddins in #123
- Enable Style/ImplicitRuntimeError by @segiddins in #121
- Bump the actions group across 1 directory with 5 updates by @dependabot in #124
- Support cpython bundles & fix dsse 0.0.1 entries by @segiddins in #125
- Bump the actions group across 1 directory with 4 updates by @dependabot in #128
- Bump webmock from 3.23.1 to 3.24.0 by @dependabot in #126
- Bump the actions group with 2 updates by @dependabot in #129
- Bump the actions group across 1 directory with 3 updates by @dependabot in #132
- Update required_ruby_version to >= 3.1 by @segiddins in #133
- Bump the actions group across 1 directory with 5 updates by @dependabot in #135
- Bump actions/upload-artifact from 4.4.2 to 4.4.3 in the actions group by @dependabot in #136
- Bump theupdateframework/tuf-conformance from 1df5840ac7d0c8cdec6129f13e448312156e4f2f to 3c2a7a9f839fc1b954c28a1f31fdc9023a63fff5 in the actions group by @dependabot in #137
- Bump rubocop from 1.66.1 to 1.67.0 by @dependabot in #139
- Bump the actions group with 2 updates by @dependabot in #138
- Add a release workflow by @segiddins in #131
- Remove more files from built gem to save space by @segiddins in #141
- Drastically speed up test running on CI by @segiddins in #142
Full Changelog: https://github.com/sigstore/sigstore-ruby/commits/v0.1.0