Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

gitsign-0.10.2-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: gitsign Distribution: openSUSE Tumbleweed
Version: 0.10.2 Vendor: openSUSE
Release: 1.1 Build date: Tue May 14 07:24:06 2024
Group: Unspecified Build host: reproducible
Size: 58389157 Source RPM: gitsign-0.10.2-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/sigstore/gitsign
Summary: Keyless Git signing using Sigstore
Keyless Git signing with Sigstore!

This is heavily inspired by https://github.com/github/smimesign, but uses keyless Sigstore to sign Git commits with your own GitHub / OIDC identity.

Provides

Requires

License

Apache-2.0

Changelog

* Tue May 14 2024 opensuse_buildservice@ojkastl.de
  - Update to version 0.10.2:
    * Bump golang.org/x/crypto from 0.22.0 to 0.23.0 (#507)
    * Bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2
      (#509)
    * Bump actions/checkout from 4.1.4 to 4.1.5 (#510)
    * Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (#511)
    * Bump google.golang.org/protobuf from 1.34.0 to 1.34.1 (#508)
    * Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#512)
    * Bump anchore/sbom-action from 0.15.10 to 0.15.11 (#498)
    * Bump actions/checkout from 4.1.3 to 4.1.4 (#499)
    * Bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 (#505)
    * Bump actions/setup-go from 5.0.0 to 5.0.1 (#504)
    * Bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#502)
    * Bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#503)
    * Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 (#500)
    * e2e.yaml: Avoid non-versioned TUF metadata (#496)
    * Bump actions/checkout from 4.1.2 to 4.1.3 (#495)
    * Bump golang.org/x/net from 0.22.0 to 0.23.0 (#494)
    * Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#493)
    * Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 (#492)
    * Remove local-user validation. (#491)
    * Bump github.com/sigstore/fulcio from 1.4.4 to 1.4.5 (#488)
    * Bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1
      (#486)
    * Bump github.com/sigstore/rekor from 1.3.5 to 1.3.6 (#487)
    * Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#489)
    * Bump imjasonh/setup-crane from 0.2 to 0.3 (#485)
    * Bump golang.org/x/crypto from 0.21.0 to 0.22.0 (#490)
* Wed Apr 03 2024 opensuse_buildservice@ojkastl.de
  - Update to version 0.10.1:
    * update base image for gitsign to one with shell available
      (#484)
* Wed Apr 03 2024 opensuse_buildservice@ojkastl.de
  - Update to version 0.10.0:
    * Bump actions/cache from 4.0.1 to 4.0.2 (#478)
    * Bump actions/checkout from 4.1.1 to 4.1.2 (#476)
    * Bump anchore/sbom-action from 0.15.9 to 0.15.10 (#480)
    * Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 (#479)
    * Bump github.com/docker/docker (#477)
    * Bump github.com/go-git/go-git/v5 (#481)
    * Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 (#468)
    * Bump github.com/go-openapi/runtime from 0.27.1 to 0.28.0 (#469)
    * Bump github.com/go-openapi/strfmt from 0.22.2 to 0.23.0 (#471)
    * Bump github.com/go-openapi/swag from 0.22.9 to 0.23.0 (#470)
    * Bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 (#482)
    * Bump golang.org/x/crypto from 0.20.0 to 0.21.0 (#474)
    * Bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#472)
    * Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#473)
    * Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 (#467)
    * add gitsign image (#483)
* Sat Mar 16 2024 opensuse_buildservice@ojkastl.de
  - Update to version 0.9.0:
    * Add config options for Autoclose and AutocloseTimeout (#466)
    * Bump actions/cache from 4.0.0 to 4.0.1 (#456)
    * Bump github.com/go-openapi/strfmt from 0.22.0 to 0.22.2 (#464)
    * Update to use go1.22 and ci udpates (#465)
    * Enable autoclose for sigstore confirmation page. (#455)
    * CI updates and fix lints (#461)
    * Remove GITSIGN_LOG env variable. (#463)
    * Run e2e Go tests first. (#462)
    * Add go-git based signer implementation. (#454)
    * Bump github.com/sigstore/protobuf-specs from 0.2.1 to 0.3.0
      (#453)
    * Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#450)
    * Bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 (#449)
    * Add GITSIGN_TOKEN_PROVIDER docs (#447)
    * Add tokenProvider configuration for forcing OIDC providers.
      (#446)
  - BuildRequire go1.22
* Thu Feb 08 2024 opensuse_buildservice@ojkastl.de
  - Update to version 0.8.1:
    * Bump github.com/sigstore/rekor from 1.3.4 to 1.3.5 (#443)
    * Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#444)
    * Bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 (#442)
    * Bump anchore/sbom-action from 0.15.5 to 0.15.8 (#445)
    * Bump anchore/sbom-action from 0.15.4 to 0.15.5 (#441)
    * Bump github.com/go-openapi/swag from 0.22.7 to 0.22.9 (#440)
    * Bump github.com/go-openapi/runtime from 0.26.2 to 0.27.1 (#439)
    * Bump github.com/sigstore/sigstore from 1.8.0 to 1.8.1 (#438)
    * Bump anchore/sbom-action from 0.15.3 to 0.15.4 (#437)
    * Bump actions/cache from 3.3.3 to 4.0.0 (#436)
    * Bump anchore/sbom-action from 0.15.2 to 0.15.3 (#435)
    * Bump actions/cache from 3.3.2 to 3.3.3 (#434)
    * Bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#433)
    * Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 (#431)
    * Bump anchore/sbom-action from 0.15.1 to 0.15.2 (#430)
    * Bump github.com/go-openapi/strfmt from 0.21.10 to 0.22.0 (#428)
    * Bump github.com/go-openapi/swag from 0.22.6 to 0.22.7 (#429)
    * Bump github.com/sigstore/sigstore from 1.7.6 to 1.8.0 (#424)
    * Bump github.com/go-openapi/swag from 0.22.5 to 0.22.6 (#425)
    * Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#427)
    * Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#423)
    * Bump github.com/go-openapi/strfmt from 0.21.9 to 0.21.10 (#422)
    * Bump github.com/go-openapi/swag from 0.22.4 to 0.22.5 (#421)
    * Bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#420)
    * Bump github.com/go-openapi/runtime from 0.26.0 to 0.26.2 (#414)
    * Bump github.com/sigstore/cosign/v2 from 2.2.1 to 2.2.2 (#416)
    * Bump actions/setup-go from 4.1.0 to 5.0.0 (#412)
    * Bump anchore/sbom-action from 0.15.0 to 0.15.1 (#413)
    * Bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 (#417)
    * Bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#418)
    * Bump github.com/go-openapi/strfmt from 0.21.8 to 0.21.9 (#419)
    * Bump github.com/coreos/go-oidc/v3 from 3.8.0 to 3.9.0 (#415)
    * Bump github.com/go-openapi/strfmt from 0.21.7 to 0.21.8 (#410)
    * Bump github.com/sigstore/rekor from 1.3.3 to 1.3.4 (#409)
    * Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.8.0 (#408)
    * Bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 (#406)
    * Bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 (#407)
    * Bump anchore/sbom-action from 0.14.3 to 0.15.0 (#405)
    * Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (#404)
    * Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (#401)
    * Bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#403)
* Fri Nov 10 2023 kastl@b1-systems.de
  - Update to version 0.8.0:
    * Add options for Rekor client, make public key fetcher
      configurable. (#399)
    * Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.1 (#400)
    * Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#397)
    * Bump github.com/sigstore/rekor from 1.3.2 to 1.3.3 (#398)
    * Bump github.com/docker/docker (#396)
    * Bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 (#394)
    * Bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 (#395)
    * Bump actions/checkout from 4.1.0 to 4.1.1 (#393)
    * Bump github.com/coreos/go-oidc/v3 from 3.6.0 to 3.7.0 (#392)
    * Bump github.com/sigstore/fulcio from 1.4.0 to 1.4.3 (#389)
    * Bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 (#388)
    * Bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#385)
    * Bump github.com/sigstore/rekor from 1.3.0 to 1.3.2 (#390)
    * Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#391)
    * Bump golang.org/x/net from 0.15.0 to 0.17.0 (#387)
    * Bump golang.org/x/crypto from 0.13.0 to 0.14.0 (#386)
    * upgrade to go1.21 (#383)
    * Bump e2e github actions workflows to go 1.21 (#384)
    * Bump actions/checkout from 4.0.0 to 4.1.0 (#381)
    * Bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 (#379)
    * Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 (#380)
    * Bump actions/checkout from 3.6.0 to 4.0.0 (#375)
    * Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 (#373)
    * Bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#377)
    * Bump actions/cache from 3.3.1 to 3.3.2 (#374)
    * Bump github.com/sigstore/rekor from 1.2.2 to 1.3.0 (#370)
    * Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (#372)
    * Bump github.com/sigstore/sigstore from 1.7.2 to 1.7.3 (#371)
    * Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#369)
    * Bump actions/checkout from 3.5.3 to 3.6.0 (#368)
    * Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#366)
    * Bump github.com/sigstore/protobuf-specs from 0.2.0 to 0.2.1
      (#367)
    * Bump actions/setup-go from 4.0.1 to 4.1.0 (#362)
    * Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (#363)
    * Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 (#361)
    * Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#360)
    * Bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#359)
    * Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#358)
    * Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 (#356)
    * Bump github.com/sigstore/fulcio from 1.3.4 to 1.4.0 (#357)
    * Updates to avoid values appearing in certificates (#354)
    * Bump github.com/sigstore/fulcio from 1.3.3 to 1.3.4 (#351)
    * Bump github.com/secure-systems-lab/go-securesystemslib (#353)
    * Bump github.com/sigstore/protobuf-specs from 0.1.0 to 0.2.0
      (#352)
    * Bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#349)
    * Bump github.com/sigstore/fulcio from 1.3.2 to 1.3.3 (#348)
    * Bump github.com/sigstore/fulcio from 1.3.1 to 1.3.2 (#345)
    * Bump dependabot/fetch-metadata from 1.5.1 to 1.6.0 (#343)
    * Bump github.com/sigstore/rekor (#347)
    * Bump github.com/sigstore/cosign/v2 from 2.1.0 to 2.1.1 (#344)
    * Bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#342)
    * Bump github.com/sigstore/sigstore from 1.7.0 to 1.7.1 (#340)
    * Bump github.com/sigstore/cosign/v2 (#341)
    * Bump anchore/sbom-action from 0.14.2 to 0.14.3 (#339)
    * Bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#338)
    * Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (#333)
    * Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#334)
    * Bump github.com/sigstore/sigstore from 1.6.5 to 1.7.0 (#337)
    * Bump golang.org/x/crypto from 0.9.0 to 0.10.0 (#336)
    * Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#332)
    * Bump actions/checkout from 3.5.2 to 3.5.3 (#331)
    * Fix offline verification marshalling, add e2e tests. (#330)
    * update sigstore/sigstore and cosign (#329)
    * Bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#327)
    * Bump dependabot/fetch-metadata from 1.4.0 to 1.5.1 (#323)
    * Bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#325)
    * Bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#324)
    * Bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#322)
    * Add gitsign initialize. (#321)
* Tue May 23 2023 kastl@b1-systems.de
  - Update to version 0.7.1:
    * Offline verification: refactor to make it clear no signature
      checks are happening. (#319)
    * Revoke v0.7.0 (#318)
* Tue May 23 2023 kastl@b1-systems.de
  - Update to version 0.7.0:
    * Bump github.com/jonboulle/clockwork from 0.3.0 to 0.4.0 (#316)
    * Add offline verification (#220)
    * Bump github.com/coreos/go-oidc/v3 from 3.5.0 to 3.6.0 (#314)
    * Bump sigstore/cosign-installer from 3.0.3 to 3.0.5 (#313)
    * Bump actions/setup-go from 4.0.0 to 4.0.1 (#312)
    * Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#310)
    * Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#311)
    * Bump github.com/docker/distribution (#309)
    * Bump github.com/cloudflare/circl from 1.3.1 to 1.3.3 (#308)
    * Bump github.com/sigstore/fulcio from 1.2.0 to 1.3.1 (#302)
    * Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4 (#304)
    * Bump github.com/in-toto/in-toto-golang from 0.8.0 to 0.9.0
      (#305)
    * Bump anchore/sbom-action from 0.14.1 to 0.14.2 (#307)
    * Bump github.com/mattn/go-tty from 0.0.4 to 0.0.5 (#306)
    * Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#300)
    * Bump github.com/in-toto/in-toto-golang from 0.7.1 to 0.8.0
      (#298)
    * Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2 (#299)
    * Bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#297)
    * Bump actions/checkout from 3.5.0 to 3.5.2 (#289)
    * Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3 (#296)
    * Bump github.com/go-openapi/runtime from 0.25.0 to 0.26.0 (#295)
    * Bump dependabot/fetch-metadata from 1.3.6 to 1.4.0 (#294)
    * Ensure that io writers are properly closed. (#292)
    * Bump github.com/sigstore/sigstore from 1.6.1 to 1.6.2 (#290)
    * Fix e2e test for initializing cosign (#287)
    * Update e2e test to use CDN instead of GCS (#285)
    * Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#283)
* Mon May 01 2023 Johannes Kastl <kastl@b1-systems.de>
  - new package gitsign: Keyless Git signing using Sigstore

Files

/usr/bin/gitsign
/usr/share/doc/packages/gitsign
/usr/share/doc/packages/gitsign/README.md
/usr/share/licenses/gitsign
/usr/share/licenses/gitsign/LICENSE


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 25 00:02:12 2024