Releases: slsa-framework/source-tool
Releases · slsa-framework/source-tool
v0.6.3
v0.6.2
This release is a service release focusing mainly on the repository name change from slsa-source-poc to source-tool
What's Changed
- Use new actions on local attest by @puerco in #257
- Fix bug in PR manager causing double commits by @puerco in #281
- Protobuf lint job by @puerco in #280
- Repository rename tasks by @puerco in #284
Full Changelog: v0.6.1...v0.6.2
Contributors
puerco
Assets 7
v0.6.1
What's Changed
- Update verifier paths, bridge ID migration by @puerco in #256
- Control prechecks, implement fork by @puerco in #266
- Run repo workflow template on tag push by @puerco in #258
- Make authenticated calls when ensuring options by @puerco in #267
- Only check WF fork when needed by @puerco in #268
- Fix branch name in new policies by @puerco in #270
- Don't set the PROVENANCE_AVAILABLE since date to Now() by @puerco in #273
- Support updating policies in 'policy create' by @puerco in #276
- Retry commit if signing fails by @puerco in #277
- Retry commit by @puerco in #278
- Add tag protection to policy by @puerco in #279
Contributors
puerco
Assets 7
v0.6.0
sourcetool/v0.5.1
What's Changed
- Fix tag VSAs by @TomHennen in #172
- bump tool version by @TomHennen in #173
Full Changelog: sourcetool/v0.5.0...sourcetool/v0.5.1
Contributors
TomHennen
Assets 2
sourcetool/v0.5.0
What's Changed
- add missing quote by @TomHennen in #152
- Store actor who created the tag in prov by @TomHennen in #153
- specify actor when calling tool for tags by @TomHennen in #154
- Document tag provenance by @TomHennen in #155
- Replace 'Immutable Tags' with 'Tag Hygiene' by @TomHennen in #158
- Use source_refs instead of source_branches. by @TomHennen in #159
- Update design to cover controls more generally by @TomHennen in #160
- Adds Required Status Checks to source provenance as 'controls' by @TomHennen in #161
- ORG_CONTROL -> GH_REQUIRED_CHECK by @TomHennen in #162
- Refactor policy computation by @TomHennen in #164
- Evaluate org provided checks in policy by @TomHennen in #165
- bump tool version by @TomHennen in #166
- Update design to include org required checks in policy. by @TomHennen in #167
- Add Source Level 4 support by @TomHennen in #168
- Require Tag Hygiene at L2+ by @TomHennen in #169
- bump tool version by @TomHennen in #170
Full Changelog: sourcetool/v0.4.1...sourcetool/v0.5.0
Contributors
TomHennen
Assets 2
sourcetool/v0.4.1
Debug release to check metadata output. No functional changes.
sourcetool/v0.4.0
What's Changed
- Implement tag immutability check by @TomHennen in #121
- Link to policy storage location by @TomHennen in #135
- Add unit tests for policy.go by @TomHennen in #142
- Fix panic building policy for repos without provenance by @puerco in #146
- Start creation of a checktag command. by @TomHennen in #149
- Use checktag by @TomHennen in #150
New Contributors
- @kairoaraujo made their first contribution in #124
- @michaelwinser made their first contribution in #126
- @puerco made their first contribution in #146
Full Changelog: sourcetool/v0.3.0...sourcetool/v0.4.0
Contributors
michaelwinser, kairoaraujo, and 2 other contributors
Assets 2
sourcetool/v0.3.0
What's Changed
- Get previous commit for people by @TomHennen in #113
- Add command to verify a commit by @TomHennen in #120
Full Changelog: sourcetool/v0.2.0...sourcetool/v0.3.0
Contributors
TomHennen
Assets 2
sourcetool v0.2.0
What's Changed
- Allow auth with github token by @TomHennen in #96
- SLSA Source VSAs -> Components by @TomHennen in #98
- Add REVIEW_ENFORCED property to source provenance by @TomHennen in #100
- Allow additional controls in policy by @TomHennen in #103
- Make policy easier to deal with by @TomHennen in #106
- Get notes within the tool by @TomHennen in #108
Full Changelog: v0.1.0...sourcetool/v0.2.0
Contributors
TomHennen