Skip to content

v1.2.0-alpha.1

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 13 Jun 10:43
· 91 commits to main since this release
v1.2.0-alpha.1
This tag was signed with the committer’s verified signature.
JeyJeyGao Junjie Gao
GPG key ID: 453D6EEEB4DEA1AC
Learn about vigilant mode.
2f43872
This commit was signed with the committer’s verified signature.
JeyJeyGao Junjie Gao
GPG key ID: 453D6EEEB4DEA1AC
Learn about vigilant mode.

Vote PASSED [+4 -0]: #967

New Features

  • Support OCI image-spec v1.1.0 and distribution-spec v1.1.0.
    • Introduce a new flag --force-referrers-tag (default to true) to the notation sign command, which allows users opt to the referrers tag schema instead of the referrers API.
    • The notation verify / list / inspect commands will always attempt the referrers API first, automatically falling back to the referrers tag schema if the referrers API is not supported by the registry.

Deprecation

Other changes

Detailed Commits

  • bump: tag and release version v1.1.0 by @Two-Hearts in #876
  • build(deps): Bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #878
  • build(deps): Bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #879
  • build(deps): Bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #877
  • bump: bump up oras-go and image-spec by @Two-Hearts in #881
  • build(deps): Bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in #883
  • build(deps): Bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot in #884
  • build(deps): Bump golang.org/x/term from 0.16.0 to 0.17.0 by @dependabot in #886
  • build(deps): Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #887
  • build(deps): Bump codecov/codecov-action from 4.0.1 to 4.0.2 by @dependabot in #896
  • build(deps): Bump github/codeql-action from 3.24.0 to 3.24.5 by @dependabot in #895
  • build(deps): Bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 by @dependabot in #891
  • build(deps): Bump codecov/codecov-action from 4.0.2 to 4.1.0 by @dependabot in #898
  • build(deps): Bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #900
  • build(deps): Bump actions/add-to-project from 0.5.0 to 0.6.0 by @dependabot in #901
  • docs: spec updates for arbitrary blob signing by @rgnote in #811
  • build(deps): Bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #899
  • build(deps): Bump golang.org/x/term from 0.17.0 to 0.18.0 by @dependabot in #906
  • chore: add GitHub action for stale issues and PRs by @yizha1 in #841
  • build(deps): Bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in #908
  • build(deps): Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #907
  • build(deps): Bump actions/stale from 8 to 9 by @dependabot in #915
  • build(deps): Bump actions/add-to-project from 0.6.0 to 0.6.1 by @dependabot in #912
  • build(deps): Bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in #913
  • build(deps): Bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #914
  • build(deps): Bump actions/add-to-project from 0.6.1 to 1.0.0 by @dependabot in #918
  • build(deps): Bump codecov/codecov-action from 4.1.0 to 4.1.1 by @dependabot in #917
  • Moved org maintainers to emeritus by @toddysm in #919
  • fix(ci): update codecov token by @JeyJeyGao in #920
  • feat: upgrade to OCI 1.1 by @Two-Hearts in #916
  • fix: improve error message for --signature-format flag by @JeyJeyGao in #925
  • build(deps): Bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in #922
  • build(deps): Bump golang.org/x/term from 0.18.0 to 0.19.0 by @dependabot in #924
  • build(deps): Bump codecov/codecov-action from 4.1.1 to 4.3.0 by @dependabot in #927
  • build(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 by @dependabot in #928
  • build(deps): Bump golang.org/x/net from 0.17.0 to 0.23.0 in /test/e2e by @dependabot in #929
  • build(deps): Bump actions/upload-artifact from 4.3.1 to 4.3.3 by @dependabot in #936
  • build(deps): Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #939
  • build(deps): Bump golang.org/x/term from 0.19.0 to 0.20.0 by @dependabot in #940
  • build(deps): Bump codecov/codecov-action from 4.3.0 to 4.4.0 by @dependabot in #944
  • build(deps): Bump github/codeql-action from 3.24.10 to 3.25.5 by @dependabot in #945
  • build(deps): Bump actions/checkout from 4.1.2 to 4.1.6 by @dependabot in #946
  • fix: error message for trust policy by @JeyJeyGao in #933
  • doc: add Notation CLI Error Handling and Message Guideline by @FeynmanZhou in #834
  • build(deps): Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 by @dependabot in #951
  • build(deps): Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #950
  • build(deps): Bump codecov/codecov-action from 4.4.0 to 4.4.1 by @dependabot in #949
  • build(deps): Bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in #948
  • build(deps): Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #955
  • bump: bump up notation-go v1.1.1 and other dependencies by @JeyJeyGao in #952
  • build(deps): Bump golang.org/x/term from 0.20.0 to 0.21.0 by @dependabot in #960
  • build(deps): Bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #961
  • build(deps): Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 by @dependabot in #962
  • fix(ci): update goreleaser to use --clean flag by @JeyJeyGao in #964

Full Changelog: v1.1.0...v1.2.0-alpha.1

Contributors

toddysm, rgnote, and 5 other contributors
Assets 8
Loading