Request 1189438: Submit cosign - openSUSE Build Service

Overview

Request 1189438 accepted

- update to 2.3.0 (jsc#SLE-23879)
* Features
- Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693)
- add registry options to cosign save (#3645)
- Add debug providers command. (#3728)
- Make config layers in ociremote mountable (#3741)
- adds tsa cert chain check for env var or tuf targets. (#3600)
- add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464)
- add handling of keyless verification for all verify commands (#3761)
* Bug Fixes
- fix: close attestationFile (#3679)
- Set bundleVerified to true after Rekor verification (Resolves #3740) (#3745)
* Documentation
- Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign (#3776)

Created by msmeissn about 2 months ago
In state accepted
Package maintainer: msmeissn

Submit cosign

Comments for request 1189438 0

Login required, please login in order to comment

Request History

msmeissn created request about 2 months ago

- update to 2.3.0 (jsc#SLE-23879)
* Features
- Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693)
- add registry options to cosign save (#3645)
- Add debug providers command. (#3728)
- Make config layers in ociremote mountable (#3741)
- adds tsa cert chain check for env var or tuf targets. (#3600)
- add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464)
- add handling of keyless verification for all verify commands (#3761)
* Bug Fixes
- fix: close attestationFile (#3679)
- Set bundleVerified to true after Rekor verification (Resolves #3740) (#3745)
* Documentation
- Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign (#3776)

msmeissn accepted request about 2 months ago

ok

openSUSE Build Service is sponsored by