Releases: in-toto/archivista
Releases · in-toto/archivista
v0.4.0
Changelog
What's Changed
- chore: bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in #142
- test: Minor change to increase the coverage by @kairoaraujo in #141
- chore: bump golang from
feceecc
to4db4aac
by @dependabot in #139 - chore: bump github.com/99designs/gqlgen from 0.17.41 to 0.17.42 by @dependabot in #143
- Update README.md by @jkjell in #144
- test: consolidate tests and add code coverage by @kairoaraujo in #145
- chore: bump golang.org/x/sync from 0.5.0 to 0.6.0 by @dependabot in #147
- chore: bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @dependabot in #148
- chore: bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in #149
- 132 feat clo monitor recommendations by @jkjell in #150
- chore: bump golang from 1.21.5-alpine to 1.21.6-alpine by @dependabot in #153
- chore: bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in #157
- Add template for Pull Requests by @prashantrewar in #155
- Fix "uncontrolled data use" by @jkjell in #151
- chore: bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in #161
- chore: bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in #162
- chore: bump actions/dependency-review-action from 3.1.5 to 4.0.0 by @dependabot in #163
- chore: bump github.com/vektah/gqlparser/v2 from 2.5.10 to 2.5.11 by @dependabot in #164
- chore: bump github.com/99designs/gqlgen from 0.17.42 to 0.17.43 by @dependabot in #165
- chore: bump github.com/in-toto/go-witness from 0.2.0 to 0.2.1 by @dependabot in #166
- fix: consistency protection storing attestations by @kairoaraujo in #160
- refactoring: Server API service by @kairoaraujo in #152
- chore: bump golang from
fd78f2f
to51a7800
by @dependabot in #170 - chore: bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #174
- chore: bump github.com/in-toto/go-witness from 0.2.1 to 0.2.2 by @dependabot in #179
- chore: bump alpine from 3.19.0 to 3.19.1 by @dependabot in #177
- chore: bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #176
- chore: bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #175
- chore: bump golang from
51a7800
toa6a7f1f
by @dependabot in #178 - Add Tempalte for Issue by @prashantrewar in #172
- Fix api responses by @kairoaraujo in #173
- chore: bump github.com/swaggo/swag from 1.16.2 to 1.16.3 by @dependabot in #186
- chore: bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot in #184
- chore: bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in #183
- chore: bump step-security/harden-runner from 2.6.1 to 2.7.0 by @dependabot in #182
- chore: bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 by @dependabot in #181
- Add write permissions for PRs by @jkjell in #187
- feat: add ability to distribute artifacts through archivista by @mikhailswift in #188
New Contributors
- @prashantrewar made their first contribution in #155
Full Changelog: v0.3.0...v0.4.0
v0.3.0
Changelog
What's Changed
- chore: bump github.com/in-toto/go-witness from 0.1.18-0.20231214175634-5b5647c42b3c to 0.2.0 by @dependabot in #134
- chore: bump github/codeql-action from 2.22.9 to 3.22.11 by @dependabot in #135
- chore: bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in #136
- chore: bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #137
- test: refactoring e2e & adding tests archivistactl by @kairoaraujo in #131
- feat: Add database migrations by @kairoaraujo in #125
- tests: Include tests for
pkg/api
by @kairoaraujo in #138 - feat: Adding IAM credential type for AWS by @fkautz in #130
Full Changelog: v0.2.0...v0.3.0
v0.2.0
Changelog
First release since moving to in-toto org.
⚠️ Warning ⚠️
go modules have been renamed from github.com/testifysec/archivista => github.com/in-toto/archivista
What's Changed
- docs: add entity relationship diagram by @mikhailswift in #60
- build(deps): bump golang.org/x/net from 0.11.0 to 0.17.0 by @dependabot in #61
- Create dependabot.yml by @jkjell in #63
- chore: bump golang from 1.20.5-alpine to 1.21.3-alpine by @dependabot in #69
- chore: bump docker/login-action from 2 to 3 by @dependabot in #66
- chore: bump actions/setup-go from 2 to 4 by @dependabot in #68
- chore: bump golangci/golangci-lint-action from 2 to 3 by @dependabot in #67
- chore: bump actions/checkout from 2 to 4 by @dependabot in #70
- chore: bump actions/cache from 2 to 3 by @dependabot in #72
- chore: bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.1 by @dependabot in #71
- chore: bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 by @dependabot in #76
- chore: bump github.com/lib/pq from 1.10.7 to 1.10.9 by @dependabot in #75
- chore: bump ariga.io/sqlcomment from 0.0.0-20211020114721-6bb67a62a61a to 0.1.0 by @dependabot in #74
- Update pipeline to use reusable witness workflow by @jkjell in #78
- Fix variables in witness workflow by @jkjell in #79
- chore: bump golang.org/x/sync from 0.1.0 to 0.4.0 by @dependabot in #80
- chore: bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #81
- chore: bump docker/login-action from 2 to 3 by @dependabot in #83
- Add maintainers file by @jkjell in #87
- chore: bump github.com/gorilla/mux from 1.8.0 to 1.8.1 by @dependabot in #84
- chore: bump golang from 1.21.3-alpine to 1.21.4-alpine by @dependabot in #88
- chore: bump golang.org/x/sync from 0.4.0 to 0.5.0 by @dependabot in #86
- chore: bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #85
- chore: bump actions/github-script from 6 to 7 by @dependabot in #89
- chore: bump entgo.io/ent from 0.12.4 to 0.12.5 by @dependabot in #90
- chore: bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 by @dependabot in #91
- chore: bump github.com/99designs/gqlgen from 0.17.5-0.20220428154617-9250f9ac1f90 to 0.17.40 by @dependabot in #82
- [StepSecurity] Apply security best practices by @step-security-bot in #92
- chore: bump golang from
110b07a
to70afe55
by @dependabot in #94 - chore: bump ossf/scorecard-action from 2.0.6 to 2.3.1 by @dependabot in #96
- chore: bump actions/dependency-review-action from 2.5.1 to 3.1.4 by @dependabot in #97
- chore: bump actions/checkout from 3.6.0 to 4.1.1 by @dependabot in #98
- chore: bump github.com/99designs/gqlgen from 0.17.40 to 0.17.41 by @dependabot in #99
- Add Kairo as maintainer by @jkjell in #95
- Fix issues from new pre-commit check by @jkjell in #93
- chore: bump golang from 1.21.4-alpine to 1.21.5-alpine by @dependabot in #103
- fix: license-check workflow Archivist > Archivista by @kairoaraujo in #102
- Auto-update pre-commit hooks PR by @kairoaraujo in #101
- fix: README repository reference name to in-toto by @kairoaraujo in #100
- chore: bump golang from
5c1cabd
tofeceecc
by @dependabot in #118 - chore: bump actions/setup-python from 4.7.1 to 5.0.0 by @dependabot in #115
- chore: bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #116
- chore: bump github/codeql-action from 2.22.8 to 2.22.9 by @dependabot in #117
- build: Update pre-commit hooks by @github-actions in #104
- Initial improvement for Archivista contributors by @kairoaraujo in #114
- refactoring: testifysec/archivista-api as a pkg by @kairoaraujo in #120
- Fixing up CONTRIBUTING and Makefile by @ChaosInTheCRD in #122
- refactoring: Go module path by @kairoaraujo in #121
- Update archivista to use in-toto/go-witness by @jkjell in #123
- fix: unecessary build while running
make run-dev
by @kairoaraujo in #124 - Fix goreleaser to use in-toto org for ghcr by @jkjell in #128
New Contributors
- @dependabot made their first contribution in #61
- @step-security-bot made their first contribution in #92
- @kairoaraujo made their first contribution in #102
- @github-actions made their first contribution in #104
- @ChaosInTheCRD made their first contribution in #122
Full Changelog: v0.1.2...v0.2.0
v0.1.2
Changelog
Features
- 97159e9: feat: add support for postgresql (@mikhailswift)
- 5abcad0: feat: add configurable sql connection parameters (@mikhailswift)
Bug fixes
- ba7cd27: fix: update github actions to use new fulcio url (@mikhailswift)
- 658b3f6: fix: update archivista's usage of updated go-witness function (@mikhailswift)
- b1aac6f: fix: add Time type definition for gqlgen (@mikhailswift)
Others
- 71c6a50: Create label-issues.yml (#57) (@jkjell)
- 9496a68: chore: use logrus directly (@mikhailswift)
- eb5ae1d: chore: update ent and ent/contrib (@mikhailswift)
v0.1.1
v0.1.0-ci-test
v0.1.0
What's Changed
- Add GitLab CI by @colek42 in #1
- add file storage by @fkautz in #3
- fix: update repo path in gitlab ci config by @mikhailswift in #4
- feat: Add blob storage capabilities by @mikhailswift in #5
- feat:more metadata by @mikhailswift in #6
- chore: add error handling to properly rollback transactions by @mikhailswift in #9
- fix mb breaking when the bucket already exists by @fkautz in #8
- feat: expand metadata returned by search call, allow filter on collection name by @mikhailswift in #10
- bug: fix zero bytes before message by @mikhailswift in #11
- Feat/object streaming by @mikhailswift in #12
- Feat/retrieve subjects by @mikhailswift in #15
- chore: rename SSL to TLS by @fkautz in #18
- feat: Adding graphql support for querying and retrieving DSSE metadata. by @fkautz in #17
- chore: update to go-witness 0.1.12 by @mikhailswift in #19
- chore: use the same logging everywhere by @mikhailswift in #20
- perf: batch insertion of subject and subject digests by @mikhailswift in #21
- chore: migrate from gitoid of singular gitbom document to gitoid of the attestation itself by @fkautz in #22
- feat: adding ability to download an artifact by @fkautz in #23
- bug: signature column cannot handle all signatures by @mikhailswift in #26
- Add Github Action workflows by @mikhailswift in #27
- feat: add support for adding CORS Headers by @colek42 in #29
- refactor: remove grpc api by @mikhailswift in #34
- Attempting to fix #38 by @JustinCappos in #39
- chore: update README, add code of conduct by @mikhailswift in #40
- Feat/timestamps by @mikhailswift in #41
- chore: renaming of archivist --> archivista by @colek42 in #47
- feat: collect subjects about in toto statements that contain other predicates by @mikhailswift in #49
- feat: add goreleaser to publish releases and docker images by @mikhailswift in #51
- chore: update go modules to resolve golang CVEs by @fkautz in #52
New Contributors
- @colek42 made their first contribution in #1
- @fkautz made their first contribution in #3
- @JustinCappos made their first contribution in #39
Full Changelog: https://github.com/testifysec/archivista/commits/v0.1.0
v0.0.1-ci-test
Changelog
Features
- ce513d0: feat: Add blob storage capabilities (@sjbodzo)
- 07f3cbe: feat: add minio to docker compose for testing (@mikhailswift)
- b688621: feat: add attestation collection and attestations to schema (@mikhailswift)
- 3617505: feat: add payload digests to schema (@mikhailswift)
- bdf90f2: feat: expand metadata returned by search call, allow filter on collection name (@mikhailswift)
- 0669c6b: feat: object streaming (@mikhailswift)
- 79e0987: feat: Add ability to retrieve subjects for an envelope (@mikhailswift)
- 9d6b8da: feat: Adding graphql support for querying and retrieving DSSE metadata. (@fkautz)
- 061026e: feat: graphql is now configurable in archivist (@fkautz)
- 3463881: feat: adding ability to download an artifact (@fkautz)
- 0f4374c: feat: add support for adding CORS Headers (@colek42)
- 21ab99d: feat: collect subjects about in toto statements that contain other predicates (#49) (@mikhailswift)
- 0b0fa67: feat: add goreleaser to publish releases and docker images (@mikhailswift)
Bug fixes
- 73724b6: fix: update repo path in gitlab ci config (@mikhailswift)
Others
- 2978fd5: initial protobuf, running server, and in-memory storage (@fkautz)
- c11f226: updating README and aligning port in archivistctl to match documentation (@fkautz)
- 5ed8edd: migrating api to its own repo (@fkautz)
- 859e042: implement initial collector service (@fkautz)
- f0c753e: impartial mysql implementation (@fkautz)
- d064092: Update README.md (@fkautz)
- 4f916da: build out entity model a bit more with gitbom tagging support and initial search based on digest values (@fkautz)
- 8f14c8b: perform declarative eager loading of digest search (@fkautz)
- fd71ee8: remove some commented debug code (@fkautz)
- 2ad71bb: adding signatures and simplifying datamodel (@fkautz)
- 82039d1: add ci (@colek42)
- cf49a06: Merge pull request #1 from testifysec/ci (@colek42)
- e2be2db: add file storage (@fkautz)
- ba310ea: chore: update to go-witness (@mikhailswift)
- 49dd67e: Merge pull request #5 from testifysec/feature/blob_store (@fkautz)
- aa95769: Merge pull request #6 from testifysec/feat/more_metadata (@fkautz)
- f5b0203: chore: add error handling to properly rollback transactions (@mikhailswift)
- 1055f0e: fix mb breaking when the bucket already exists (@fkautz)
- ff0d1e9: bug: fix zero bytes before message (#11) (@mikhailswift)
- 5ba09d4: chore: rename SSL to TLS (@fkautz)
- 09663c6: chore: minor updates to graphql config documentation and defaults (@fkautz)
- 84749a6: chore: add some basic documentation to the graphql schema (@fkautz)
- bf7c6e7: chore: update to go-witness 0.1.12 (@mikhailswift)
- 1cb368b: chore: use the same logging everywhere (@mikhailswift)
- 5bcf80b: perf: batch insertion of subject and subject digests (@mikhailswift)
- b28edcf: chore: migrate from gitoid of singular gitbom document to gitoid of the attestation itself (@fkautz)
- 6f80e79: chore: remove dead code (@fkautz)
- 05651b8: bug: signature column cannot handle all signatures (#26) (@mikhailswift)
- 200dffe: chore: add github actions (@mikhailswift)
- 0e0295f: chore: linting and copyright adjustments (@mikhailswift)
- 1416744: refactor: remove grpc api (#34) (@mikhailswift)
- c917fff: Attempting to fix #38 (#39) (@JustinCappos)
- 514e426: chore: update README, add code of conduct (#40) (@mikhailswift)
- a4a0c89: Feat/timestamps (#41) (@mikhailswift)
- 1f459fa: chore: renaming of archivist --> archivista (@colek42)