From 8e365d752bb51f8cb8e6244f85c90bc838ceee58 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Mon, 8 Apr 2024 17:21:46 +0300 Subject: [PATCH] Backport slsa upgrade (#963) * Backport b32ad1bd: Bump slsa-github-generator upgrade * Prepare 2.1.5 release Signed-off-by: Jussi Kukkonen --- .github/workflows/release.yml | 2 +- CHANGELOG.md | 9 ++++++++- sigstore/__init__.py | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3028fd55..7d93a6f5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -105,7 +105,7 @@ jobs: contents: write # To add assets to a release. # Currently this action needs to be referred by tag. More details at: # https://github.com/slsa-framework/slsa-github-generator#verification-of-provenance - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0 with: provenance-name: provenance-sigstore-${{ github.event.release.tag_name }}.intoto.jsonl base64-subjects: "${{ needs.build.outputs.hashes }}" diff --git a/CHANGELOG.md b/CHANGELOG.md index ad7425fc..b61ba735 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,12 @@ All versions prior to 0.9.0 are untracked. ## [Unreleased] +## [2.1.5] + +## Fixed + +* Backported b32ad1bd (slsa-github-generator upgrade) to make release possible + ## [2.1.4] ## Fixed @@ -322,7 +328,8 @@ This is a corrective release for [2.1.1]. ([#351](https://github.com/sigstore/sigstore-python/pull/351)) -[Unreleased]: https://github.com/sigstore/sigstore-python/compare/v2.1.4...HEAD +[Unreleased]: https://github.com/sigstore/sigstore-python/compare/v2.1.5...HEAD +[2.1.5]: https://github.com/sigstore/sigstore-python/compare/v2.1.4...v2.1.5 [2.1.4]: https://github.com/sigstore/sigstore-python/compare/v2.1.3...v2.1.4 [2.1.3]: https://github.com/sigstore/sigstore-python/compare/v2.1.2...v2.1.3 [2.1.2]: https://github.com/sigstore/sigstore-python/compare/v2.1.1...v2.1.2 diff --git a/sigstore/__init__.py b/sigstore/__init__.py index a3327fed..67697bef 100644 --- a/sigstore/__init__.py +++ b/sigstore/__init__.py @@ -25,4 +25,4 @@ * `sigstore.sign`: creation of Sigstore signatures """ -__version__ = "2.1.4" +__version__ = "2.1.5"