This release features a few major changes for sbctl!
sbsigntools removal
Since this project started a year ago the goal was also to have the reliance on sbsigntools be a temporary affairs while go-uefi was shaping up to replace it. This has taken quite a bit of time due to lack of time and ensuring proper integration testing to ensure the library is working as intended.
Over the pat month go-uefi got some integration testing done, along with some duplicated work over to sbctl to have key enrollment and signature validation tested through OVMF and tianocore. This ensures that we can hopefully guarantee signing is not bugged and any regressions caught.
Because of this sbctl now implements all secure boot operations through go-uefi and no longer relies on sbsigntools, hopefully this removes some classes of bugs due to key enrollment.
cmd/sbctl refactor and json output
The other larger change is an overhaul of the command line structure in sbctl which makes it easier to extend and adapt future sub command. A lot of these changes won't be visible for end-users, but it does allow for some neat usage of --json output along with better error feedback through the program.
sbctl list-files --json should be a lot easier to parse with jq then going through normal string parsing.
Please do note that the json structure might change and not all commands have been covered yet.
User Interface changes
sbctl now sports a new look. The original command line design dates back to the original efi-roller tool which had output format copy-pasted from other bash-based Arch tooling. Arguably it's not really pretty. It also made it hard to properly format and kill off the color at the appropriate place. The new output should be more in line with existing *ctl tooling and feel modern.