github aquaproj/aqua v1.30.0-0
on GitHub

latest releases: v2.37.2, v2.37.1, v2.37.0...
pre-release22 months ago

v1.29.0...v1.30.0-0

Features

#1490 #1511 Install cosign lazily to avoid installing Cosign unnecessarily
#1510 Prevent Cosign from being tampered by hardcoding checksums of Cosign
#1491 #1508 Support verifying Registries' checksums

Support verifying Registries' checksums

#1491 #1508

aqua verifies checksums of Registries if Checksum Verification is enabled.

aqua.yaml 

checksum:
  enabled: true

aqua-checksums.json 

{
  "checksums": [
    {
      "id": "registries/github_content/github.com/aquaproj/aqua-registry/v3.114.0/registry.yaml",
      "checksum": "b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248bd",
      "algorithm": "sha512"
    }
  ]
}

If the checksum is invalid, it would fail to install Registries. 

ERRO[0000] install the registry                          actual_checksum=b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248be aqua_version= env=darwin/arm64 error="check a registry's checksum: checksum is invalid" exe_name=starship expected_checksum=b5b922c4d64609e536daffec6e480d0fed3ee56b16320a10c38ae12df7f045e8b20a0c05ec66eb28146cee42559e5e6c4e4bc49ce89ffe48a5640999cc6248bd program=aqua registry_name=standard
FATA[0000] aqua failed                                   aqua_version= env=darwin/arm64 error="it failed to install some registries" exe_name=starship program=aqua

Others

#1509 init: add .checksum.supported_envs to aqua init's template

Check out latest releases or
releases around aquaproj/aqua v1.30.0-0

Don't miss a new aqua release

NewReleases is sending notifications on new releases.

Get notifications