Changelog
New Features
- 52f7a9e: feat(tui): yank the patch/diff to clipboard (#725) (@ChausseBenjamin)
- 6856877: feat: add readiness and liveness probes for self healing (#734) (@Jay-Madden)
Bug fixes
- 397288d: fix(ui): help menu on file list view (#719) (@eldondev)
- 5a2bde5: fix: check that commit is a SHA1 (#737) (@caarlos0)
- fa175c7: fix: repo commit help (#736) (@caarlos0)
Other work
- 5d9034c: ci: sync dependabot config (#741) (@charmcli)
- 844f175: ci: sync golangci-lint config (#732) (@github-actions[bot])
- e5edfd5: sec: update git-module (#742) (@caarlos0)
Verifying the artifacts
First, download the checksums.txt file, for example, with wget:
wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.10.0/checksums.txt'Then, verify it using cosign:
cosign verify-blob \
--certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--cert 'https://github.com/charmbracelet/soft-serve/releases/download/v0.10.0/checksums.txt.pem' \
--signature 'https://github.com/charmbracelet/soft-serve/releases/download/v0.10.0/checksums.txt.sig' \
./checksums.txtIf the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:
sha256sum --ignore-missing -c checksums.txtDone! You artifacts are now verified!
Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, Discord, Slack, The Fediverse.