notaryproject/ratify v1.4.0-rc.1

on GitHub

✨ New Features

• feat: support enabled status for kmp keys/certs by @duffney in #1874
• feat: support alibaba cloud rrsa store auth provider by @DahuK in #1909
• feat: add support for crl basic functionality with built-in cache by @junczhu in #1890
• feat: implementation of KMP CRL revocation factory with cache by @junczhu in #1900
• feat: enables CRL configuration by @junczhu in #1941
• feat: add more notation trust policy attributes to values.yaml by @shahramk64 in #1982

Other Enhancements

• Report more debug info in external data response by @binbin-li #1697
• Make notation verifier installation optional on ratify installation by @shahramk64 #1719
• Migrate to latest Azure container registry SDK by @shahramk64 #1829
• Refactor Azure authentication support to use azidentity by @shahramk64 #1904
• Sign Ratify release assets by @akashsinghal #1947
• Ratify to support out-of-box experience for typical scenarios by @shahramk64 #1982
• Update Kubernetes support matrix by @shahramk64 #2013
• Additional env vars for ratify container via helm chart by @mannbiher in #1854
• Allow service account annotations by @mannbiher in #1907

🔐 Security

• chore: bump up golang.org/x/crypto pkg to fix vuln by @junczhu in #1981
• fix: fix vuln in /x/net pkg by @junczhu in #1993

📄 Documentation

• docs: add config path arg to launch.json, update instructions by @shahramk64 in #1800
• docs: some improvement in release instructions by @junczhu in #1815
• docs: add commits doc to contributing guide by @susanshi in #1844
• docs: design proposal for tag and digest co-existing [ISSUE 1657] by @emalprokt in #1793
• docs: add CRL Design by @junczhu in #1789
• docs: Create proposal for verifying 'last-n' artifacts only. by @asafalgawi in #1797
• docs: nVersionCount support for KMP design doc by @duffney in #1831
• docs: update dev image release guidance by @akashsinghal in #1974
• docs: Fix typos in CONTRIBUTING.md by @cclauss in #2005

🎉 New Contributors

• @emalprokt made their first contribution in #1793
• @asafalgawi made their first contribution in #1797
• @JoupainMD made their first contribution in #1954
• @cclauss made their first contribution in #2005
• @DahuK made their first contribution in #2012

Changelog

• 0ee96d8 Create ratify-weekly-notes-2023-Jun-2024-Jun.md
• 3bafc56 Merge branch 'dev' into clean-package
• 581be1e Merge branch 'dev' into dependabot/docker/alpine-0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5
• 7e387db Merge branch 'dev' into dependabot/docker/dot-devcontainer/vscode/devcontainers/go-8cb4ef6
• bd2f5ca Merge branch 'dev' into dependabot/docker/dot-devcontainer/vscode/devcontainers/go-dca0f2c
• cca0a13 Merge branch 'dev' into dependabot/docker/httpserver/golang-b405b62
• 72025fb Merge branch 'dev' into dependabot/github_actions/actions/upload-artifact-4.3.4
• bb8d7f0 Merge branch 'dev' into dependabot/github_actions/actions/upload-artifact-4.3.6
• 0447079 Merge branch 'dev' into dependabot/github_actions/anchore/sbom-action-0.17.1
• e353f38 Merge branch 'dev' into dependabot/go_modules/github.com/google/go-containerregistry-0.20.2
• 6ebd6f1 Merge branch 'dev' into dependabot/go_modules/github.com/owenrumney/go-sarif/v2-2.3.3
• bb8516e Merge branch 'dev' into dependabot/go_modules/github.com/sigstore/sigstore-1.8.8
• 52f92d1 Merge branch 'dev' into dev
• 5b7c4e0 Merge branch 'dev' into error-log-message
• 220dfce Merge branch 'dev' into error-log-message
• 451390b Merge branch 'dev' into error-log-message
• 18f071a Merge branch 'dev' into fix-codecov
• 7e74e12 Merge branch 'dev' into ignore-experimental-test
• 9c534dc Merge branch 'dev' into isolate-metrics
• 4cf6b6c Merge branch 'dev' into isolate-metrics
• ec20d28 Merge branch 'dev' into isolate-metrics
• 50b334d Merge branch 'dev' into isolate-metrics
• 0b58daf Merge branch 'dev' into notes
• 4bbd9f1 Merge branch 'dev' into proposal_errorimprovements
• 8549d91 Merge branch 'dev' into ratify-err-doc
• 060c5a5 Merge branch 'dev' into ratify-err-doc
• 518ad3d Merge branch 'dev' into remove-autorest-adal
• f510dd9 Merge branch 'dev' into remove-autorest-adal
• 6f92077 Merge branch 'dev' into template-result
• e757310 Merge branch 'dev' into verification-response
• 34fbf9f Merge branch 'main' into dev
• 49201e9 Merge branch 'main' into staging
• f201712 Merge branch 'main' into staging
• 8c87951 Merge branch 'staging' into dependabot/github_actions/codecov/codecov-action-4.3.0
• 73ef709 Merge branch 'staging' into multi-tenancy-pr-2
• 6a93bbf Merge pull request #1358 from binbin-li/multi-tenancy-pr-2
• 6daec5d Merge pull request #1376 from deislabs/staging
• 9ac7d5a Merge pull request #1379 from deislabs/dependabot/github_actions/codecov/codecov-action-4.3.0
• 6a5f10c Merge pull request #1388 from deislabs/staging
• 6a26a56 Merge pull request #1424 from deislabs/dev
• 194c2aa Merge pull request #1431 from akashsinghal/akashsinghal/fixCosignConfig
• f0b1e6b Merge pull request #1444 from deislabs/dev
• d78461a Merge pull request #1480 from deislabs/dev
• c92687d Merge pull request #1499 from deislabs/dev
• 61f7c60 Merge pull request #1520 from binbin-li/isolate-metrics
• 340c4db Merge pull request #1521 from susanshi/dev
• 8a6f018 Merge pull request #1532 from binbin-li/clean-package
• b6a5701 Merge pull request #1533 from ratify-project/dev
• 6443a65 Merge pull request #1539 from binbin-li/run-scorecard-on-dev
• d9d46fe Merge pull request #1542 from binbin-li/fix-vulnerability
• 5d4720f Merge pull request #1563 from ratify-project/dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.6.0
• 5e81022 Merge pull request #1581 from ratify-project/dev
• 9bf9232 Merge pull request #1585 from ratify-project/dev
• 47b3331 Merge pull request #1589 from ratify-project/dependabot/docker/httpserver/golang-b405b62
• e4c58e2 Merge pull request #1590 from ratify-project/dependabot/docker/alpine-b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
• db3b86f Merge pull request #1597 from ratify-project/dev
• 7f1ecfb Merge pull request #1608 from susanshi/notes
• 357eb51 Merge pull request #1613 from ZAFT-Armored-Keeper-of-Unity/helmfile-update-1.13.2
• db7e6ee Merge pull request #1614 from ratify-project/dev
• 61e0fed Merge pull request #1621 from ratify-project/dependabot/docker/httpserver/golang-fcae9e0
• e62cd8e Merge pull request #1622 from ratify-project/dependabot/github_actions/actions/upload-artifact-4.3.4
• 9551205 Merge pull request #1624 from binbin-li/ignore-experimental-test
• 03216af Merge pull request #1628 from ratify-project/dependabot/github_actions/actions/setup-go-5.0.2
• 11a683d Merge pull request #1631 from ratify-project/dev
• 643e98a Merge pull request #1632 from ratify-project/dependabot/go_modules/github.com/owenrumney/go-sarif/v2-2.3.3
• e7aa02a Merge pull request #1634 from ratify-project/dependabot/go_modules/github.com/sigstore/sigstore-1.8.7
• 9549d66 Merge pull request #1635 from ratify-project/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.26
• 9c9cb05 Merge pull request #1636 from ratify-project/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/credentials-1.17.26
• 1d6e824 Merge pull request #1637 from ratify-project/dependabot/docker/dot-devcontainer/vscode/devcontainers/go-dca0f2c
• 089edf1 Merge pull request #1643 from ratify-project/dev
• dfe9d0a Merge pull request #1647 from ratify-project/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.27
• 9db35b0 Merge pull request #1651 from ratify-project/dependabot/github_actions/docker/login-action-3.3.0
• b8f0e29 Merge pull request #1656 from binbin-li/template-result
• 99d5629 Merge pull request #1661 from ratify-project/dev
• 1ecd579 Merge pull request #1662 from yizha1/proposal_errorimprovements
• 3c28fd4 Merge pull request #1665 from ratify-project/dependabot/github_actions/github/codeql-action-3.25.15
• d442fad Merge pull request #1666 from ratify-project/dependabot/docker/alpine-0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5
• 90367de Merge pull request #1668 from binbin-li/ratify-err-doc
• 294a715 Merge pull request #1671 from binbin-li/verification-response
• b0d8a2d Merge pull request #1672 from ratify-project/dependabot/github_actions/golangci/golangci-lint-action-6.1.0
• bd87979 Merge pull request #1674 from ratify-project/dependabot/go_modules/github.com/docker/docker-26.1.4incompatible
• e8f8000 Merge pull request #1675 from binbin-li/error-log-message
• ba5638e Merge pull request #1676 from binbin-li/fix-codecov
• b652e00 Merge pull request #1677 from binbin-li/fix-codecov
• 98c8513 Merge pull request #1683 from ratify-project/dev
• e222c72 Merge pull request #1684 from ratify-project/dependabot/github_actions/actions/upload-artifact-4.3.5
• 56ffab4 Merge pull request #1688 from binbin-li/remove-autorest-adal
• 300401c Merge pull request #1689 from ratify-project/dependabot/github_actions/step-security/harden-runner-2.9.1
• c83f3f8 Merge pull request #1691 from ratify-project/dependabot/github_actions/actions/upload-artifact-4.3.6
• e6f031b Merge pull request #1692 from ratify-project/dependabot/github_actions/github/codeql-action-3.26.0
• 8a8192d Merge pull request #1695 from ratify-project/dependabot/github_actions/sigstore/cosign-installer-3.6.0
• 5dfa65d Merge pull request #1701 from ratify-project/dev
• e1cf41e Merge pull request #1703 from ratify-project/dependabot/go_modules/github.com/sigstore/sigstore-1.8.8
• f78f69d Merge pull request #1704 from ratify-project/dependabot/go_modules/github.com/google/go-containerregistry-0.20.2
• 956109c Merge pull request #1705 from ratify-project/dependabot/docker/dot-devcontainer/vscode/devcontainers/go-8cb4ef6
• 6ba1c32 Merge pull request #1706 from ratify-project/dependabot/docker/httpserver/golang-2bd56f0
• c098e93 Merge pull request #1708 from ratify-project/dependabot/github_actions/github/codeql-action-3.26.1
• 2b270c3 Merge pull request #1709 from ratify-project/dependabot/github_actions/anchore/sbom-action-0.17.1
• 1ddf2f9 Merge pull request #1714 from ratify-project/dependabot/github_actions/github/codeql-action-3.26.2
• 9923d7f Merge pull request #1716 from ratify-project/dev
• 2ece97d Merge pull request #1743 from ratify-project/dev
• 603cb58 Merge pull request #1767 from ratify-project/dev
• 98dd1d9 Merge pull request #1780 from ratify-project/dev
• 0cdd2fb Merge pull request #1804 from ratify-project/dev
• cab90e2 Merge pull request #1821 from ratify-project/dev
• 6280f46 Merge pull request #1833 from ratify-project/dev
• f3c8f92 Merge pull request #1875 from ratify-project/dev
• 6ef3ac3 Merge pull request #1895 from ratify-project/dev
• 1e5f1c3 Merge pull request #1908 from ratify-project/dev
• 4f3580f Merge pull request #1921 from ratify-project/dev
• ba7672c Merge pull request #1931 from ratify-project/dev
• 9e77650 Merge pull request #1950 from ratify-project/dev
• 3f148e5 Merge pull request #1956 from ratify-project/dev
• 001af63 Merge pull request #1968 from ratify-project/dev
• c14bb55 Merge pull request #1984 from ratify-project/dev
• d59935b Merge pull request #1996 from ratify-project/dev
• 7faeb2a Merge pull request #2003 from ratify-project/dev
• 8cad953 Merge pull request #2008 from ratify-project/dev
• 1d5e1c0 Revert "chore: Bump actions/checkout from 4.1.1 to 4.1.2" (#1372)
• 9862c66 Update go.mod
• a000acb add crd build step
• 034f5ec build: Add codecov token (#1373)
• e033cb2 build: add SBOM & provenance docker build attestations (#1596)
• a2efeb7 build: add image signing for all release images (#1947)
• 17f829a build: add image signing for dev images and add release sbom (#1629)
• a8e2ada build: add manual package installation for pass to support new GH runner image (#1990)
• 60c9b85 build: add workflow for publishing cosign sample image (#1640)
• fe31326 build: bump up upload-artifact action to v4.0.0 (#1227)
• f006b88 build: fix unpinned images (#1420)
• 9f9f551 build: ignore CVE-2022-48174 (#1421)
• 9c11f81 build: update Bridge to Kubernetes debugging steps (#1384)
• 04b8cb8 build: update deployment template azure workload identity annotation (#1320)
• 7657a3f chore: update CRD and related code to enable type field (#1779)
• 0c39265 chore: Bump actions/cache from 4.1.2 to 4.2.0 (#1967)
• 95c1dcb chore: Bump actions/checkout from 4.1.1 to 4.1.2 (#1332)
• c01a617 chore: Bump actions/checkout from 4.1.1 to 4.1.2 (#1365)
• 927b63c chore: Bump actions/checkout from 4.1.1 to 4.1.2 (#1368)
• a73348e chore: Bump actions/checkout from 4.1.2 to 4.1.3 (#1411)
• 6b30ace chore: Bump actions/checkout from 4.1.2 to 4.1.6 (#1530)
• 9336c7f chore: Bump actions/checkout from 4.1.3 to 4.1.4 (#1414)
• 0df413b chore: Bump actions/checkout from 4.1.4 to 4.1.5 (#1447)
• daba3f0 chore: Bump actions/checkout from 4.1.5 to 4.1.6 (#1485)
• ac02e7a chore: Bump actions/checkout from 4.1.6 to 4.1.7 (#1569)
• 2a7ec4d chore: Bump actions/checkout from 4.1.7 to 4.2.0 (#1830)
• f6fae7e chore: Bump actions/checkout from 4.2.0 to 4.2.1 (#1857)
• 2796321 chore: Bump actions/checkout from 4.2.1 to 4.2.2 (#1893)
• ebdf969 chore: Bump actions/setup-go from 5.0.0 to 5.0.1 (#1438)
• 7a2d7c6 chore: Bump actions/setup-go from 5.0.0 to 5.0.1 (#1528)
• 5d992c3 chore: Bump actions/setup-go from 5.0.1 to 5.0.2
• e9152c9 chore: Bump actions/setup-go from 5.0.2 to 5.1.0 (#1894)
• 303c52e chore: Bump actions/setup-go from 5.1.0 to 5.2.0 (#1979)
• 4c61abd chore: Bump actions/upload-artifact from 4.0.0 to 4.1.0 (#1261)
• 132c53c chore: Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#1270)
• 620ef14 chore: Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#1279)
• c6d62fb chore: Bump actions/upload-artifact from 4.3.0 to 4.3.1 (#1303)
• 56be5bb chore: Bump actions/upload-artifact from 4.3.1 to 4.3.2 (#1410)
• 6beff39 chore: Bump actions/upload-artifact from 4.3.2 to 4.3.3 (#1412)
• 94457a7 chore: Bump actions/upload-artifact from 4.3.3 to 4.3.4
• 3bb4224 chore: Bump actions/upload-artifact from 4.3.4 to 4.3.5
• 46280e0 chore: Bump actions/upload-artifact from 4.3.5 to 4.3.6
• 2b1c461 chore: Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#1771)
• 2b1890b chore: Bump actions/upload-artifact from 4.4.0 to 4.4.1 (#1855)
• 4ed4425 chore: Bump actions/upload-artifact from 4.4.1 to 4.4.3 (#1859)
• 6c1274f chore: Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#1991)
• f6743d0 chore: Bump alpine from 0a4eaa0 to beefdbd (#1786)
• bb71ae7 chore: Bump alpine from 1e42bbe to 21dc606 (#1972)
• 27ca126 chore: Bump alpine from 77726ef to b89d9c9
• 14624cc chore: Bump alpine from b89d9c9 to 0a4eaa0
• 7e6e96c chore: Bump alpine from beefdbd to 1e42bbe (#1937)
• 5d3da87 chore: Bump alpine from c5b1261 to 77726ef (#1517)
• 60a21cd chore: Bump anchore/sbom-action from 0.17.0 to 0.17.1
• c8c9c0e chore: Bump anchore/sbom-action from 0.17.1 to 0.17.2 (#1737)
• 130194f chore: Bump anchore/sbom-action from 0.17.2 to 0.17.4 (#1872)
• 75ed5ba chore: Bump anchore/sbom-action from 0.17.4 to 0.17.5 (#1882)
• 36a9b6e chore: Bump anchore/sbom-action from 0.17.5 to 0.17.6 (#1903)
• 4f8dc7c chore: Bump anchore/sbom-action from 0.17.6 to 0.17.7 (#1915)
• b31e250 chore: Bump anchore/sbom-action from 0.17.7 to 0.17.8 (#1948)
• c6b3dae chore: Bump anchore/sbom-action from 0.17.8 to 0.17.9 (#1988)
• affa5e5 chore: Bump apache/skywalking-eyes from 6753eaeab2d30d8b777f33637bf48794f70888d0 to cd7b195c51fd3d6ad52afceb760719ddc6b3ee91 (#1370)
• 9609143 chore: Bump apache/skywalking-eyes from 97538682f556b56cc7422ece660d8d7e6c4fb013 to 6753eaeab2d30d8b777f33637bf48794f70888d0 (#1362)
• 8fc65fd chore: Bump apache/skywalking-eyes from e6d1ce46901c759d9d9f84f8bcb97ad028cd5f88 to 97538682f556b56cc7422ece660d8d7e6c4fb013 (#1355)
• bad77bd chore: Bump apache/skywalking-eyes from ed436a5593c63a25f394ea29da61b0ac3731a9fe to 6753eaeab2d30d8b777f33637bf48794f70888d0 (#1366)
• 404da73 chore: Bump apache/skywalking-eyes from ed436a5593c63a25f394ea29da61b0ac3731a9fe to e6d1ce46901c759d9d9f84f8bcb97ad028cd5f88 (#1348)
• 5f33fd8 chore: Bump apache/skywalking-eyes from ee81ff786927ea6ffa48b1e29c48e5289f4753aa to ed436a5593c63a25f394ea29da61b0ac3731a9fe (#1231)
• 1757d2a chore: Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 (#1873)
• 64d8c0b chore: Bump azure/login from 1.5.1 to 1.6.0 (#1255)
• c75c5b4 chore: Bump azure/login from 1.6.0 to 1.6.1 (#1266)
• 585fb83 chore: Bump azure/login from 1.6.1 to 2.0.0 (#1330)
• cc7d780 chore: Bump azure/login from 2.0.0 to 2.1.0 (#1400)
• bc771ca chore: Bump azure/login from 2.1.0 to 2.1.1 (#1507)
• a08976e chore: Bump azure/login from 2.1.1 to 2.2.0 (#1816)
• ccba7c8 chore: Bump codecov/codecov-action from 3.1.4 to 3.1.5 (#1281)
• 2f47715 chore: Bump codecov/codecov-action from 3.1.5 to 3.1.6 (#1288)
• 74cf3b2 chore: Bump codecov/codecov-action from 3.1.6 to 4.0.0 (#1291)
• 3c94dd4 chore: Bump codecov/codecov-action from 4.0.0 to 4.0.1 (#1298)
• 0b0e292 chore: Bump codecov/codecov-action from 4.0.1 to 4.0.2 (#1316)
• b2365ac chore: Bump codecov/codecov-action from 4.0.2 to 4.1.0 (#1317)
• 75976cc chore: Bump codecov/codecov-action from 4.1.0 to 4.1.1 (#1354)
• 36162f0 chore: Bump codecov/codecov-action from 4.1.1 to 4.2.0 (#1363)
• d1acec0 chore: Bump codecov/codecov-action from 4.2.0 to 4.3.0
• 6163b7e chore: Bump codecov/codecov-action from 4.3.0 to 4.3.1 (#1433)
• 8d0a262 chore: Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#1477)
• 0a9640b chore: Bump codecov/codecov-action from 4.4.0 to 4.4.1 (#1496)
• 4594acb chore: Bump codecov/codecov-action from 4.4.1 to 4.5.0 (#1571)
• ad5cdcf chore: Bump codecov/codecov-action from 4.5.0 to 4.6.0 (#1842)
• a3b5d53 chore: Bump codecov/codecov-action from 4.6.0 to 5.0.2 (#1932)
• 04d1de7 chore: Bump codecov/codecov-action from 5.0.2 to 5.0.4 (#1939)
• 675a5d6 chore: Bump codecov/codecov-action from 5.0.4 to 5.0.7 (#1946)
• 9db18d3 chore: Bump codecov/codecov-action from 5.0.7 to 5.1.1 (#1966)
• 4e43312 chore: Bump codecov/codecov-action from 5.1.1 to 5.1.2 (#1994)
• 4ffcf5e chore: Bump distroless/static from 26f9b99 to 3a03fc0 in /httpserver (#1899)
• d350f5c chore: Bump distroless/static from 3a03fc0 to d71f4b2 in /httpserver (#1935)
• 4cd6ba2 chore: Bump distroless/static from 42d15c6 to dcd3f1f in /httpserver (#1827)
• ab77d70 chore: Bump distroless/static from 8dd8d3c to 42d15c6 in /httpserver (#1787)
• ca88b62 chore: Bump distroless/static from d71f4b2 to 6cd937e in /httpserver (#1960)
• 8786419 chore: Bump distroless/static from dcd3f1f to 26f9b99 in /httpserver (#1838)
• d8f86fb chore: Bump distroless/static from e9ac71e to 8dd8d3c in /httpserver (#1620)
• 1f50ed8 chore: Bump docker/login-action from 3.0.0 to 3.1.0 (#1335)
• ab324ad chore: Bump docker/login-action from 3.1.0 to 3.2.0 (#1522)
• 07f3f79 chore: Bump docker/login-action from 3.2.0 to 3.3.0
• ff0a3ec chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.11.0 to 1.11.1 (#1407)
• 68a1d58 chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.0 to 1.9.1 (#1225)
• 7e783db chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.1 to 1.9.2 (#1306)
• ce317dc chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
• 03bde0e chore: Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.5.2 (#1392)
• 68af47a chore: Bump github.com/Azure/go-autorest/autorest/adal from 0.9.23 to 0.9.24 (#1534)
• e527936 chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.0 to 1.2.1 (#1252)
• fa14b0e chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.1 to 1.2.2 (#1315)
• b82b60d chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.2 to 1.2.3 (#1910)
• 0948848 chore: Bump github.com/aliyun/credentials-go from 1.3.10 to 1.3.11 (#1934)
• f5089fc chore: Bump github.com/aws/aws-sdk-go-v2 from 1.26.0 to 1.26.1 (#1394)
• 31f63a5 chore: Bump github.com/aws/aws-sdk-go-v2 from 1.32.2 to 1.32.3 (#1912)
• aea5af3 chore: Bump github.com/aws/aws-sdk-go-v2 from 1.32.6 to 1.32.7 (#1999)
• 7d3a605 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.25.11 to 1.25.12 (#1226)
• 04621a5 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.11 to 1.27.13 (#1467)
• 4800d40 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.13 to 1.27.15 (#1492)
• 48ac21f chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.15 to 1.27.16 (#1513)
• 25df783 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.16 to 1.27.18 (#1557)
• 374d187 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.18 to 1.27.21 (#1586)
• 54e92a4 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.21 to 1.27.23 (#1602)
• c4dc680 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.23 to 1.27.24 (#1618)
• ee5bad7 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.24 to 1.27.26
• 5e9f3a4 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.26 to 1.27.27
• a5f6f59 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.27 to 1.27.28 (#1720)
• c62c142 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.28 to 1.27.30 (#1747)
• 64d5f33 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.30 to 1.27.31 (#1769)
• 23f6ac8 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.31 to 1.27.33 (#1781)
• aa28620 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.33 to 1.27.36 (#1823)
• b41acf8 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.36 to 1.27.41 (#1852)
• deafb4a chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.41 to 1.27.43 (#1861)
• 7c75d59 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.27.9 to 1.27.11 (#1390)
• 527004b chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.28.3 to 1.28.6 (#1957)
• fbf3a90 chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.28.6 to 1.28.7 (#1997)
• f9720b1 chore: Bump github.com/aws/aws-sdk-go-v2/credentials
• 120aeca chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.12 to 1.16.13 (#1235)
• e30ab5d chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.13 to 1.16.14 (#1250)
• 1fe27db chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.14 to 1.16.16 (#1275)
• dbf29f1 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.9 to 1.16.12 (#1224)
• 025b3d2 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.15 to 1.17.16 (#1515)
• aeceddc chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.21 to 1.17.22 (#1594)
• 8af013d chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.22 to 1.17.23 (#1600)
• 3829c79 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.23 to 1.17.24 (#1617)
• 6f78679 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.26 to 1.17.27 (#1646)
• 6c2fb71 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.28 to 1.17.29 (#1746)
• 79aac85 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.32 to 1.17.34 (#1822)
• c260f3b chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.34 to 1.17.37 (#1834)
• 6edc911 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.41 to 1.17.42 (#1911)
• b673586 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.42 to 1.17.44 (#1923)
• 4ae49e0 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.44 to 1.17.45 (#1933)
• 67cd411 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.45 to 1.17.46 (#1953)
• 3aa9be0 chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.47 to 1.17.48 (#1998)
• 62c00fb chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.9 to 1.17.11 (#1393)
• 539408f chore: Bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.28.2 to 1.28.3 (#1514)
• c143844 chore: Bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.28.3 to 1.28.5 (#1558)
• 45430c7 chore: Bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.28.5 to 1.28.6 (#1587)
• 49fc07a chore: Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 (#1253)
• acab8ce chore: Bump github.com/docker/cli from 24.0.7+incompatible to 24.0.8+incompatible (#1282)
• 2ad4fab chore: Bump github.com/docker/cli from 24.0.8+incompatible to 24.0.9+incompatible (#1302)
• f9569e4 chore: Bump github.com/docker/cli from 27.1.1+incompatible to 27.1.2+incompatible (#1745)
• 3578e05 chore: Bump github.com/docker/docker
• 384cb0c chore: Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible (#1345)
• 46d8dfb chore: Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 (#1329)
• dfc7c33 chore: Bump github.com/go-logr/logr from 1.4.1 to 1.4.2 (#1516)
• 716fb8a chore: Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#1916)
• 9069134 chore: Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 (#1331)
• a023d20 chore: Bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 (#1338)
• 91b9889 chore: Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 (#1575)
• a63adcc chore: Bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1 (#1648)
• 341c545 chore: Bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2
• cf7a111 chore: Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 (#1592)
• 4f58573 chore: Bump github.com/notaryproject/notation-core-go from 1.0.1 to 1.0.2 (#1283)
• 16dac32 chore: Bump github.com/notaryproject/notation-core-go from 1.0.2 to 1.0.3 (#1536)
• 77419d5 chore: Bump github.com/notaryproject/notation-core-go from 1.2.0-rc.1 to 1.2.0-rc.2 (#1970)
• 1a8f598 chore: Bump github.com/notaryproject/notation-go from 1.2.0 to 1.2.1 (#1784)
• 3c109f7 chore: Bump github.com/notaryproject/notation-go from 1.3.0-rc.1 to 1.3.0-rc.2 (#1987)
• 9100119 chore: Bump github.com/open-policy-agent/opa from 0.63.0 to 0.68.0 (#1819)
• eb8b658 chore: Bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc6 (#1271)
• 9acbfe3 chore: Bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 (#1312)
• 983e3c2 chore: Bump github.com/owenrumney/go-sarif/v2 from 2.3.0 to 2.3.1 (#1349)
• 34eeced chore: Bump github.com/owenrumney/go-sarif/v2 from 2.3.1 to 2.3.2 (#1619)
• 444d8cc chore: Bump github.com/owenrumney/go-sarif/v2 from 2.3.2 to 2.3.3
• 4032cc1 chore: Bump github.com/prometheus/client_golang from 1.20.2 to 1.20.4 (#1824)
• c8e8e00 chore: Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 (#1877)
• 7d294d6 chore: Bump github.com/sigstore/cosign/v2 from 2.2.2 to 2.2.3 (#1301)
• a1a739f chore: Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 (#1383)
• 6a719c9 chore: Bump github.com/sigstore/rekor from 1.3.6 to 1.3.7 (#1952)
• a29d629 chore: Bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 (#1325)
• 55c8328 chore: Bump github.com/sigstore/sigstore from 1.8.10 to 1.8.11 (#1986)
• e58f337 chore: Bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 (#1357)
• 99b7444 chore: Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 (#1535)
• 48c8015 chore: Bump github.com/sigstore/sigstore from 1.8.4 to 1.8.6 (#1599)
• e0c8da6 chore: Bump github.com/sigstore/sigstore from 1.8.6 to 1.8.7
• c2f5c3a chore: Bump github.com/sigstore/sigstore from 1.8.7 to 1.8.8
• 2534b33 chore: Bump github.com/sigstore/sigstore from 1.8.8 to 1.8.9 (#1782)
• ea3cee5 chore: Bump github.com/sigstore/sigstore from 1.8.9 to 1.8.10 (#1878)
• 9b27e94 chore: Bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#1403)
• bcd0f39 chore: Bump github.com/spdx/tools-golang from 0.5.4 to 0.5.5 (#1601)
• 80ffa1f chore: Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#1577)
• acfdf81 chore: Bump github/codeql-action from 2.13.4 to 3.25.5 (#1487)
• d862e04 chore: Bump github/codeql-action from 3.25.10 to 3.25.11 (#1598)
• 48a1565 chore: Bump github/codeql-action from 3.25.11 to 3.25.12 (#1638)
• 5b0f3e1 chore: Bump github/codeql-action from 3.25.12 to 3.25.13 (#1649)
• f5694f7 chore: Bump github/codeql-action from 3.25.13 to 3.25.14 (#1659)
• 537c823 chore: Bump github/codeql-action from 3.25.14 to 3.25.15
• f347f6a chore: Bump github/codeql-action from 3.25.15 to 3.26.0
• d048744 chore: Bump github/codeql-action from 3.25.5 to 3.25.6 (#1495)
• 2b4ce39 chore: Bump github/codeql-action from 3.25.6 to 3.25.7 (#1537)
• 8637605 chore: Bump github/codeql-action from 3.25.7 to 3.25.8 (#1545)
• 2a58116 chore: Bump github/codeql-action from 3.25.8 to 3.25.9 (#1568)
• 3fc2f79 chore: Bump github/codeql-action from 3.25.9 to 3.25.10 (#1570)
• 9804ad7 chore: Bump github/codeql-action from 3.26.0 to 3.26.1
• 486a308 chore: Bump github/codeql-action from 3.26.1 to 3.26.2
• 6fd804f chore: Bump github/codeql-action from 3.26.10 to 3.26.11 (#1846)
• 1ecd21f chore: Bump github/codeql-action from 3.26.11 to 3.26.12 (#1856)
• 957207b chore: Bump github/codeql-action from 3.26.12 to 3.26.13 (#1869)
• 8ea916e chore: Bump github/codeql-action from 3.26.13 to 3.27.0 (#1887)
• d0c04e4 chore: Bump github/codeql-action from 3.26.2 to 3.26.3 (#1728)
• d83a7de chore: Bump github/codeql-action from 3.26.3 to 3.26.4 (#1736)
• 5199eae chore: Bump github/codeql-action from 3.26.4 to 3.26.5 (#1748)
• b2e5bfa chore: Bump github/codeql-action from 3.26.5 to 3.26.6 (#1763)
• 0542598 chore: Bump github/codeql-action from 3.26.6 to 3.26.7 (#1810)
• fb69af0 chore: Bump github/codeql-action from 3.26.7 to 3.26.8 (#1820)
• 77fbbaf chore: Bump github/codeql-action from 3.26.8 to 3.26.9 (#1828)
• 036beb9 chore: Bump github/codeql-action from 3.26.9 to 3.26.10 (#1840)
• 511751f chore: Bump github/codeql-action from 3.27.0 to 3.27.1 (#1922)
• e73d4f5 chore: Bump github/codeql-action from 3.27.1 to 3.27.3 (#1926)
• 14f75c9 chore: Bump github/codeql-action from 3.27.3 to 3.27.4 (#1929)
• 6c5604b chore: Bump github/codeql-action from 3.27.4 to 3.27.5 (#1945)
• fa9be71 chore: Bump github/codeql-action from 3.27.5 to 3.27.6 (#1963)
• ffddcda chore: Bump github/codeql-action from 3.27.6 to 3.27.7 (#1978)
• 1044456 chore: Bump github/codeql-action from 3.27.7 to 3.27.9 (#1983)
• 53ce2f0 chore: Bump github/codeql-action from 3.27.9 to 3.28.0 (#2001)
• ddc3853 chore: Bump golang from 0ca97f4 to 4cfe4a9 in /httpserver (#1925)
• 59d2f8c chore: Bump golang from 16438a8 to a8edec5 in /httpserver (#1547)
• ae0a9f9 chore: Bump golang from 192683d to 4594271 in /httpserver (#1808)
• 2b08e26 chore: Bump golang from 2bd56f0 to 367bb52 in /httpserver (#1725)
• 1581bcd chore: Bump golang from 2eb85b8 to b405b62 in /httpserver
• a73822c chore: Bump golang from 367bb52 to 192683d in /httpserver (#1788)
• e062893 chore: Bump golang from 392d2b6 to 16438a8 in /httpserver (#1488)
• d72b0d7 chore: Bump golang from 4594271 to ddad330 in /httpserver (#1837)
• 2b789f3 chore: Bump golang from 4cfe4a9 to 147f428 in /httpserver (#1936)
• 426b919 chore: Bump golang from 574185e to 7003184 in /httpserver (#1985)
• 6f96ebc chore: Bump golang from 628529a to b274ff1 in /httpserver (#1865)
• 781f0b3 chore: Bump golang from 7003184 to 7ea4c9d in /httpserver (#2006)
• 78b2eba chore: Bump golang from 73f06be to 574185e in /httpserver (#1973)
• 0bbd60e chore: Bump golang from 829eff9 to 86a3c48 in /httpserver (#1667)
• 730c48b chore: Bump golang from 86a3c48 to 2bd56f0 in /httpserver
• c9f2c0a chore: Bump golang from a66eda6 to fcae9e0 in /httpserver
• 1058c83 chore: Bump golang from a8edec5 to 2eb85b8 in /httpserver (#1572)
• 7213fed chore: Bump golang from b274ff1 to 0ca97f4 in /httpserver (#1876)
• 3c0ccac chore: Bump golang from d83472f to 392d2b6 in /httpserver (#1469)
• 8162d6a chore: Bump golang from ddad330 to 628529a in /httpserver (#1847)
• fbeb67e chore: Bump golang from fcae9e0 to 829eff9 in /httpserver (#1639)
• 6105b50 chore: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#1229)
• 7c3e2aa chore: Bump golang/govulncheck-action from 1.0.2 to 1.0.3 (#1543)
• 6bf96b0 chore: Bump golang/govulncheck-action from 1.0.3 to 1.0.4 (#1841)
• c0cd911 chore: Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#1307)
• c5f252d chore: Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 (#1415)
• 0ac4223 chore: Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 (#1426)
• 6dfa8e8 chore: Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 (#1440)
• 479934d chore: Bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 (#1446)
• 6273c67 chore: Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 (#1457)
• 8f2f716 chore: Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0
• b94c067 chore: Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (#1845)
• fde60d2 chore: Bump google.golang.org/grpc from 1.61.0 to 1.61.1 (#1313)
• 8cd7c7a chore: Bump google.golang.org/grpc from 1.61.1 to 1.61.2 (#1367)
• bce6b4c chore: Bump google.golang.org/grpc from 1.62.1 to 1.62.2 (#1391)
• b7fa5e1 chore: Bump google.golang.org/grpc from 1.64.0 to 1.64.1 (#1615)
• f1ca1c1 chore: Bump google.golang.org/grpc from 1.66.0 to 1.66.2 (#1825)
• 96fb63d chore: Bump google.golang.org/grpc from 1.66.2 to 1.66.3 (#1850)
• dd3a6b0 chore: Bump google.golang.org/grpc from 1.68.0 to 1.68.1 (#1971)
• 6ab3fd8 chore: Bump google.golang.org/grpc from 1.68.1 to 1.68.2 (#2000)
• 6cf38fd chore: Bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#1616)
• 8e23b06 chore: Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 (#1328)
• 55529e8 chore: Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#1466)
• ffdad0f chore: Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (#1544)
• 8647de2 chore: Bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (#1920)
• 4122be7 chore: Bump k8s.io/api from 0.28.11 to 0.28.12 (#1644)
• d548d9a chore: Bump k8s.io/api from 0.28.8 to 0.28.9 (#1404)
• 9aea86d chore: Bump k8s.io/api from 0.28.9 to 0.28.10 (#1493)
• 33064b0 chore: Bump k8s.io/apimachinery from 0.28.14 to 0.28.15 (#1896)
• 7ecab2b chore: Bump k8s.io/apimachinery from 0.28.8 to 0.28.9 (#1405)
• 205e6a9 chore: Bump k8s.io/client-go from 0.28.10 to 0.28.11 (#1573)
• 2188f95 chore: Bump k8s.io/client-go from 0.28.11 to 0.28.12 (#1663)
• 4e02c39 chore: Bump k8s.io/client-go from 0.28.12 to 0.28.13 (#1722)
• 161fd6b chore: Bump k8s.io/client-go from 0.28.13 to 0.28.14 (#1813)
• 3e80c13 chore: Bump k8s.io/client-go from 0.28.14 to 0.28.15 (#1897)
• 4a97b2c chore: Bump k8s.io/client-go from 0.28.4 to 0.28.5 (#1232)
• d20bd3d chore: Bump k8s.io/client-go from 0.28.5 to 0.28.6 (#1273)
• ffa3cef chore: Bump k8s.io/client-go from 0.28.6 to 0.28.7 (#1309)
• 0bf7079 chore: Bump k8s.io/client-go from 0.28.7 to 0.28.8 (#1339)
• e74a421 chore: Bump k8s.io/client-go from 0.28.8 to 0.28.9 (#1406)
• e0889f8 chore: Bump k8s.io/client-go from 0.28.9 to 0.28.10 (#1491)
• aea7688 chore: Bump notaryproject/notation-action from 1.1.0 to 1.2.0 (#1832)
• 0897822 chore: Bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#1462)
• 7ffb697 chore: Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#1664)
• 742ccc0 chore: Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
• 7ce62b7 chore: Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#1851)
• 630a2bd chore: Bump step-security/harden-runner from 2.10.0 to 2.10.1 (#1796)
• 9b5d31b chore: Bump step-security/harden-runner from 2.10.1 to 2.10.2 (#1938)
• fe662a4 chore: Bump step-security/harden-runner from 2.7.0 to 2.8.0 (#1529)
• aca9883 chore: Bump step-security/harden-runner from 2.8.0 to 2.8.1 (#1561)
• 7e6f99f chore: Bump step-security/harden-runner from 2.8.1 to 2.9.0 (#1642)
• aedb222 chore: Bump step-security/harden-runner from 2.9.0 to 2.9.1
• acf60d1 chore: Bump step-security/harden-runner from 2.9.1 to 2.10.0 (#1794)
• 8d72736 chore: Bump vscode/devcontainers/go from 44c273a to 68e6bd3 in /.devcontainer (#1826)
• 42392fd chore: Bump vscode/devcontainers/go from 46f85d1 to 5625272 in /.devcontainer (#1989)
• 70e4744 chore: Bump vscode/devcontainers/go from 68e6bd3 to d638d11 in /.devcontainer (#1836)
• fb5692e chore: Bump vscode/devcontainers/go from 8cb4ef6 to fdc107c in /.devcontainer (#1744)
• a9ee776 chore: Bump vscode/devcontainers/go from bdecb4c to 46f85d1 in /.devcontainer (#1879)
• 84333ac chore: Bump vscode/devcontainers/go from c23be6b to 0ea3913 in /.devcontainer (#1465)
• 1af7001 chore: Bump vscode/devcontainers/go from d638d11 to bdecb4c in /.devcontainer (#1848)
• 8cb5343 chore: Bump vscode/devcontainers/go from fdc107c to 44c273a in /.devcontainer (#1809)
• 2389aa6 chore: Bump vscode/devcontainers/go in /.devcontainer
• dca6b77 chore: Bump vscode/devcontainers/go in /.devcontainer
• ab8d001 chore: Refactor error messages for Notation signature verification (#1730)
• 281ca40 chore: Replace deprecated autorest SDK with azidentity (#1904)
• 7519519 chore: add codecov badge (#1777)
• f548082 chore: add description for notation.enabled in the helm charts readme… (#1778)
• 8f8dba2 chore: add notation-trust-policy e2e test (#2002)
• f2ed26e chore: add the governance doc link to readme.md (#1713)
• 810c93e chore: address comments
• 2e832ff chore: automated PR to main 2024-09-13 (#1798)
• 449cdf3 chore: bump CRD controller + conversion gen binaries to be compatible (#1627)
• bd97cb1 chore: bump GK support to 3.18 (#1980)
• dea367e chore: bump K8s versions (#1975)
• 9233abb chore: bump makefile tool dependency version (#1976)
• 7c34a1a chore: bump oras go to 2.5.0 (#1389)
• c348a7d chore: bump ratify version for 1.1.1 patch release (#1434)
• 4b04c08 chore: bump support GK version matrix to include v3.17.0 (#1795)
• 368c676 chore: bump support matrix to include GK 3.16.0 (#1504)
• 2be797d chore: bump to go 1.21 (#1276)
• 9c40fba chore: bump up go version to 1.22.8 (#1880)
• 252afd8 chore: bump up golang.org/x/crypto pkg to fix vuln (#1981)
• d8dfa60 chore: bump up golangci-lint version (#1961)
• 89b0a9c chore: fix linting issues (#1606)
• b3ea827 chore: ignore CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 (#1498)
• 09ce389 chore: ignore CVE-2023-42366 (#1494)
• 6010b4f chore: ignore pb.go files under experimental
• 32cc3cc chore: merge adoptor and crl chart changes (#2027)
• 7c58a9a chore: migrate azure-sdk-for-go/containerregistry to the latest release (#1829)
• e911c59 chore: prepare release 1.2.1 charts update (#1610)
• 4fc08ce chore: prepare release 1.2.1 charts update 2 (#1612)
• efa4295 chore: prepare release 1.2.1 helmfile update
• d3f77fe chore: refresh roadmap after v1.2.0 release (#1541)
• 4a5fee5 chore: remodule ratify package (#1552)
• 9eccff6 chore: remove unused code path
• 51c5402 chore: rename WithLinkToDoc to WithRemediation
• af2240b chore: rename func for readability (#1257)
• fc3ddbb chore: rephrase failure result in constraint template
• be3adc1 chore: stop printing out error stack trace (#1711)
• a89d00d chore: update a flag in makefile (#1584)
• f204e9d chore: update aks version (#1768)
• 4e539d9 chore: update cert value in sample CRs (#1479)
• 6d7ce9e chore: update charts (#1892)
• 2998078 chore: update codecov config (#1237)
• 6487002 chore: update default templates (#1776)
• a3424b1 chore: update deislabs.github.io to ratify-project.github.io (#1548)
• 12e39b9 chore: update dev helmfile and publishing workflow (#1551)
• b7644b7 chore: update dev helmfiles to clean up namespaced resources (#1476)
• 7208f98 chore: update err-msg with notation (#1775)
• b7cab88 chore: update error messages for cosign validation (#1792)
• 95e6c4e chore: update go reference badge to the new path (#1806)
• 365d843 chore: update helm charts (#1702)
• 482aee7 chore: update helm charts for v1.3.0 (#1805)
• d1e810b chore: update local dev charts to the latest version (#1749)
• b9446ef chore: update ratify charts to 1.2 (#1526)
• 586b2ba chore: update release charts 1.4.0-rc.1 (#2025)
• 92ce84f chore: update scorecards action (#1687)
• 9865b7c chore: update the image tag of dev container (#1347)
• d3e49d2 chore: update the roadmap after v1.3.0 release (#1817)
• 4288940 chore: update to support GK 3.15 & remove support for GK 3.12 (#1318)
• c05f5fd chore: update workflows according to the latest supported k8s version (#2013)
• 0a1198a chore: upgrade to go 1.22 (#1605)
• 8c89dab chore: use semantic version for go install pkg (#1448)
• 7e034c2 ci: add cache cleanup post merge (#1242)
• 4ab047b ci: add cron job to cache trivy db (#1918)
• 5333fe9 ci: add dev helm chart publishing workflow (#1209)
• 3f68a54 ci: add job to delete dev packages manually
• bf4eade ci: bump k8s versions (#1417)
• df7fdff ci: fix tagging in publish-ghcr workflow (#1884)
• f536f68 ci: harden github actions (#1579)
• 69b10eb ci: improve azure test resiliency (#1546)
• 6376762 ci: replace trivy with trivy-action (#1871)
• 44abd8b ci: retry trivy db update upon failure (#1881)
• c4adde7 ci: retry trivy download-db on failure (#1883)
• 7af6e8e ci: run scorecard on pr to dev/main
• 1bac149 ci: set patch coverage target to 80% (#1527)
• 3f66411 ci: switch azure ci test to use rbac for key vault access (#1523)
• efe84cf ci: switch region from eastus to westus2 (#1591)
• c2c51b6 ci: switch to fail-fast from continue-on-error (#1245)
• c963bed ci: update and cleanup CI tools used (#1326)
• 3639957 ci: update azure SP federated credentials (#1442)
• 6eab122 ci: update license check exclusion version (#1351)
• 6179759 crd image
• a7178d4 doc: Update SECURITY.md (#1555)
• 2000c11 doc: proposal for error message improvements
• e57886c doc: update README code of conduct (#1553)
• 2d3a8e0 doc: update minor release branching strategy (#1456)
• 314d46e fail critical
• d7990c7 fail on high
• 64c2315 fail on med
• 4a44d3a feat: Add refreshInterval to the helm chart Values (#1773)
• 59240ad feat: Implementation of KMP CRL revocation factory with cache (#1900)
• f495934 feat: KMP periodic retrieval with k8s requeue (#1727)
• ae4385b feat: Support more trust store types (#1538)
• 4b07a26 feat: add GetNamespace utils method for context [multi-tenancy PR 1] (#1356)
• 43b8090 feat: add NamespacedKMP and switch KMP scope to cluster [multi-tenancy PR 9] (#1422)
• 1f21940 feat: add NamespacedPolicy CRD [multi-tenancy PR 7] (#1402)
• 9ab83c8 feat: add NamespacedStore CRD [multi-tenancy PR 8] (#1413)
• e13af40 feat: add NamespacedVerifier CRD [multi-tenancy PR 11] (#1428)
• 7958056 feat: add PolicyManager interface to wrap operations on namespaced policies [multi-tenancy PR 3] (#1359)
• 003fe00 feat: add ReferrerStoreManager interface to wrap operations on namespaced stores [multi-tenancy PR 4] (#1380)
• 759f299 feat: add cache isolation (#1213)
• 3e656b1 feat: add certStoreManager interface to wrap operations on namespaced certStores [multi-tenancy PR 5] (#1382)
• 3d40b97 feat: add compatibility check in KMP while fetching certs/keys [multi-tenancy PR 6] (#1395)
• 2061199 feat: add context to getExecutor method
• 70389cf feat: add cosign keyless support to trust policy (#1503)
• 482ac34 feat: add cosign trust policies (#1381)
• 71df5dd feat: add debug logs to k8s secret and docker config auth providers (#1319)
• b0dfc90 feat: add key management provider resource (#1293)
• 2894b51 feat: add key support to key management provider (#1333)
• 515f6c5 feat: add more notation trust policy attributes to values.yaml (#1982)
• 9d60789 feat: add namespace label to metrics
• ec92e2a feat: add namespace to external data request key (#1201)
• 23092c6 feat: add open ssf best practices badge (#1696)
• 4510dd8 feat: add support for crl basic functionality with built-in cache (#1890)
• 3e04cb5 feat: add timestamp and traceId to verification response (#1697)
• 8b17053 feat: add verifierName, verifierType and errorReason fields to verifierReport
• e716f54 feat: add verifiers interface to wrap up operations on namespaced verifiers
• 49f63e1 feat: add version to CRD spec (#1215)
• 85781cc feat: additional env vars for ratify container via helm chart (#1854)
• 10c4310 feat: allow service account annotations (#1907)
• f04f768 feat: enables CRL configuration (#1941)
• e7655fe feat: enhance CR status with clearer brief error message (#1734)
• 2af0565 feat: expose crl config in helm chart (#2010)
• 0b6aa67 feat: fill ErrorReason and Remediation during verifierReport generation (#1682)
• 2eacdaf feat: handle stderr and stdout messages from plugins (#1258)
• 018cde4 feat: improve plugin config dependency (#1223)
• dd1b883 feat: move cosign to be a built in verifier (#1343)
• 1742f2f feat: refactor certStore and KMP to support multi-tenancy [multi-tenancy PR 10] (#1423)
• 4d4d00c feat: refactor cosign verification error messages (#1750)
• af1a0d8 feat: refactor error message format
• 2b11902 feat: run full validation on staging (#1361)
• 9b96175 feat: save reconcile error for KMP/CertStore (#1710)
• 0837c02 feat: support alibaba cloud rrsa store auth provider (#1909)
• 98f5581 feat: support enabled status for kmp keys/certs (#1874)
• 0cae6c7 feat: timestamping feature (#1758)
• 7abfc7f feat: validate plugin name on CR create (#1265)
• 666849a fix(tls): allowing TLS when crd-manager disabled (#1954)
• 68c93a6 fix: DecodeCertificates cert length check (#1470)
• 9afbbf9 fix: Enforce validation on notation signature blob number (#1726)
• b6db2ee fix: SBOM verifier license match support for deprecated license (#1230)
• 9da6842 fix: Set IdleTimeout for http.Server (#1418)
• a884308 fix: add akv keys check on cosign-verifier (#1427)
• aafd330 fix: add check for disabled keys from azure key vault (#1474)
• 5225247 fix: add missing CRD conversion methods (#1289)
• aae1aa6 fix: add missing pod annotations and labels to deployment spec (#1949)
• ea5604a fix: add top-level read permission (#1419)
• d64c713 fix: bump dev helmfile ratify chart versions (#1216)
• 1e32c70 fix: bump github.com/aws/aws-sdk-go-v2/service/ecr version (#1505)
• b12b038 fix: bump-up docker dependency (#1679)
• 30ee980 fix: check label value on pull_request_target (#1471)
• 0975882 fix: differentiate aks logs from e2e log (#1243)
• 82626ee fix: dynamic plugin should support pulling image with digest (#1280)
• ad69840 fix: enable automated pr to main (#1582)
• 3872e05 fix: enable workflow for staging (#1369)
• 5781305 fix: fix AKS test by switching to cluster-wide KMP (#1455)
• 2ee5904 fix: fix missing separator in helm template (#1463)
• 18a8878 fix: fix the conditional check on update-trivy-cache job (#1919)
• 05a8cbe fix: fix typo in notation verifier (#1678)
• 45c0f81 fix: fix unit tests that fail in local environment (#1292)
• 547c0a8 fix: fix vuln in /x/net pkg (#1993)
• 2fa97fb fix: fix vulnerabilities
• 2d9b93a fix: handle empty trust policies
• b2bf323 fix: improve vuln report verifier report messages (#1238)
• 6474b4d fix: make notation verifier installation optional on ratify installation (#1719)
• b32db85 fix: missing status update in KMP controller (#1761)
• 9d5acaf fix: pass CODECOV_TOKEN to reusable workflow
• f07f1ca fix: remove Update az cli step in aks test (#1502)
• 269d176 fix: remove critical cache failure in oras GetBlobContent (#1740)
• f0cdcfe fix: remove duplicate $
• 8632ea5 fix: remove nonexistent KMP from verifier sample (#1753)
• d89400e fix: remove unused trust store from sample verifier config (#1790)
• 4fed7a0 fix: rename staging to dev branch (#1401)
• cb3bb9b fix: run full validation for release branch (#1512)
• 5381e0c fix: showing verifier config parse detail in err log (#1791)
• be8b182 fix: surface plugin error in exec.go (#1228)
• f063058 fix: update ReferrerNotFound error to be more accurate (#1408)
• 8acd52b fix: update azure tenantId casing (#1385)
• 23b143d fix: update constraint templates to work with new type field (#1217)
• 8834734 fix: update cosign chart and remove extra logs (#1475)
• 8acc7f2 fix: update hard coded test registry reference (#1336)
• 5129b80 fix: update revocation handler creation (#2007)
• c1ba70e fix: updated community meeting time to UTC (#1364)
• b2535b9 fix: validate plugin version for ratify cli (#1604)
• 7294999 fix: warning message is printed to stdout by CLI (#1650)
• 1f37d04 load into kind
• 84cb90c refactor: refactor verifiers to support namespaced
• a01b605 remove --skipdir flag
• 088154d revert: "chore: automated PR to main 2024-09-13" (#1802)
• a8691a4 run scan-vulns.yaml on schedule (#1562)
• d214d5b scanner
• 9dc9e82 update
• 70ba627 update
• 1d12f7f update
• 4ae4332 update
• 1401080 update per comments
• a494009 update per comments
• 1bd347c update unit test

Full Changelog: v1.3.1...v1.4.0-rc.1