sigstore/sigstore v1.0.0 on GitHub

What's Changed

Missed a couple of renames by @lukehinds in #1
User can use toml config for cert details by @lukehinds in #2
OIDC by @lukehinds in #3
readme, gitignore by @lukehinds in #4
Project Rename by @lukehinds in #5
Project refactor in prep for rewrite by @lukehinds in #7
Key generation code by @lukehinds in #9
Fix lint errors by @lukehinds in #12
Set up CI by @lukehinds in #11
Return PubK in correct type by @lukehinds in #13
Client port by @lukehinds in #14
Return the response so we can handle specific status codes by @lukehinds in #15
Bind flags with PreRun by @lukehinds in #18
Rename clients by @lukehinds in #20
Implements file MIME checking by @lukehinds in #21
Delete DS_Store by @lukehinds in #22
Implement rekor log entry by @lukehinds in #23
Update copyright statement by @dekkagaijin in #25
Device flow! by @dlorenc in #24
Add signature library by @dekkagaijin in #26
Add Security Section by @lukehinds in #29
cmd: add version command by @cpanato in #31
Rename signature payloads to be more descriptive for users by @dekkagaijin in #32
Use crypto.PublicKey in favor of *ecdsa.PublicKey by @dekkagaijin in #33
remove Ed25519 until we can make it work sanely with Rekor by @dekkagaijin in #34
Signers should return the payloads which were actually signed by @dekkagaijin in #35
update boilerplate header and apply go fmt by @cpanato in #37
ci/boilerplate: fix bolierplate check by @cpanato in #39
go: update go version to use 1.16.x by @cpanato in #36
Move kms package from cosign to sigstore by @priyawadhwa in #41
Leverage the signature package for signing by @dekkagaijin in #38
Implement code owners by @lukehinds in #40
use RSA-PSS instead of RSA-PKCS#1 v1.5 signature scheme by @dekkagaijin in #43
feat: add vault transit kms engine by @RichiCoder1 in #44
Bump the rekor dependency. by @dlorenc in #47
Allow specifying the full key version. by @dlorenc in #45
some vault fixes by @RichiCoder1 in #49
Better define sigstores purpose by @lukehinds in #52
remove optional algorithm; ensure CI and Makefile are correct by @bobcallaway in #57
log error message but continue with OAuth2 flow if browser auto-open … by @bobcallaway in #56
change to rekor.sigstore.dev by @bobcallaway in #60
remove gosec since it is handled by golangci-lint by @bobcallaway in #58
Add support for ed25519 based keys by @priyawadhwa in #51
Bump rekor for the new API changes. by @dlorenc in #61
Move all rekor code to tlog by @lukehinds in #63
Refact key tlog by @lukehinds in #65
Add support for static identity tokens supplied directly by the caller. by @dlorenc in #64
enable transit secret engine at another path by @developer-guy in #67
Refactor IDToken handling to support claims based on fields other tha… by @dlorenc in #68
cert.Subject is not populated, return serial instead by @lukehinds in #71
Allow the OOB authentication flow when we can't open a browser. by @dlorenc in #62
convert signature library to implement crypto.Signer interface by @bobcallaway in #69
use new path to GetRekorClient by @bobcallaway in #73
Fix for Error: error during PEM decoding by @lukehinds in #78
Use output to save client cert file locally by @lukehinds in #79
Add formatted URL for rekor entry by @lukehinds in #80
Add PublicKeyProvider interface by @bobcallaway in #75
Bump rekor. by @dlorenc in #82
Also output the signature if required by @lukehinds in #83
filehandler: add application/x-executable to supported mimetype by @cpanato in #84
stop using signerverifier to get access to publickeyprovider by @bobcallaway in #85
compute crc over digest instead of message by @bobcallaway in #86
We should use the client ID from the oauth config, not viper. by @dlorenc in #87
Don't use pointers for ed25519 keys by @dekkagaijin in #88
AWS KMS Support by @codysoyland in #74
Remove cmd/, clean up unused code by @dekkagaijin in #90
Remove pkg/tlog, run go mod tidy by @dekkagaijin in #91
update go modules, run go mod tidy by @dekkagaijin in #94
update github actions to latest versions by @dekkagaijin in #93
change in-memory signers to implement crypto.Signer by @bobcallaway in #92
Add initial Azure KMS support by @cpanato in #76
Remove pkg/util directory by @dekkagaijin in #95
Implement wrappers/converters for the DSSE signing spec. by @dlorenc in #96
Add tests for pkg/cryptoutils by @dekkagaijin in #99
More pkg/cryptoutils tests, add a generator for ECDSA keypairs by @dekkagaijin in #100
ENCRYPTED COSIGN PRIVATE KEY -> ENCRYPTED SIGSTORE PRIVATE KEY by @dekkagaijin in #101
remove fulcio client code by @dekkagaijin in #103
small update in the makefile by @cpanato in #105
default to P-256 curve again by @dekkagaijin in #106
Add missing code of conduct (stock sigstore one) by @lukehinds in #107
leverage Vault token helpers approach while obtaining Vault token by @developer-guy in #104
Transit backend path is hardcoded for some operations of the KMS Vault client by @LeSuisse in #102
Switch DSSE provider to go-securesystemslib by @adityasaky in #111
pass by reference instead of pointer so correct redirect_uri is known by @bobcallaway in #114
Pin localstack in e2e tests (fixes #112) by @codysoyland in #115
Fix typo/readability by @ocdtrekkie in #116
Modularise CI by @lukehinds in #118
Update readme in anticipation of 1.0 by @lukehinds in #119
Integration tests for dex / OIDConnect by @lukehinds in #110
Change redirect listener to use ephemeral port by @bobcallaway in #120

New Contributors

@lukehinds made their first contribution in #1
@dekkagaijin made their first contribution in #25
@dlorenc made their first contribution in #24
@cpanato made their first contribution in #31
@priyawadhwa made their first contribution in #41
@RichiCoder1 made their first contribution in #44
@bobcallaway made their first contribution in #57
@developer-guy made their first contribution in #67
@codysoyland made their first contribution in #74
@LeSuisse made their first contribution in #102
@adityasaky made their first contribution in #111
@ocdtrekkie made their first contribution in #116

Full Changelog: https://github.com/sigstore/sigstore/commits/v1.0.0