smallstep/cli v0.25.3-rc3

Step CLI v0.25.3-rc3 (24-03-26)

on GitHub

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.25.3-rc3_amd64.tar.gz
• 📦 step_linux_0.25.3-rc3_arm64.tar.gz
• 📦 step_linux_0.25.3-rc3_armv7.tar.gz
• 📦 step-cli_0.25.3-rc3_amd64.deb
• 📦 step-cli_0.25.3-rc3_amd64.rpm
• 📦 step-cli_0.25.3-rc3_arm64.deb
• 📦 step-cli_0.25.3-rc3_arm64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.25.3-rc3_amd64.tar.gz
• 📦 step_darwin_0.25.3-rc3_arm64.tar.gz

Windows

• 📦 step_windows_0.25.3-rc3_amd64.zip
• 📦 step_windows_0.25.3-rc3_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.25.3-rc3_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.25.3-rc3_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.25.3-rc3_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 9d1b9a0 Return HTTP OK on CORS Options request
• 9f9412c Merge pull request #1132 from smallstep/dependabot/github_actions/dependabot/fetch-metadata-2.0.0
• 0b6aedd Merge pull request #1133 from smallstep/dependabot/go_modules/github.com/smallstep/certificates-0.26.0-rc2
• 40867fd Bump github.com/smallstep/certificates from 0.25.3-rc7 to 0.26.0-rc2
• 9c5bfbe Merge pull request #1134 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.44.1
• 3c217fc Bump go.step.sm/crypto from 0.43.1 to 0.44.1
• 0db9019 Bump dependabot/fetch-metadata from 1.6.0 to 2.0.0
• 5cba7ab Merge pull request #1130 from smallstep/herman/cosign-2.x
• 07cdbd6 Use --yes to acknowledge user prompts for Cosign signing
• d90586e Upgrade certinfo
• 7a6c3cf Merge pull request #1128 from smallstep/max/assets
• d49acd0 Update .goreleaser.yml
• 3ead9e0 Update .goreleaser.yml
• 0622365 Update .goreleaser.yml
• dbaee8b Update .goreleaser.yml
• 0ead710 Bump jackc dependency in gomod
• e69cb2f Add a few more popular assets to the releases header.
• 384d4ab Merge pull request #1125 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.3
• 631f1a7 Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3
• 0bae350 Merge pull request #1124 from smallstep/herman/fix-load-vintage-error
• 49148fc Merge pull request #1123 from smallstep/fix-peak-typo
• 3841ae5 Fix ignored error from loading vintage context configuration
• 3fa35cc Fix peak -> peek
• 94ebbb3 go mod tidy (#1122)
• 0b07dde Merge pull request #1121 from smallstep/dependabot/go_modules/github.com/smallstep/certificates-0.25.3-rc7
• 1c0daea Upgrade google.golang.org/protobuf to v1.33.0
• eb5fbfb Use localhost in the step ca health CA url
• efe7e38 Bump github.com/smallstep/certificates
• eeb3d87 Merge pull request #1120 from smallstep/herman/upgrade-dependencies-20240304
• c25f5c3 Add very basic step ca health integration test
• 6c8661f Fix usage of deprecated Sign() method
• d6626c8 Upgrade dependencies and fix linting issues
• 491effd Merge pull request #1114 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.2
• 5a0c428 Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2
• 57505a0 Merge pull request #1103 from smallstep/dependabot/go_modules/github.com/smallstep/certificates-0.25.3-rc5
• 12cdd9b Merge pull request #1112 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.43.1
• 3dc8b46 Bump github.com/smallstep/certificates
• bbfc8fe Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/fxamacker/cbor/v2-2.6.0
• 9668c3d Bump go.step.sm/crypto from 0.43.0 to 0.43.1
• e95bbbc Bump github.com/fxamacker/cbor/v2 from 2.5.0 to 2.6.0
• c592ed4 Teach step ca init about --key-password-file
• 3d2769a Merge pull request #1107 from smallstep/dependabot/github_actions/webfactory/ssh-agent-0.9.0
• c7b90c6 Bump webfactory/ssh-agent from 0.8.0 to 0.9.0
• 7e6a58d Merge pull request #1109 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.19.0
• 93022d1 Bump golang.org/x/crypto from 0.18.0 to 0.19.0
• badf024 Merge pull request #1104 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.43.0
• 01e544d Bump go.step.sm/crypto from 0.42.1 to 0.43.0
• 869c359 Merge pull request #1101 from smallstep/dependabot/go_modules/github.com/google/uuid-1.6.0
• d029945 Merge pull request #1102 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.42.1
• df54f22 Bump go.step.sm/crypto from 0.42.0 to 0.42.1
• 0af8755 Bump github.com/google/uuid from 1.5.0 to 1.6.0
• 1fa24c9 Merge pull request #1100 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.42.0
• c000bfc Bump go.step.sm/crypto from 0.41.0 to 0.42.0

Thanks!

Those were the changes on v0.25.3-rc3!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.