Skip to content

v0.0.5

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 May 16:12
· 40 commits to main since this release
v0.0.5
c3537e2

WebSec0 v0.0.5

Multi-arch binaries and a distroless Docker image. The binary embeds
the Astro frontend; running ./websec0 exposes the UI on :8080.

Changelog

Fixes

  • 279d475: fix(release): migrate cosign checksum signing to the new bundle format (@JoshuaMart)

CI / build

  • c3537e2: ci(release): bump docker/setup-buildx-action to v4 (Node.js 24 runtime) (@JoshuaMart)

Docker imageghcr.io/joshuamart/websec0:v0.0.5 (linux/amd64 + linux/arm64).

Verifying release artefacts — the checksums.txt file and the
Docker manifest are signed with cosign keyless via Sigstore. The
checksum signature is published in the new self-contained Sigstore
bundle format (signature + certificate + transparency log entry in
one file). Verify with cosign >= 2.5:

cosign verify-blob \
  --certificate-identity-regexp 'https://github.com/JoshuaMart/WebSec0/.github/workflows/release.yml@refs/tags/' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --bundle checksums.txt.sig \
  checksums.txt

Contributors

JoshuaMart
Assets 12
Loading