v0.15.0

This is the version of Trustee used with CoCo v0.16.0.

What's Changed

• kbs/config/kubernetes: update image tags for the release by @mythi in #852
• Make the integration tests more generic. by @fitzthum in #849
• verifier: fix csv hsk cek parsing by @Xynnn007 in #854
• build(deps): bump config from 0.13.4 to 0.14.1 by @dependabot[bot] in #857
• ci: add OpenSSF scorecard workflow and badge by @fitzthum in #858
• Move HashAlgorithm to kbs_types by @ssolit in #833
• build(deps): bump mobc from 0.8.5 to 0.9.0 by @dependabot[bot] in #859
• build(deps): bump github/codeql-action from 3.24.9 to 3.29.2 by @dependabot[bot] in #864
• build(deps): bump strum from 0.27.1 to 0.27.2 by @dependabot[bot] in #866
• build(deps): bump intel-tee-quote-verification-rs from DCAP_1.22 to DCAP_1.23 by @dependabot[bot] in #867
• build(deps): bump cryptoki from 0.9.0 to 0.10.0 by @dependabot[bot] in #868
• deps/eventlog: improve EV_IPL data parser by @pawelpros in #873
• build(deps): bump serde_with from 1.14.0 to 3.14.0 by @dependabot[bot] in #872
• deps/eventlog: fixed handling EV_IPL null byte by @pawelpros in #876
• verifier: added DCAP error description helper by @pawelpros in #869
• ci: remove pull_request_target trigger from e2e wf by @mkulke in #877
• doc(cca): Fix duration of the attestation result in AS config by @anta5010 in #878
• build(deps): bump toml from 0.8.23 to 0.9.2 by @dependabot[bot] in #879
• build(deps): bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #880
• Eventlog | Support to parse AAEL by @Xynnn007 in #871
• eventlog: add sm3 hash algorithm by @Xynnn007 in #881
• build(deps): bump serde_json from 1.0.140 to 1.0.141 by @dependabot[bot] in #882
• Dockerfile: fix podman compatibility by @seungukshin in #874
• KBS: refactor in prometheus, active connections metric by @pmores in #870
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in #865
• build(deps): bump az-tdx-vtpm from 0.7.1 to 0.7.2 by @dependabot[bot] in #884
• build(deps): bump golang.org/x/crypto from 0.14.0 to 0.35.0 in /rvps/cgo by @dependabot[bot] in #883
• github-action updates by @mythi in #885
• build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group by @dependabot[bot] in #889
• build(deps): bump scroll from 0.12.0 to 0.13.0 by @dependabot[bot] in #815
• workflows: fixup token permissions by @fitzthum in #886
• build(deps): bump tokio from 1.46.1 to 1.47.1 by @dependabot[bot] in #892
• ci: fix permissions for nested workflows by @mkulke in #894
• build(deps): bump az-tdx-vtpm from 0.7.2 to 0.7.4 by @dependabot[bot] in #895
• ci: Propagate content:read from azure e2e workflow by @mkulke in #896
• verifier: pin az-vtpm crates to 0.7.1 by @mkulke in #899
• Verifier: Update CSV verifier to support AAEL parsing by @Xynnn007 in #891
• build(deps): bump clap from 4.5.41 to 4.5.42 by @dependabot[bot] in #901
• kbs: prometheus build info metric by @pmores in #893
• build(deps): bump toml from 0.9.2 to 0.9.5 by @dependabot[bot] in #906
• e2e-tests: run tests unprivileged by @mkulke in #905
• ci: harden gh action workflows by @mkulke in #897
• e2e-test: install tpm2-tools when required by @mkulke in #909
• build(deps): bump uuid from 1.17.0 to 1.18.0 by @dependabot[bot] in #911
• build(deps): bump slab from 0.4.10 to 0.4.11 in the cargo group by @dependabot[bot] in #912
• fix(verifier): Update az-vtpm crates and fix report verification by @yafu-1 in #902
• attestation-service: drop apt-key usage in Dockerfiles and tests by @mythi in #923
• Dockerfile: Bump base Ubuntu to 24.04 by @BbolroC in #924
• Bump SEV Crate to fix ARM build issue by @fitzthum in #931
• build(deps): bump serde_json from 1.0.141 to 1.0.143 by @dependabot[bot] in #921
• build(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in the cargo group by @dependabot[bot] in #933
• deps/eventlog: add digest match event data by @pawelpros in #922
• deps/verifier: Add DCAP supplemental data claims for SGX/TDX by @pawelpros in #929
• Rework Extractor Module Interface by @fitzthum in #913
• build(deps): bump scc from 2.3.4 to 2.4.0 by @dependabot[bot] in #935
• Chore: update deps by @Xynnn007 in #936
• deps/verifier: Change mapping values for TCB_STATUS by @pawelpros in #930
• lint: fix lint error by @Xynnn007 in #937
• build(deps): bump actix-rt from 2.10.0 to 2.11.0 by @dependabot[bot] in #939
• e2e-test: run tpm tests with sudo by @mkulke in #941
• AS: fix unit test with extra field for rvps by @Xynnn007 in #944
• kbs: fix config item in unit test by @Xynnn007 in #946
• build(deps): bump log from 0.4.27 to 0.4.28 by @dependabot[bot] in #943
• AS: allow underscore trustworthiness claim names in ear policy by @Xynnn007 in #945
• build(deps): bump anyhow from 1.0.98 to 1.0.99 by @dependabot[bot] in #948
• ita: Attestation v2 API and enable GPU verification by @mythi in #827
• e2e-test: disable azure TDX tests temporarily by @mkulke in #950
• deps/verifier: Revert vector result approach for TCB_STATUS by @pawelpros in #954
• docs: mark Simple token to be deprecated in v0.15.0 by @Xynnn007 in #953
• Improvements to Multi-Device Attestation by @fitzthum in #900
• attestation-policy is not protected by admin autentication by @esposem in #957
• docs: Reformat + aligned TEE available options by @pawelpros in #955
• verifier: Bump Max Supported Version of Attestation Report to 5 by @AdithyaKrishnan in #856
• kbs: Add top-level token search path by @tylerfanelli in #920
• KBS: Update kbs_protocol and kms rev by @AdithyaKrishnan in #961
• verifier: Add support for nvidia-verifier by @cclaudio in #890
• workflows: add .lycheeignore to skip sites that fail link checks by @mythi in #962

New Contributors

• @anta5010 made their first contribution in #878
• @yafu-1 made their first contribution in #902
• @esposem made their first contribution in #957

Full Changelog: v0.14.0...v0.15.0