Skip to content

Release v1.8.0

Jump to bottom
GitHub Action edited this page Aug 31, 2023 · 1 revision

Published: 2023-08-31T22:34:02.279283704Z

Release Notes

https://github.com/jreleaser/jreleaser/releases/tag/v1.8.0

Binaries

🌟 Universal

These binaries require an external Java runtime.

☕️ Bundled Java Runtimes

These binaries provide their own Java runtime.

Platform Artifact
MacOS x86_64 jreleaser-standalone-1.8.0-osx-x86_64.zip (asc)
sha256:dd9e195a3199457b14b68f9eadf62a0498c4161640f190182f60463d6c317d77
MacOS Arm64 jreleaser-standalone-1.8.0-osx-aarch64.zip (asc)
sha256:34af29c284f3f69707c741ea96f779b5dcbe64cbdb124743ca3cf93173560df6
Linux x86_64 (musl) jreleaser-standalone-1.8.0-linux_musl-x86_64.zip (asc)
sha256:93446c7c39e9fdcff459b3d2785c6bca4a1b025954867dbd5b6ad736c0cc91c3
Linux Arm64 (musl) jreleaser-standalone-1.8.0-linux_musl-aarch64.zip (asc)
sha256:b9cfb6bbf9531181136531b2be58c2ca6a1469c3b4c4cd459070145b7c77b662
Linux x86_64 (glibc) jreleaser-standalone-1.8.0-linux-x86_64.zip (asc)
sha256:ad9f70fc724fa1009ec05ec68b84ac306ad54f2e16c2cc0ec32cb3018105ae62
Linux Arm64 (glibc) jreleaser-standalone-1.8.0-linux-aarch64.zip (asc)
sha256:2efcde7f698feaed5135d15c71c9068d3b0759cbfc36492637c22b98de0e2425
Windows x86_64 jreleaser-standalone-1.8.0-windows-x86_64.zip (asc)
sha256:72ba6599e48149b2b7840ffe01c8e2f5e0de446ea634741420c520166316d9de
Windows Arm64 jreleaser-standalone-1.8.0-windows-aarch64.zip (asc)
sha256:a9e55fead5a464813394b06a78e5d12899e16571662ab6f8f8b56ae78e404aca

📦 Installers

These binaries provide their own Java runtime.

💻 Native Executables

Verify Provenance

SBOMS

SLSA

  1. Install or build the slsa-verifier binary.
  2. Download jreleaser-all-1.8.0.intoto.jsonl
  3. Download the binary or binary files you'd like to verify.
  4. Run the verifier against the binary. For example
$ slsa-verifier verify-artifact jreleaser-1.8.0.zip \
   --provenance-path jreleaser-all-1.8.0.intoto.jsonl \
   --source-uri github.com/jreleaser/jreleaser
Verified signature against tlog entry index 8865454 at URL: https://rekor.sigstore.dev/api/v1/log/entries/24296fb24b8ad77acceaa92d35076867e961260048db8f9ee7726329e5a14ae3a6cfd678aeacad11
Verified build using builder https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@refs/tags/v1.4.0 at commit caa516c7c52ca72a352f97e4153334080f8b7f43
PASSED: Verified SLSA provenance

PGP

  1. Download the public key
  2. Verify the fingerprint matches the following:
$ gpg --show-keys aalmiray.asc
pub   rsa4096 2021-02-10 [SC] [expires: 2031-02-08]
      F1D5F6A91C86B0702CD0734BCCC55C5167419ADB
uid                      Andres Almiray <aalmiray@gmail.com>
sub   rsa4096 2021-02-10 [E] [expires: 2031-02-08]
  1. Import the key with gpg --import aalmiray.asc.
  2. Verify the chosen artifact with:
$ gpg --verify jreleaser-1.8.0.zip.asc jreleaser-1.8.0.zip
gpg: Signature made Tue Dec 13 06:51:49 2022 CET
gpg:                using RSA key CCC55C5167419ADB
gpg: Good signature from "Andres Almiray <aalmiray@gmail.com>" [ultimate]

For questions, support and general discussion, please use GitHub Discussions.

Examples and reference may be found at https://jreleaser.org.
Would you like to help? You can sponsor or contribute.
You can reach us at Twitter and Mastodon.

Menu

Clone this wiki locally