Releases: sigstore/timestamp-authority
Releases · sigstore/timestamp-authority
v1.2.2
v1.2.1
v1.2.0
v1.2.0
v1.2.0 is based on Go 1.21.3.
Changes
Enhancements
- Support other hash algs for pre-signed timestamp besides SHA256 (#488)
- new http-ping-only flag for 'timestamp-server serve' (#474)
Bug Fixes
- Fix bug where TSA signing fails if cert hash != content hash. (#465)
Misc
Contributors
- Billy Lynch
- Carlos Tadeu Panato Junior
- Dmitry Savintsev
- Hayden B
v1.1.2
Changelog
1.1.2 fixes a signing related hash function bug and a typo.
Changes
Bug Fixes
- Fix hash function hardcoding bug by updating dependency (#452)
Misc
Contributors
- Carlos Tadeu Panato Junior
- Dmitry Savintsev
- Meredith Lancaster
Full Changelog: v1.1.1...v1.1.2
v1.1.1
Changelog
1.1.1 fixes a bug in the JSON format timestamp request code.
Changes
Bug Fixes
- Update how the JSON body is parsed (#343)
Contributors
- Meredith Lancaster
Full Changelog: v1.1.0...v1.1.1
v1.1.0
Changelog
1.1.0 now supports making timestamp requests in JSON format in addition to DER encoded format.
Changes
Enhancements
- Support timestamp requests in JSON format (#247)
Misc
- Fix typo in README (#294)
Contributors
- Andrea Cosentino
- Meredith Lancaster
Full Changelog: v1.0.0...v1.1.0
v1.0.0
Changelog
1.0 release of the timestamp authority. Thank you to all of the contributors!
v1.0.0-rc.1
v1.0.0-rc.0
Changelog
SLSA provenance is now uploaded with each release. Use slsa-verifier to verify the release.
Misc
- Mock NTP client (#217)
Contributors
- Carlos Tadeu Panato Junior
- Hayden B
- Meredith Lancaster
Full Changelog: v0.2.1...v1.0.0-rc.0
v0.2.1
Changelog
0.2.1 now rejects timestamp requests that use SHA-1. For server operators, it
now defaults to using NTP monitoring.
Changes
Enhancements
- Generate slsa provenance (#193)
- Use default NTP monitoring configuration (#186)
- Reject requests that use SHA-1 (#202)
Bug Fixes
Misc
- Update README with more details (#188)
Contributors
- Hayden B
- Hector Fernandez
- Meredith Lancaster
Full Changelog: v0.2.0...v0.2.1