Skip to content

Autocert v0.19.1 (24-04-18)
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Apr 00:36
v0.19.1
1c726ae
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Signatures and Checksums

autocert uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

COSIGN_EXPERIMENTAL=1 cosign verify-blob \
  --certificate ~/Downloads/autocert_linux_0.19.1_amd64.tar.gz.pem \
  --signature ~/Downloads/autocert_linux0.19.1_amd64.tar.gz.sig \
  ~/Downloads/autocert_linux0.19.1_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

  • 1c726ae Merge pull request #241 from smallstep/max/goreleaser-prompt-yes
  • abf3603 Auto-accept cosign prompt in goreleaser

Thanks!

Those were the changes on v0.19.1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peak at the freshest PKI memes.

Assets 11
Loading