Releases: SRv6d/hanko
Releases · SRv6d/hanko
v0.4.1
What's Changed
Security
- Update yanked futures-rs version containing use after free.
Full Changelog: v0.4.0...v0.4.1
v0.4.0
What's Changed
Added
- A Changelog.
- Build provenance file to releases.
Removed
- Allowed signers file option from configuration file.
Full Changelog: v0.3.0...v0.4.0
v0.3.0
What's Changed
- Check for broken links once a week by @SRv6d in #66
- Configure dependabot by @SRv6d in #67
- Bump tokio from 1.38.0 to 1.38.1 by @dependabot in #71
- Bump peter-evans/create-issue-from-file from 4 to 5 by @dependabot in #69
- Bump crate-ci/typos from 1.20.8 to 1.23.2 by @dependabot in #68
- Bump thiserror from 1.0.62 to 1.0.63 by @dependabot in #70
- Add cargo-deny by @SRv6d in #72
- Add container image by @SRv6d in #73
- Add logs to config in debug and trace mode by @SRv6d in #74
- Add github as a default user source if left unspecified by @SRv6d in #75
- Bump assert_cmd from 2.0.14 to 2.0.15 by @dependabot in #79
- Bump crate-ci/typos from 1.23.2 to 1.23.6 by @dependabot in #81
- Bump CodSpeedHQ/action from 2 to 3 by @dependabot in #82
- Bump clap from 4.5.9 to 4.5.13 by @dependabot in #80
- Bump serde_json from 1.0.120 to 1.0.121 by @dependabot in #78
- Bump tokio from 1.38.1 to 1.39.2 by @dependabot in #77
- Bump gix-config from 0.37.0 to 0.38.0 by @dependabot in #76
- Enable dependabot devcontainer feature updates by @SRv6d in #83
- Bump serde_json from 1.0.121 to 1.0.123 by @dependabot in #85
- Bump tempfile from 3.10.1 to 3.12.0 by @dependabot in #88
- Bump assert_cmd from 2.0.15 to 2.0.16 by @dependabot in #89
- Bump EmbarkStudios/cargo-deny-action from 1 to 2 by @dependabot in #84
- Bump serde from 1.0.204 to 1.0.206 by @dependabot in #86
- Bump rstest from 0.21.0 to 0.22.0 by @dependabot in #87
- Replace deprecated crates extension with dependi in devcontainer by @SRv6d in #90
- Bump crate-ci/typos from 1.23.6 to 1.24.3 by @dependabot in #96
- Bump serde_json from 1.0.123 to 1.0.127 by @dependabot in #95
- Bump reqwest from 0.12.5 to 0.12.7 by @dependabot in #93
- Bump tokio from 1.39.2 to 1.40.0 by @dependabot in #92
- Make gix-config dependency optional through
detect-allowed-signersfeature by @SRv6d in #97 - Bump clap from 4.5.13 to 4.5.16 by @dependabot in #91
- Bump quinn-proto from 0.11.3 to 0.11.8 by @dependabot in #98
- Pin dev dependencies to their exact version and group them in dependabot upgrades by @SRv6d in #99
- Bump crate-ci/typos from 1.24.3 to 1.24.5 by @dependabot in #100
- Bump serde from 1.0.206 to 1.0.210 by @dependabot in #101
- Bump anyhow from 1.0.86 to 1.0.87 by @dependabot in #102
- Bump gix-path from 0.10.10 to 0.10.11 by @dependabot in #105
- Bump clap from 4.5.16 to 4.5.17 by @dependabot in #104
- Bump async-trait from 0.1.81 to 0.1.82 by @dependabot in #103
- Use reqwest blocking feature in dev dependencies only by @SRv6d in #106
- Separate CI workflow into test and verify by @SRv6d in #107
- Remove
Swellaby.vscode-rust-test-adapterextension from devcontainer by @SRv6d in #108 - Add justfile by @SRv6d in #109
- Pin ubuntu version in benchmark workflow to
ubuntu-22.04since codspeed does not supportubuntu-24.04by @SRv6d in #110 - Bump anyhow from 1.0.87 to 1.0.89 by @dependabot in #111
- Bump crate-ci/typos from 1.24.5 to 1.25.0 by @dependabot in #116
- Bump thiserror from 1.0.63 to 1.0.64 by @dependabot in #112
- Bump tempfile from 3.12.0 to 3.13.0 by @dependabot in #115
- Bump clap from 4.5.17 to 4.5.19 by @dependabot in #117
- Bump reqwest from 0.12.7 to 0.12.8 by @dependabot in #113
- Track test coverage by @SRv6d in #118
- Harden workflows by @SRv6d in #119
- Add security policy by @SRv6d in #120
- Add OpenSSF Scorecard workflow by @SRv6d in #121
- Use minimal required permissions in build workflow by @SRv6d in #122
- Add OpenSSF best practices badge by @SRv6d in #123
- Add OpenSSF Scorecard badge by @SRv6d in #124
- Improve module structure and naming, use reference counting for sources by @SRv6d in #125
- Log GitHub ratelimit at trace log level by @SRv6d in #126
- Explicitly set global read permissions in build workflow by @SRv6d in #127
- Rename benchmark workflow to match filename by @SRv6d in #129
- Update all dependencies by @SRv6d in #128
- Bump version to v0.3.0 by @SRv6d in #131
Full Changelog: v0.2.1...v0.3.0
Contributors
SRv6d and dependabot
Assets 9
v0.2.1
This release fixes CVE-2024-40644 in gix-path.
What's Changed
- Run cargo directly instead of using unmaintained cargo-rs action by @SRv6d in #63
- Bump gix-path from 0.10.8 to 0.10.9 by @dependabot in #64
- Bump version to
0.2.1by @SRv6d in #65
New Contributors
- @dependabot made their first contribution in #64
Full Changelog: v0.2.0...v0.2.1
Contributors
SRv6d and dependabot
Assets 9
v0.2.0
What's Changed
- Don't include directories in zip release archive by @SRv6d in #53
- Customize reqwest client by @SRv6d in #54
- Log API responses in trace mode by @SRv6d in #55
- Add provenance attestation build step by @SRv6d in #57
- Remove openssl-sys dependency by @SRv6d in #58
- Install gcc and musl tools for respective build environments by @SRv6d in #59
- Fix aarch64 builds by @SRv6d in #60
- Bump version to
0.2.0by @SRv6d in #61 - Add MIT license by @SRv6d in #62
Full Changelog: v0.1.0...v0.2.0
Contributors
SRv6d