Releases: transparency-dev/armored-witness-applet
Releases · transparency-dev/armored-witness-applet
v0.3.6
What's Changed
Main change is bringing in the fixes from https://github.com/transparency-dev/witness/pull/352 which should help address issues with the recovery process for logs whose local understanding of the largest tree size the witness knows about has become out of sync somehow.
Dependency bumps
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #373
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #376
- 🌱(deps): Bump github/codeql-action from 3.28.1 to 3.28.6 in the all-gha-deps group by @dependabot in #377
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #378
- Bump witness to 2141e0e43f896d5ec9af9f6312b660ea343c330d by @AlCutter in #379
Full Changelog: v0.3.5...v0.3.6
Contributors
AlCutter and dependabot
Assets 2
v0.3.5
Keeping dependencies and config fresh.
What's Changed
- 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #357
- Bump witness library and fix storage by @mhutchinson in #359
- 🌱(deps): Bump github/codeql-action from 3.27.0 to 3.27.1 in the all-gha-deps group by @dependabot in #356
- 🌱(deps): Bump github/codeql-action from 3.27.1 to 3.27.4 in the all-gha-deps group by @dependabot in #363
- 🌱(deps): Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 in the all-go-deps group by @dependabot in #362
- 🌱(deps): Bump github/codeql-action from 3.27.4 to 3.27.5 in the all-gha-deps group by @dependabot in #364
- 🌱(deps): Bump github/codeql-action from 3.27.5 to 3.27.6 in the all-gha-deps group by @dependabot in #366
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #365
- 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #367
- 🌱(deps): Bump github/codeql-action from 3.27.6 to 3.27.9 in the all-gha-deps group by @dependabot in #368
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #369
- 🌱(deps): Bump the all-go-deps group across 1 directory with 3 updates by @dependabot in #371
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #372
- Bumped witness to 353e718 by @mhutchinson in #375
Full Changelog: v0.3.4...v0.3.5
Contributors
mhutchinson and dependabot
Assets 2
v0.3.4
What's Changed
The main change in this release is pulling in changes to the omniwitness which improve the resilience of the bastion connection in the face of flakey network connections (transparency-dev/witness#293).
Deps
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #354
- Bump witness to 1b7aedbc4a2b8319d1a86e0d47b19d0087bf4957 by @AlCutter in #355
Full Changelog: v0.3.3...v0.3.4
Contributors
AlCutter and dependabot
Assets 2
v0.3.3
v0.3.2
What's Changed
Major change in this release is that the witness will now send witnessed checkpoints received via the bastion protocol to the distributor.
- Bumped witness to 64080cc by @mhutchinson in #351
- Pulling in transparency-dev/witness#288
- Raise rate limit for bastion requests by @AlCutter in #352
Full Changelog: v0.3.1...v0.3.2
Contributors
mhutchinson and AlCutter
Assets 2
v0.3.1
What's Changed
Main visible changes in this release are:
- Reduce distribution frequency by @AlCutter in #349
- Bump witness to d1b22ee5e29f6e3c0474fd66150f0ee635a9ab8d by @AlCutter in #350
- Add Sigsum's
Sea Salplog to the config - Have feeders push always push updated signatures to the distributor
- Add Sigsum's
Full Changelog: v0.3.0...v0.3.1
Contributors
AlCutter
Assets 2
v0.3.0
What's Changed
Major changes in this release are:
- Applet is now built with TamaGo 1.23.1
- Improvements in witness compliance to the
c2sp.org/tlog-witnessspec - Added bastion-specific prometheus metrics (local)
Deps
- 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #320
- 🌱(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all-gha-deps group by @dependabot in #321
- 🌱(deps): Bump github/codeql-action from 3.25.11 to 3.25.12 in the all-gha-deps group by @dependabot in #322
- 🌱(deps): Bump github/codeql-action from 3.25.12 to 3.25.13 in the all-gha-deps group by @dependabot in #323
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #324
- 🌱(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5 in the all-gha-deps group by @dependabot in #326
- 🌱(deps): Bump golang.org/x/mod from 0.19.0 to 0.20.0 in the all-go-deps group by @dependabot in #325
- 🌱(deps): Bump golang.org/x/crypto from 0.25.0 to 0.26.0 in the all-go-deps group by @dependabot in #328
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #327
- 🌱(deps): Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 in the all-go-deps group by @dependabot in #329
- 🌱(deps): Bump github/codeql-action from 3.26.0 to 3.26.3 in the all-gha-deps group by @dependabot in #330
- 🌱(deps): Bump github/codeql-action from 3.26.3 to 3.26.5 in the all-gha-deps group by @dependabot in #332
- 🌱(deps): Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 in the all-go-deps group by @dependabot in #331
- 🌱(deps): Bump google.golang.org/grpc from 1.65.0 to 1.66.0 in the all-go-deps group by @dependabot in #334
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #333
- 🌱(deps): Bump the all-go-deps group with 4 updates by @dependabot in #336
- 🌱(deps): Bump google.golang.org/grpc from 1.66.1 to 1.66.2 in the all-go-deps group by @dependabot in #337
- 🌱(deps): Bump github/codeql-action from 3.26.6 to 3.26.7 in the all-gha-deps group by @dependabot in #338
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #341
- 🌱(deps): Bump github/codeql-action from 3.26.7 to 3.26.8 in the all-gha-deps group by @dependabot in #340
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #342
- 🌱(deps): Bump the all-gha-deps group with 3 updates by @dependabot in #343
- 🌱(deps): Bump the all-go-deps group with 3 updates by @dependabot in #344
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #345
- Bump tamago to 1.23.1 by @AlCutter in #339
- Bump witness to c8230698319e69ae0d19aba6910272ab48e2c341 by @AlCutter in #346
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #347
- Bump witness to 36d0b0ec90da47c383e89afa0163f819afae92e6 by @AlCutter in #348
Full Changelog: v0.2.1...v0.3.0
Contributors
AlCutter and dependabot
Assets 2
v0.2.1
What's Changed
This patch release configures the production AW devices to register with the Sigsum bastion host.
Dependency updates
- 🌱(deps): Bump github.com/transparency-dev/armored-witness-os from 0.1.3-0.20240524123036-bdd4b0b96386 to 0.2.0 in the all-go-deps group by @dependabot in #319
- 🌱(deps): Bump github/codeql-action from 3.25.10 to 3.25.11 in the all-gha-deps group by @dependabot in #318
Full Changelog: v0.2.0...v0.2.1
Contributors
dependabot
Assets 2
v0.2.0
What's Changed
This release adds support for the new bastion protocol, allowing participating logs to synchronously request cosignatures from witnesses while keeping the witnesses themselves non-addressable.
Merged PRs
- Update dependabot weekly instead of daily by @mhutchinson in #308
- Refactor to allow attesting to other things by @AlCutter in #310
- Derive BastionID by @AlCutter in #302
- Add bastion feeder support by @AlCutter in #311
- Add status HTTP endpoint by @AlCutter in #312
- Wire up bastion rate limit by @AlCutter in #316
- Bump Tamago to 1.22.4 by @AlCutter in #317
Dependency bumps
- 🌱(deps): Bump actions/upload-artifact from 4.3.1 to 4.3.2 in the all-gha-deps group by @dependabot in #286
- 🌱(deps): Bump golang.org/x/net from 0.21.0 to 0.23.0 by @dependabot in #287
- 🌱(deps): Bump actions/checkout from 4.1.2 to 4.1.3 in the all-gha-deps group by @dependabot in #288
- 🌱(deps): Bump actions/upload-artifact from 4.3.2 to 4.3.3 in the all-gha-deps group by @dependabot in #289
- 🌱(deps): Bump actions/checkout from 4.1.3 to 4.1.4 in the all-gha-deps group by @dependabot in #290
- 🌱(deps): Bump the all-go-deps group with 6 updates by @dependabot in #291
- 🌱(deps): Bump github.com/beevik/ntp from 1.3.1 to 1.4.0 in the all-go-deps group by @dependabot in #292
- 🌱(deps): Bump github.com/beevik/ntp from 1.4.0 to 1.4.1 in the all-go-deps group by @dependabot in #293
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #295
- 🌱(deps): Bump actions/checkout from 4.1.4 to 4.1.5 in the all-gha-deps group by @dependabot in #294
- 🌱(deps): Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 in the all-go-deps group by @dependabot in #297
- 🌱(deps): Bump ossf/scorecard-action from 2.3.1 to 2.3.3 in the all-gha-deps group by @dependabot in #296
- 🌱(deps): Bump google.golang.org/grpc from 1.63.2 to 1.64.0 in the all-go-deps group by @dependabot in #298
- 🌱(deps): Bump actions/checkout from 4.1.5 to 4.1.6 in the all-gha-deps group by @dependabot in #299
- 🌱(deps): Bump github/codeql-action from 2.13.4 to 3.25.5 in the all-gha-deps group by @dependabot in #300
- 🌱(deps): Bump github/codeql-action from 3.25.5 to 3.25.6 in the all-gha-deps group by @dependabot in #301
- 🌱(deps): Bump github.com/beevik/ntp from 1.4.1 to 1.4.2 in the all-go-deps group by @dependabot in #303
- 🌱(deps): Bump github.com/beevik/ntp from 1.4.2 to 1.4.3 in the all-go-deps group by @dependabot in #304
- 🌱(deps): Bump github/codeql-action from 3.25.6 to 3.25.7 in the all-gha-deps group by @dependabot in #305
- 🌱(deps): Bump github/codeql-action from 3.25.7 to 3.25.8 in the all-gha-deps group by @dependabot in #307
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #306
- 🌱(deps): Bump the all-go-deps group with 2 updates by @dependabot in #314
- 🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot in #313
Full Changelog: v0.1.1...v0.2.0
Contributors
mhutchinson, AlCutter, and dependabot
