Skip to content

Releases: google/certificate-transparency-go

v1.3.0

26 Nov 18:21
023c636
Compare
Choose a tag to compare

What's Changed

CTFE Storage Saving: Extra Data Issuance Chain Deduplication

This feature now supports PostgreSQL, in addition to the support for MySQL/MariaDB that was added in v1.2.0.

Log operators can choose to enable this feature for new PostgreSQL-based CT logs by adding new CTFE configs in the LogMultiConfig and importing the database schema. The other available options are documented in the v1.2.0 changelog entry.

This change is tested in Cloud Build tests using the postgres:17 Docker image as of the time of writing.

Misc

Dependency update

  • Bump the all-deps group with 4 updates by @dependabot in #1609
  • Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1611
  • Bump github/codeql-action from 3.27.0 to 3.27.1 in the all-deps group by @dependabot in #1610
  • Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1612
  • Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group by @dependabot in #1613
  • Bump the docker-deps group across 3 directories with 2 updates by @dependabot in #1616
  • Bump github/codeql-action from 3.27.1 to 3.27.2 in the all-deps group by @dependabot in #1615
  • Bump the docker-deps group across 4 directories with 2 updates by @dependabot in #1622
  • Bump github/codeql-action from 3.27.2 to 3.27.4 in the all-deps group by @dependabot in #1620
  • Bump the all-deps group with 4 updates by @dependabot in #1621
  • Bump github.com/google/trillian from 1.6.1 to 1.7.0 in the all-deps group by @dependabot in #1624
  • Bump github/codeql-action from 3.27.4 to 3.27.5 in the all-deps group by @dependabot in #1625

Full Changelog: v1.2.2...v1.3.0

v1.2.2

30 Oct 16:32
6b2be75
Compare
Choose a tag to compare

What's Changed

  • Recommended Go version for development: 1.22
    • Using a different version can lead to presubmits failing due to unexpected diffs.

Add TLS Support

Add TLS support for Trillian: By using --trillian_tls_ca_cert_file flag, users can provide a CA certificate, that is used to establish a secure communication with Trillian log server.

Add TLS support for ct_server: By using --tls_certificate and --tls_key flags, users can provide a service certificate and key, that enables the server to handle HTTPS requests.

HTTP Idle Connection Timeout Flag

A new flag http_idle_timeout is added to set the HTTP server's idle timeout value in the ct_server binary. This controls the maximum amount of time to wait for the next request when keep-alives are enabled.

Misc

Fixes

Dependency update

  • Bump go.etcd.io/etcd/v3 from 3.5.13 to 3.5.14 by @dependabot in #1500
  • Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #1501
  • Bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in #1503
  • Group dependabot updates as much as possible by @mhutchinson in #1506
  • Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1507
  • Bump the all-deps group with 2 updates by @dependabot in #1511
  • Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1510
  • Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /integration in the all-deps group by @dependabot in #1509
  • Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1508
  • Bump the all-deps group with 3 updates by @dependabot in #1516
  • Bump golang from aec4784 to 9678844 in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1518
  • Bump alpine from 3.19 to 3.20 in /trillian/examples/deployment/docker/envsubst by @dependabot in #1492
  • Bump golang from aec4784 to 9678844 in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1517
  • Bump golang from aec4784 to 9678844 in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1513
  • Bump the all-deps group with 2 updates by @dependabot in #1515
  • Bump golang from aec4784 to 9678844 in /integration in the all-deps group by @dependabot in #1514
  • Bump alpine from 77726ef to b89d9c9 in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in #1519
  • Bump k8s.io/klog/v2 from 2.130.0 to 2.130.1 in the all-deps group by @dependabot in #1521
  • Bump alpine from 77726ef to b89d9c9 in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1520
  • Bump github/codeql-action from 3.25.10 to 3.25.11 in the all-deps group by @dependabot in #1526
  • Bump version of go used by the vuln checker by @mhutchinson in #1527
  • Bump the all-deps group with 3 updates by @dependabot in #1530
  • Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1531
  • Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1532
  • Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in #1533
  • Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all-deps group by @dependabot in #1534
  • Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /integration in the all-deps group by @dependabot in #1535
  • Bump the all-deps group with 2 updates by @dependabot in #1536
  • Bump github/codeql-action from 3.25.12 to 3.25.13 in the all-deps group by @dependabot in #1538
  • Bump the all-deps group with 3 updates by @dependabot in #1537
  • Bump the all-deps group with 2 updates by @dependabot in #1543
  • Bump golang from 6c27802 to af9b40f in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1544
  • Bump golang from 6c27802 to af9b40f in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1548
  • Bump golang from 6c27802 to af9b40f in /integration in the all-deps group by @dependabot in #1547
  • Bump alpine from b89d9c9 to 0a4eaa0 in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in #1546
  • Bump the all-deps group in /internal/witness/cmd/feeder with 2 updates by @dependabot in #1545
  • Bump the all-deps group with 2 updates by @dependabot in #1549
  • Bump golang.org/x/time from 0.5.0 to 0.6.0 in the all-deps group by @dependabot in #1550
  • Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1552
  • Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1553
  • Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /integration in the all-deps group by @dependabot in #1554
  • Bump the all-deps group with 2 updates by @dependabot in #1555
  • Bump the all-deps group with 2 updates by @dependabot in #1556
  • Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1557
  • Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 in the all-deps group by @dependabot in #1559
  • Bump github/codeql-action from 3.26.0 to 3.26.3 in the all-deps group by @dependabot in #1561
  • Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in #1558
  • Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in #1563
  • Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in #1560
  • Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /integration in the all-deps group by @dependabot in #1562
  • Bump go version t...
Read more

v1.2.1

30 May 15:30
2308f62
Compare
Choose a tag to compare

What's Changed

Fixes

Dependency update

Full Changelog: v1.2.0...v1.2.1

v1.2.0

28 May 15:39
0c9c98f
Compare
Choose a tag to compare

What's Changed

CTFE Storage Saving: Extra Data Issuance Chain Deduplication

To reduce CT/Trillian database storage by deduplication of the entire issuance chain (intermediate certificate(s) and root certificate) that is currently stored in the Trillian merkle tree leaf ExtraData field. Storage cost should be reduced by at least 33% for new CT logs with this feature enabled. Currently only MySQL/MariaDB is supported to store the issuance chain in the CTFE database.

Existing logs are not affected by this change.

Log operators can choose to opt-in this change for new CT logs by adding new CTFE configs in the LogMultiConfig and importing the database schema. See example.

  • ctfe_storage_connection_string
  • extra_data_issuance_chain_storage_backend

An optional LRU cache can be enabled by providing the following flags.

  • cache_type
  • cache_size
  • cache_ttl

This change is tested in Cloud Build tests using the mysql:8.4 Docker image as of the time of writing.

  • Add issuance chain storage interface by @roger2hk in #1430
  • Add issuance chain cache interface by @roger2hk in #1431
  • Add CTFE extra data storage saving configs to config.proto by @roger2hk in #1432
  • Add new types PrecertChainEntryHash and CertificateChainHash for TLS marshal/unmarshal in storage saving by @roger2hk in #1435
  • Add IssuanceChainCache LRU implementation by @roger2hk in #1454
  • Add issuance chain service by @roger2hk in #1452
  • Add CTFE extra data storage saving configs validation by @roger2hk in #1456
  • Add IssuanceChainStorage MySQL implementation by @roger2hk in #1462
  • Fix errcheck lint in mysql test by @roger2hk in #1464
  • CTFE Extra Data Issuance Chain Deduplication by @roger2hk in #1477
  • Fix incorrect deployment doc and server config by @roger2hk in #1494

Submission proxy: Root compatibility checking

  • Adds the ability for a CT client to disable root compatibile checking by @aaomidi in #1258

Fixes

  • Return 429 Too Many Requests for gRPC error code ResourceExhausted from Trillian by @roger2hk in #1401
  • Safeguard against redirects on PUT request by @mhutchinson in #1418
  • Fix CT client upload to be safe against no-op POSTs by @mhutchinson in #1424

Misc

Dependency update

  • Bump distroless/base-debian12 from 5eae9ef to 28a7f1f in /trillian/examples/deployment/docker/ctfe by @dependabot in #1388
  • Bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in #1389
  • Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1390
  • Bump golang from 6699d28 to 7f9c058 in /integration by @dependabot in #1391
  • Bump golang from 6699d28 to 7f9c058 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1392
  • Bump golang from 6699d28 to 7a392a2 in /internal/witness/cmd/witness by @dependabot in #1393
  • Bump golang from 6699d28 to 7a392a2 in /internal/witness/cmd/feeder by @dependabot in #1394
  • Bump golang from 7a392a2 to d996c64 in /internal/witness/cmd/witness by @dependabot in #1395
  • Bump golang from 7f9c058 to d996c64 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1396
  • Bump golang from 7a392a2 to d996c64 in /internal/witness/cmd/feeder by @dependabot in #1397
  • Bump golang from 7f9c058 to d996c64 in /integration by @dependabot in #1398
  • Bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in #1400
  • Bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #1402
  • Bump go.etcd.io/etcd/v3 from 3.5.12 to 3.5.13 by @dependabot in #1405
  • Bump distroless/base-debian12 from 28a7f1f to 611d30d in /trillian/examples/deployment/docker/ctfe by @dependabot in #1406
  • Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in #1407
  • Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in #1408
  • update govulncheck go version from 1.21.8 to 1.21.9 by @phbnf in #1412
  • Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /integration by @dependabot in #1409
  • Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/witness by @dependabot in #1410
  • Bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @dependabot in #1414
  • Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/feeder by @dependabot in #1411
  • Bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in #1415
  • Bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in #1416
  • Bump google.golang.org/grpc from 1.62.1 to 1.63.2 by @dependabot in #1417
  • Bump github.com/fullstorydev/grpcurl from 1.8.9 to 1.9.1 by @dependabot in #1419
  • Bump golang from 48b942a to 3451eec in /integration by @dependabot in #1421
  • Bump golang from 48b942a to 3451eec in /trillian/examples/deployment/docker/ctfe by @dependabot in #1423
  • Bump golang from 48b942a to 3451eec in /internal/witness/cmd/witness by @dependabot in #1420
  • Bump golang from 3451eec to b03f3ba in /integration by @dependabot in #1426
  • Bump golang from 3451eec to b03f3ba in /trillian/examples/deployment/docker/ctfe by @dependabot in #1425
  • Bump golang from 48b942a to 3451eec in /internal/witness/cmd/feeder by @dependabot in #1422
  • Bump golang from 3451eec to b03f3ba in /internal/witness/cmd/witness by @dependabot in #1427
  • Bump golang from 3451eec to b03f3ba in /internal/witness/cmd/feeder by @dependabot in #1428
  • Bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in #1433
  • Bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #1434
  • Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #1436
  • Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #1437
  • Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #1440
  • Bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #1441
  • Bump golang from b03f3ba to d0902ba in /internal/witness/cmd/feeder by @dependabot in #1444
  • Bump golang from b03f3ba to d0902ba in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github...
Read more

v1.1.8

11 Mar 13:59
59b9bd9
Compare
Choose a tag to compare

What's Changed

  • Recommended Go version for development: 1.21
    • Using a different version can lead to presubmits failing due to unexpected diffs.

Monitoring

  • Distribution metric to monitor the start of get-entries requests by @phbnf in #1364

Add support for AIX

Fixes

Misc

Dependency update

  • Bump golang from 20f9ab5 to 5ee1296 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1216
  • Bump golang from 20f9ab5 to 5ee1296 in /internal/witness/cmd/witness by @dependabot in #1217
  • Bump golang from 20f9ab5 to 5ee1296 in /internal/witness/cmd/feeder by @dependabot in #1218
  • Bump k8s.io/klog/v2 from 2.100.1 to 2.110.1 by @dependabot in #1219
  • Bump golang from 20f9ab5 to 5ee1296 in /integration by @dependabot in #1220
  • Bump golang from 5ee1296 to 5bafbbb in /integration by @dependabot in #1221
  • Bump golang from 5ee1296 to 5bafbbb in /internal/witness/cmd/feeder by @dependabot in #1222
  • Bump golang from 5ee1296 to 5bafbbb in /internal/witness/cmd/witness by @dependabot in #1223
  • Bump golang from 5ee1296 to 5bafbbb in /trillian/examples/deployment/docker/ctfe by @dependabot in #1224
  • Update the minimal image to gcr.io/distroless/base-debian12 by @roger2hk in #1148
  • Bump jq from 1.6 to 1.7 by @roger2hk in #1225
  • Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #1226
  • Bump golang.org/x/time from 0.3.0 to 0.4.0 by @dependabot in #1227
  • Bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.18 by @dependabot in #1228
  • Bump github.com/gorilla/mux from 1.8.0 to 1.8.1 by @dependabot in #1229
  • Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in #1232
  • Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /internal/witness/cmd/witness by @dependabot in #1233
  • Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /integration by @dependabot in #1234
  • Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /internal/witness/cmd/feeder by @dependabot in #1235
  • Bump go-version-input from 1.20.10 to 1.20.11 in govulncheck.yml by @roger2hk in #1238
  • Bump golang.org/x/net from 0.17.0 to 0.18.0 by @dependabot in #1236
  • Bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot in #1240
  • Bump github/codeql-action from 2.22.6 to 2.22.7 by @dependabot in #1241
  • Bump golang from 85aacbe to dadce81 in /integration by @dependabot in #1243
  • Bump golang from 85aacbe to dadce81 in /internal/witness/cmd/feeder by @dependabot in #1242
  • Bump golang from 85aacbe to dadce81 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1244
  • Bump golang from 85aacbe to dadce81 in /internal/witness/cmd/witness by @dependabot in #1245
  • Bump golang from dadce81 to 52362e2 in /internal/witness/cmd/witness by @dependabot in #1247
  • Bump golang from dadce81 to 52362e2 in /integration by @dependabot in #1248
  • Bump golang from dadce81 to 52362e2 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1249
  • Bump golang from dadce81 to 52362e2 in /internal/witness/cmd/feeder by @dependabot in #1250
  • Bump github/codeql-action from 2.22.7 to 2.22.8 by @dependabot in #1251
  • Bump golang.org/x/net from 0.18.0 to 0.19.0 by @dependabot in #1252
  • Bump golang.org/x/time from 0.4.0 to 0.5.0 by @dependabot in #1254
  • Bump alpine from eece025 to 34871e7 in /internal/witness/cmd/feeder by @dependabot in #1256
  • Bump alpine from eece025 to 34871e7 in /trillian/examples/deployment/docker/envsubst by @dependabot in #1257
  • Bump go-version-input from 1.20.11 to 1.20.12 in govulncheck.yml by @roger2hk in #1264
  • Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #1261
  • Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /internal/witness/cmd/witness by @dependabot in #1259
  • Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /integration by @dependabot in #1263
  • Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /internal/witness/cmd/feeder by @dependabot in #1262
  • Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in #1260
  • Bump go.etcd.io/etcd/v3 from 3.5.10 to 3.5.11 by @dependabot in #1266
  • Bump github/codeql-action from 2.22.8 to 2.22.9 by @dependabot in #1269
  • Bump alpine from 34871e7 to 51b6726 in /internal/witness/cmd/feeder by @dependabot in #1270
  • Bump alpine from 3.18 to 3.19 in /trillian/examples/deployment/docker/envsubst by @dependabot in #1271
  • Bump golang from a6b787c to 2d3b13c in /internal/witness/cmd/feeder by @dependabot in #1272
  • Bump golang from a6b787c to 2d3b13c in /internal/witness/cmd/witness by @dependabot in #1273
  • Bump golang from a6b787c to 2d3b13c in /integration by @dependabot in #1274
  • Bump golang from a6b787c to 2d3b13c in /trillian/examples/deployment/docker/ctfe by @dependabot in #1275
  • Bump github/codeql-action from 2.22.9 to 2.22.10 by @dependabot in #1278
  • Bump google.golang.org/grpc from 1.59.0 to 1.60.0 by @dependabot in #1279
  • Bump github/codeql-action from 2.22.10 to 3.22.11 by @dependabot in #1280
  • Bump distroless/base-debian12 from 1dfdb5e to 8a0bb63 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1281
  • Bump github.com/google/trillian from 1.5.3 to 1.5.4-0.20240110091238-00ca9abe023d by @mhutchinson in #1297
  • Bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in #1282
  • Bump github/codeql-action from 3.22.11 to 3.23.0 by @dependabot in #1295
  • Bump github.com/mattn/go-sqlite3 from 1.14.18 to 1.14.19 by @dependabot in #1283
  • Bump golang from 1.21.5-bookworm to 1.21.6-bookworm in /integration by @dependabot in #1300
  • Bump d...
Read more

v1.1.7

01 Nov 18:26
42c8cff
Compare
Choose a tag to compare

What's Changed

  • Recommended Go version for development: 1.20

    • This is the version used by the Cloud Build presubmits. Using a different version can lead to presubmits failing due to unexpected diffs.
  • Bump golangci-lint from 1.51.1 to 1.55.1 (developers should update to this version).

Add support for WASI port

Add support for IBM Z operating system z/OS

Log List

  • Add support for "is_all_logs" field in loglist3 by @phbnf in #1095

Documentation

  • Improve Dockerized Test Deployment documentation by @roger2hk in #1179

Misc

Dependency update

  • Bump Go from 1.19 to 1.20 by @roger2hk in #1146
  • Bump golangci-lint from 1.51.1 to 1.55.1 by @roger2hk in #1214
  • Bump go.etcd.io/etcd/v3 from 3.5.8 to 3.5.9 by @dependabot in #1083
  • Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #108
  • Bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in #1092
  • Bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in #1094
  • Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #1098
  • Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @dependabot in #1099
  • Bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in #1108
  • Bump actions/checkout from 3.1.0 to 3.5.3 by @dependabot in #1103
  • Bump github/codeql-action from 2.1.27 to 2.20.3 by @dependabot in #1104
  • Bump ossf/scorecard-action from 2.0.6 to 2.2.0 by @dependabot in #1105
  • Bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #1106
  • Bump github/codeql-action from 2.20.3 to 2.20.4 by @dependabot in #1115
  • Bump github/codeql-action from 2.20.4 to 2.21.0 by @dependabot in #1117
  • Bump golang.org/x/net from 0.12.0 to 0.14.0 by @dependabot in #1124
  • Bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in #1121
  • Bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in #1125
  • Bump golang from fd9306e to eb3f9ac in /integration by @dependabot in #1127
  • Bump alpine from 3.8 to 3.18 in /trillian/examples/deployment/docker/envsubst by @dependabot in #1129
  • Bump golang from fd9306e to eb3f9ac in /trillian/examples/deployment/docker/ctfe by @dependabot in #1128
  • Bump alpine from 82d1e9d to 7144f7b in /internal/witness/cmd/feeder by @dependabot in #1130
  • Bump golang from fd9306e to eb3f9ac in /internal/witness/cmd/witness by @dependabot in #1131
  • Bump golang from 1.19-alpine to 1.21-alpine in /internal/witness/cmd/feeder by @dependabot in #1132
  • Bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #1134
  • Bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in #1135
  • Bump distroless/base from 73deaaf to 46c5b9b in /trillian/examples/deployment/docker/ctfe by @dependabot in #1136
  • Bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #1137
  • Bump golang.org/x/net from 0.14.0 to 0.15.0 by @dependabot in #1139
  • Bump github.com/rs/cors from 1.9.0 to 1.10.0 by @dependabot in #1140
  • Bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #1141
  • Bump golang from 445f340 to 96634e5 in /internal/witness/cmd/feeder by @dependabot in #1142
  • Bump github/codeql-action from 2.21.5 to 2.21.6 by @dependabot in #1149
  • Bump Docker golang base images to 1.21.1 by @roger2hk in #1147
  • Bump github/codeql-action from 2.21.6 to 2.21.7 by @dependabot in #1150
  • Bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in #1152
  • Bump golang from d3114db to a0b3bc4 in /internal/witness/cmd/feeder by @dependabot in #1155
  • Bump golang from d3114db to a0b3bc4 in /internal/witness/cmd/witness by @dependabot in #1157
  • Bump golang from d3114db to a0b3bc4 in /integration by @dependabot in #1156
  • Bump golang from d3114db to a0b3bc4 in /trillian/examples/deployment/docker/ctfe by @dependabot in #1158
  • Bump golang from e06b3a4 to 114b9cc in /integration by @dependabot in #1159
  • Bump golang from a0b3bc4 to 114b9cc in /internal/witness/cmd/feeder by @dependabot in #1160
  • Bump golang from a0b3bc4 to 114b9cc in /internal/witness/cmd/witness by @dependabot in #1161
  • Bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #1162
  • Bump golang from 114b9cc to 9c7ea4a in /internal/witness/cmd/feeder by @dependabot in #1163
  • Bump golang from 114b9cc to 9c7ea4a in /integration by @dependabot in #1166
  • Bump golang from 114b9cc to 9c7ea4a in /trillian/examples/deployment/docker/ctfe by @dependabot in #1165
  • Bump golang from 114b9cc to 9c7ea4a in /internal/witness/cmd/witness by @dependabot in #1164
  • Bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in #1169
  • Bump golang from 9c7ea4a to 61f84bc in /integration by @dependabot in #1168
  • Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #1...
Read more

v1.1.6

11 May 08:02
55b99fc
Compare
Choose a tag to compare

What's Changed

Deployments

Repo config

Dependency update

Misc

  • Update CHANGELOG.md for v1.1.5 release by @phbnf in #1063

Full Changelog: v1.1.5...v1.1.6

v1.1.5

26 Apr 13:16
f19baea
Compare
Choose a tag to compare

Key management

  • If a public key has been configured for a log, check that it is consistent with the private key by @robstradling in #1044
  • Don't allow the same private key to be used by more than one configured log by @robstradling in #1046

Log list

Vulnerability management

Fixes

Cleanups

Dependency updates

New Contributors

Full Changelog: v1.1.4...v1.1.5

v1.1.4

21 Oct 16:09
50ef850
Compare
Choose a tag to compare

Log list

Logging

Cleanup

Misc

  • Add test leaf template with serverAuth EKU by @pavelkalinnikov in #893
  • Fix S1039: unnecessary use of fmt.Sprintf in presubmit lint messages by @roger2hk in #932
  • Update Go version and remove log list v1, v2 in README.md by @roger2hk in #979
  • Add missing license header by @AlCutter in #970
  • Downgrade 429 errors to verbosity 2 (#957) by @mhutchinson in #963
  • Update to testdata.SampleLogList3 in distributor_test.go by @roger2hk in #966
  • Update linter, fix errors, delete travis config by @mhutchinson in #940
  • Add CODEOWNERS with default team assignment by @AlCutter in #939

Dependency updates

Full Changelog: v1.1.3...v1.1.4

v1.1.3

13 May 16:11
5162ff6
Compare
Choose a tag to compare

New features

  • #867: Add package for (un)marshalling the loglist3 schema
  • #927: Add readonly logs mode to CTFE configuration
  • Add experimental (not exported from the Go module) implementation of CT witness. Running witnesses by multiple independent organisations allows detecting and preventing split-view attacks.

Improvements / bug fixes

  • #852: migrillian: Return error if context was canceled
  • #896: jsonclient: retry POSTs after getting HTTP 429
  • #901: ctclient: Use Cobra library for command-line tools
  • #920: Set is_master metric to 0 for when starting up
  • #928: Do not print context canceled errors

Slightly breaking changes

  • #881: Terminate hammer early if the context is cancelled
  • #903, #921: Move PEMCertPool from CTFE package to x509util

Dependency updates

  • Switch Merkle tree code to use github.com/transparency-dev/merkle@v0.0.1 [#874, ..., #924]
  • Trillian: v1.4.0 -> v1.4.1 [#924]
  • Replace juju/ratelimit with x/time/rate [#800]
  • protoc: v3.12.4 -> v3.20.1 [#923]
  • github.com/fullstorydev/grpcurl: 1.8.2->1.8.6 [#860, #891]
  • github.com/google/go-cmp: 0.5.6->0.5.8 [#879, #917]
  • github.com/mattn/go-sqlite3: 1.14.8->1.14.10 [#873]
  • github.com/rs/cors: 1.8.0->1.8.2 [#872]
  • go.etcd.io/etcd/v3: 3.5.0->3.5.4 [#859, #887, #913]
  • google.golang.org/grpc: v1.40.0 -> v1.46.0 [#914]

Full Changelog: v1.1.2...v1.1.3