All notable changes to garage-sign
will be documented in this file.
- Added validation to the
garage-sign targets add
andgarage-sign targets add-uploaded
commands. Checks that the target item metadata doesn't contain unsupported characters.
- Added validation of targets.json size. The maximum size is 8,286,208 bytes.
- Added a warning message when targets.json size reaches 75% of its maximum size.
- When signing root.json or targets.json the expiration time is set to the default value if
--expires
or--expire-after
options are not set and the previous expiration time is earlier than the default expiration time.
- Added
garage-sign
commands to set threshold for the Root (garage-sign root set-threshold
) and Targets (garage-sign targets set-threshold
) roles.
- Fixed the commands to remove a key for the Root (
garage-sign root key remove
) and Targets (garage-sign root targets-key remove
) roles using only--key-id
option.
- Added
--force
parameter togarage-sign targets upload
command. - Added
--verifyIntegrity
parameter togarage-sign targets add-uploaded
command. - Added validation of
root.json
before pushing to server.
- Fixed error with wrong
Created Time
after the update of the existing software version.
- Added ability to add the external signatures to
targets.json
. Added parameter--signatures
togarage-sign targets sign
command. - Added ability to add the external signatures to
root.json
. Added parameters--signatures
and--old-root-alias
togarage-sign root sign
command. - Added commands to add (
garage-sign root targets-key add
) or remove (garage-sign root targets-key remove
) target keys fromroot.json
. - Added
garage-sign
command to get unsigned targets (garage-sign targets get-unsigned
). - Added
garage-sign
command to get unsigned root (garage-sign root get-unsigned
). - Added
garage-sign
command to import the public key (garage-sign user-keys importpub
) - Added
garage-sign
commands to increaseroot.json
(garage-sign root increment-version
) andtargets.json
(garage-sign targets increment-version
) version. - Added ability to upload binary files larger than 3Gb.
- Don't add new targets key when moving offline without a new root key.
- Added support of Azure blob Storage
- Updated jre version to 8u262-b10
- Migrated from Auth+ to AWS Cognito