Skip to content

1.5.3-beta.2
Compare
Choose a tag to compare
@github-actions github-actions released this 14 May 22:40
· 15 commits to main since this release
1.5.3-beta.2
b33008f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode. 
Fix and enhance SBOM and SLSA (#282)

### SBOM and SLSA Generation Improvements
- Extended capabilities of existing SBOM functionality
- In some cases, SLSA was failing to complete, this is now fixed.

**Image Attestation**
- New image attestation functionality for enhanced security verification
- Ensures image integrity through cryptographic validation
- Public keys are now located in the /certs directory for verification purposes
- Centralizes access to verification materials

**New Verification Script**

- Added new certs/verify-image.sh script to help users verify SBOM and SLSA attestations
- Simplifies the verification process

### Component Updates

- Updated Dagger APKO components to newer version
Assets 2
Loading