v0.27.1
This is a security and stability release. We have fixed several vulnerabilities
and made the components more robust.
Added
- Increased test coverage.
- Minor bug fixes and performance improvements.
- Documentation updates.
Changed
- Updated Go to version 1.23.1 on major components. vSecM SDK remains at Go
version 1.21.0 to offer compatibility with older systems. This is the smallest
version that we can support with the SDK without exposing vulnerabilities.
Fixed
- Fixed a bug where SPIRE Server was crashing when using Helm charts and not
enabling persistent volumes.
Security
- Fixed GHSA-xr7q-jx4m-x55m Private tokens could appear in logs if context containing gRPC metadata is logged in
Below are the generated release notes of every commit since the last release cut:
What's Changed
- minor typo by @v0lkan in #1082
- Introducing initial helm-chart for version 0.27.1 by @v0lkan in #1084
- doc changes by @v0lkan in #1085
- 🧹 chore(vsecm): Release next version's manifests by @v0lkan in #1087
- 📚 docs(vsecm): add version snapshot by @v0lkan in #1088
- 🐛 fix(VSecM Keygen): regression: keygen was not decrypting secrets by @v0lkan in #1092
- 🌟 enhancement(VSecM): pointed example images to upstream by @v0lkan in #1093
- Added a new use case by @v0lkan in #1094
- Use case: Using Init container with k8s secrets by @v0lkan in #1095
- 🐛 fix(VSecM): fix logic error in example workload by @v0lkan in #1096
- Create scorecard.yml by @v0lkan in #1098
- 🌟 enhancement(VSecM Web): Add a new landing page by @v0lkan in #1112
- 📚 docs(VSecM Web): add screen recordings to some use cases by @v0lkan in #1114
- Test/app sentinel coverage by @gurkanguray in #1117
- 💄 cosmetic(VSecM Web): landing page mobile fixes by @v0lkan in #1118
- 🌟 enhancement(VSecM): Isolate VSecM SDK by @v0lkan in #1120
- (chore) Version Update for the New SDK Approach to work by @v0lkan in #1121
- 🐛 fix(VSecM Helm Charts): SPIRE Server was crashing if not persistent by @v0lkan in #1122
- Refactor: fix potential panic & refactor some code by @canack in #1123
- 🚨 test(VSecM): unit tests added for core/audit and core/constants by @gurkanguray in #1099
- 📚 docs(VSecM Web): added new contributor hours video recording by @v0lkan in #1125
- update roadmap by @v0lkan in #1126
- Finalized pending ADRs + security enhancements by @v0lkan in #1127
- Bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /sdk by @dependabot in #1128
- 🚨 test(VSecM Sentinel): 1100 add unit test and refactor app/sentinel by @gurkanguray in #1129
- Release v0.27.1 by @v0lkan in #1130
New Contributors
Full Changelog: v0.27.0...v0.27.1