All Versions
56
Latest Version
Avg Release Cycle
38 days
Latest Release
121 days ago
Changelog History
Page 6
Changelog History
Page 6
-
v0.7.2 Changes
January 23, 2019- ๐ Fix non-random UUID bug by moving to gofrs-maintained uuid pkg (#659)
- ๐ Server now supports multiple node resolvers (#652)
- Server no longer allows agent to specify X.509 Subject value (#663)
- Registration API is now authenticated, can be reached remotely (#656)
- ๐ Fixed debug log message in the Node API handler (#666)
- โก๏ธ Agent's KeyManager interface updated for better durability (#669)
- โ Use FQDN in the GCP Node Attestor to prevent reliance on shortname resolution (#672)
- โฌ๏ธ Upgrade to Go 1.11.5 in response to CVE-2019-6486 (#690)
-
v0.7.1 Changes
December 20, 2018- ๐ Documentation updates for Azure plugins, agent, server (#629, #631, #642, #651, #654)
- Intermediate certificates now included in bundle for compatibility with 0.6 (#633)
- โ Attestation now fails if NodeResolver encounters an error (#634)
- ๐ Fix bootstrap bug when
upstream_bundle
is not set (#639) - โ Additional telemetry points added, introduced telemetry in server (#640)
- 0๏ธโฃ CLI utilities now print TTL value of
default
instead of0
when not set (#645) - ๐ Fix bug in CLI utilities causing them to write PEM files with the wrong header (#647)
- โฌ๏ธ Go runtime upgraded in response to CVE-2018-16875 (#653)
- ๐ง Server now detects and prevents trust domain configuration change (#644)
- ๐ Fix vulnerability in which X.509 path validation is not performed on node API (#655)
-
v0.7.0 Changes
November 08, 2018- ๐ JWT Support (#616)
- Workload API now returns intermediate chains (#611)
- โ UNIX attestor now returns binary path and sha256 (#590)
- โ UNIX attestor now returns effective user and group name (#589)
- Node API now ratelimits expensive calls (#577)
- ๐ Soft delete disabled in SQL datastore plugin (#560)
- ๐ Basic federation support (#559, #563, #581, #582)
- โ Kubernetes node attestor (#557)
- AWS node resolver builtin (#554)
- โ Azure node attestor (#551)
- Azure node resolver (#553)
- ๐ KeyManager plugin interface for server (#539)
- ๐ Disk-based KeyManager server plugin (#532)
- ๐ x509pop now supports intermediate chains (#524)
- ๐ Fix bug that resulted in some SVIDs outliving CA (#520)
- Let agent fail over to different server on failure (#561)
- โ Node attestors can now return selectors (#516)
- ๐ Improved SPIFFE ID validation (#513, #515)
-
v0.6.2 Changes
September 12, 2018- ๐ Support for Azure node attestation (#551)
- ๐ Support for Azure node resolution (#553)
- โก๏ธ Updated DNS resolution to support DNS-based HA failover (#561)
- โก๏ธ Updated x509pop challenge to strengthen against signature replay attacks (#562)
- โ Removed sql plugin soft delete for better space management (#560)
- ๐ Performance improvements and bugfixes in sql plugin (#564)
- ๐ Support for HTTP/HTTPS CONNECT proxies (#568, #585)
- โก๏ธ Updated Node API to perform ratelimiting (#577)
-
v0.6.1 Changes
July 27, 2018- ๐ Fixed SVID renewal bug (#520)
- ๐ Support separate file for intermediates in x509pop node attestor (#524)
- ๐ Allow node attestors to provide supplemental selectors (#516)
- ServerCA "memory" can now optionally persist keys to disk (#532)
- โก๏ธ Config file updates so spire commands can be run from any CWD (#541)
- ๐ Minor doc/example fixes (#535)
-
v0.6.0 Changes
June 26, 2018- โ Added GCP Instance Identity Token (IIT) node attestation.
- โ Added X509 Proof-of-Possession node attestation.
- โ Added challenge/response support to node attestation API.
- ๐ SQL datastore plugin renamed. Now includes support for PostgresSQL.
- ๐ Improved k8s workload attestation resilience.
- ๐ Lots of bug fixes.