v1.81.2

Chainloop Attestation

View the attestation of this release

Changelog

• 2f89b91 fix(auth): improve JWT and GitHub OIDC token handling (#2832)

v1.81.1

Changelog

• 0f30a91 fix(cli): prevent false user-attended mode warning with federated auth (#2829)

v1.81.0

Changelog

• 029e62a feat(cli): add OIDC federated authentication support for CI/CD runners (#2826)

v1.80.0

Changelog

• 22932b1 feat(api-token): allow org-level tokens to manage project-scoped tokens (#2811)

v1.79.1

Chainloop Attestation

View the attestation of this release

Changelog

• ba5b90c fix(cas-redirection): Avoid returning URL when CAS is not valid (#2796)

v1.79.0

What's Changed

• Bump Helm Chart and Dagger Version => v1.78.0 by @github-actions[bot] in #2766
• chore: add stale bot for issue and PR hygiene by @migmartri in #2772
• test(cli): cover attestation push policy enforcement behavior by @matiasinsaurralde in #2774
• feat(authz): prevent non-owners from managing owner memberships by @migmartri in #2776
• chore: replace buf DEFAULT lint category with STANDARD by @matiasinsaurralde in #2778
• test(controlplane): cover extractEnvVariables ordering and nil input by @matiasinsaurralde in #2779
• chore(artifact-cas): precompile auth selector regexes in gRPC server by @matiasinsaurralde in #2784
• feat(.claude): add dependabot-pr-automation skill by @migmartri in #2781
• chore(controlplane): precompile version validation regex by @matiasinsaurralde in #2783
• fix(controlplane): use request context for CAS backend lookup in attestation init by @matiasinsaurralde in #2782
• build(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 by @dependabot[bot] in #2787
• chore(controlplane): precompile gRPC matcher regexes by @matiasinsaurralde in #2789
• fix(artifact-cas): return ResourceExhausted for oversized uploads by @matiasinsaurralde in #2788
• feat(integration): show masked URL in registrations config by @Piskoo in #2794
• feat(policies): allow gate=false to override org-wide blocking by @matiasinsaurralde in #2777
• feat(contracts): remove requirements mapping to enable automatching by @kaysavps in #2791

New Contributors

• @matiasinsaurralde made their first contribution in #2774

Full Changelog: v1.78.0...v1.79.0

v1.78.0

Changelog

• c1c719b feat(policies): add attestation phase lifecycle control (#2765)

v1.77.2

Changelog

• 8e66bd0 fix: resolve contract scope by project name instead of UUID (#2756)

v1.77.1

Changelog

• bcf7331 fix(contracts): allow org tokens to create contracts (#2748)

v1.77.0

What's Changed

• feat(referrer): improve referrer not found error message by @Piskoo in #2702
• Bump Helm Chart and Dagger Version => v1.76.1 by @github-actions[bot] in #2743
• fix(ci): update gitleaks config by @Piskoo in #2744

Full Changelog: v1.76.1...v1.77.0