v1.2.2

What's Changed

This release fixes issues with signing provenance due to a change in Sigstore TUF root certificates (#1163). This release also includes better handling of transient errors from the Rekor transparency logs.

New Contributors

• @suzuki-shunsuke made their first contribution in #1061
• @datosh made their first contribution in #1074
• @pnacht made their first contribution in #1187
• @dongheelee92 made their first contribution in #1209

Full Changelog

v1.2.1...v1.2.2

• fix: use GITHUB_OUTPUT instead of deprecated set-output command by @suzuki-shunsuke in #1061
• Fix reference to generic generator by @ianlewis in #1063
• Add presumbit checks for internal actions by @ianlewis in #1067
• chore(deps): update gcr.io/distroless/static docker digest to cb0f703 by @renovate-bot in #1062
• Add ref to checkout-node action by @ianlewis in #1071
• Document renovate exception for tags over digest. by @datosh in #1074
• ci: exclude codeql on yaml by @asraa in #1008
• Update CodeQL workflow by @ianlewis in #1081
• Remove ref for internal action calls by @laurentsimon in #1075
• Update link to container generator workflow by @ianlewis in #1079
• Add doc on sigstore policy-controller by @ianlewis in #946
• Enable CodeQL scanning for Javascript by @ianlewis in #1078
• bug: fix path in action by @laurentsimon in #1085
• bug: additional fixes for ref removal by @laurentsimon in #1083
• fix: grep in secure download action by @laurentsimon in #1087
• fix: workingDir by @laurentsimon in #1107
• fix: workingDir by @laurentsimon in #1109
• feat: update ref by @laurentsimon in #1086
• doc: add tag pinning documentation in each builder README by @laurentsimon in #1106
• docs: update release.md for generating verifier e2e tests by @asraa in #1108
• fix: use GITHUB_OUTPUT instead of deprecated set-output command by @suzuki-shunsuke in #1066
• fix: checkout uses the wrong repository by @laurentsimon in #1113
• fix(deps): update module github.com/in-toto/in-toto-golang to v0.4.0 by @renovate-bot in #987
• chore(deps): update github-actions to v3 by @renovate-bot in #1059
• feat: improve refs by @laurentsimon in #1126
• Fix privacy-check checkout by @ianlewis in #1160
• Update Rekor to v1.0.0 by @ianlewis in #1121
• Update Rekor client by @ianlewis in #1162
• Add documentation for private-repository input by @ianlewis in #1165
• Temporarily disable pre-submit by @ianlewis in #1171
• re-enable pre-submits by @ianlewis in #1161
• fix(deps): update module github.com/sigstore/sigstore to v1.4.5 by @renovate-bot in #1123
• fix(deps): update module github.com/in-toto/in-toto-golang to v0.5.0 by @renovate-bot in #1122
• chore(deps): update dependency eslint to v8.26.0 by @renovate-bot in #1115
• fix(deps): update module github.com/slsa-framework/slsa-github-generator to v1.2.1 by @renovate-bot in #1114
• fix(deps): update module github.com/spf13/cobra to v1.6.1 by @renovate-bot in #1058
• fix(deps): update module github.com/sigstore/cosign to v1.13.1 by @renovate-bot in #1057
• chore(deps): update typescript-eslint monorepo to v5.41.0 by @renovate-bot in #1056
• chore(deps): update dependency eslint-plugin-github to v4.4.0 by @renovate-bot in #1055
• chore(deps): update dependency @types/node to v16.18.2 by @renovate-bot in #1054
• chore(deps): update dependency @types/node to v18 by @renovate-bot in #1179
• chore(deps): update github-actions by @renovate-bot in #864
• verifier: update verifier version to v1.3.2 by @asraa in #1184
• Add known issues to docs by @ianlewis in #1170
• 📖 Bump version tag in examples by @pnacht in #1187
• Container build type by @ianlewis in #1176
• Group updates for renovate by @ianlewis in #1185
• Add CONTRIBUTING.md by @ianlewis in #1080
• feat: add commands to nodejs builder by @laurentsimon in #1189
• cleanup: remove more set-outputs by @asraa in #1194
• chore(deps): update npm dev by @renovate-bot in #1203
• chore(deps): update github-actions by @renovate-bot in #1202
• chore(deps): update gcr.io/distroless/static docker digest to 5759d19 by @renovate-bot in #1201
• feat: npm builder updates by @laurentsimon in #1206
• chore(deps): update dependency eslint to v8.27.0 by @renovate-bot in #1208
• [doc] Add example for Python by @dongheelee92 in #1209
• [doc] update TOC(Table Of Content) for python example by @dongheelee92 in #1213
• Fix PR description check for releases by @ianlewis in #1211
• release: fix release tag reference by @asraa in #1215
• Update release instructions by @ianlewis in #1212
• Update release tag for v1.2.2 by @ianlewis in #1210
• Revert "Update release tag for v1.2.2 (#1210)" by @ianlewis in #1220
• Fix builder-fetch.sh path by @ianlewis in #1221
• Update refs for release 1.2.2 by @ianlewis in #1222