v5.28.0

What's Changed

• Bump to v5.26.0 by @TomSweeneyRedHat in #2013
• fix(deps): update module github.com/sigstore/rekor to v1.2.2 by @renovate in #2014
• fix(deps): update module github.com/sigstore/fulcio to v1.3.2 by @renovate in #2016
• Adding IO decorator to copy progress bar by @Pvlerick in #2015
• Ensure we close HTTP connections on all paths by @mtrmac in #2017
• fix(deps): update module github.com/containers/storage to v1.48.0 by @renovate in #2018
• fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc4 by @renovate in #2020
• fix(deps): update github.com/cyberphone/json-canonicalization digest to 91eb5f1 by @renovate in #2021
• fix(deps): update golang.org/x/exp digest to 97b1e66 by @renovate in #2022
• fix(deps): update module github.com/klauspost/compress to v1.16.7 by @renovate in #2024
• fix(deps): update module github.com/docker/docker to v24.0.3+incompatible by @renovate in #2031
• fix(deps): update module golang.org/x/oauth2 to v0.10.0 by @renovate in #2028
• manifest: ListUpdate add imgspecv1.Platform field by @flouthoc in #2029
• fix(deps): update module github.com/docker/docker to v24.0.4+incompatible by @renovate in #2032
• pkg/docker: use the same default auth path as macOS on FreeBSD by @dfr in #2034
• fix(deps): update module github.com/sigstore/fulcio to v1.3.4 by @renovate in #2033
• blob: TryReusingBlobWithOptions consider RequiredCompression if set by @flouthoc in #2023
• Fix tests of the ostree transport by @mtrmac in #2037
• helpers_test,cleanup: correct argument order by @flouthoc in #2039
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.5.1 by @renovate in #2041
• Make temporary names container/image specific by @rhatdan in #2045
• listupdate,oci: instance show read-only annotations and CompressionAlgorithmNames by @flouthoc in #2040
• fix(deps): update module github.com/docker/docker-credential-helpers to v0.8.0 by @renovate in #2046
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.5.2 by @renovate in #2044
• Fix TestOCI1IndexChooseInstanceByCompression on non-amd64 by @mtrmac in #2043
• Refactor data passing in c/image/copy by @mtrmac in #2048
• Update module github.com/sigstore/fulcio to v1.4.0 by @renovate in #2049
• copy/multiple: instanceCopyCopy honor UpdateCompressionAlgorithms by @flouthoc in #2047
• Update vendor of containers/storage by @rhatdan in #2052
• copy/single: accept custom *Options and wrap arguments in copySingleImageOptions by @flouthoc in #2050
• Improve transport documentation by @mtrmac in #2042
• fix(deps): update module github.com/vbatts/tar-split to v0.11.5 by @renovate in #2053
• fix(deps): update module github.com/docker/docker to v24.0.5+incompatible by @renovate in #2055
• copy: implement instanceCopyClone for zstd compression by @flouthoc in #1987
• copy/multiple: priority of instanceCopyCopy must be higher than instanceCopyClone by @flouthoc in #2059
• Clarify where mirrors are used by @mtrmac in #2061
• fix(deps): update github.com/cyberphone/json-canonicalization digest to aa7fe85 by @renovate in #2064
• fix(deps): update github.com/containers/storage digest to c3da76f by @renovate in #2063
• Update x/exp/slices, and some small slice-related cleanups by @mtrmac in #2066
• Use consistent example domains in #2069
• copy: add support for ForceCompressionFormat by @flouthoc in #2068
• fix(deps): update module golang.org/x/term to v0.11.0 by @renovate in #2073
• fix(deps): update module golang.org/x/crypto to v0.12.0 by @renovate in #2078
• fix(deps): update module golang.org/x/oauth2 to v0.11.0 by @renovate in #2080
• [release-5.27] Preparing 5.27 backport by @mtrmac in #2075
• Update to Go 1.19 by @mtrmac in #2079
• storage.storageImageDestination.Commit(): leverage image options by @nalind in #2067
• Rename SKOPEO_CI_TAG to SKOPEO_CI_BRANCH by @mtrmac in #2083
• [CI:DOCS] Add cirrus-cron retry/monitor jobs by @cevich in #2082
• chore(deps): update dependency containers/automation_images to v20230807 by @renovate in #2081
• [release-5.27] Fix the branch we use for determining a git-validation starting point by @mtrmac in #2084
• fix(deps): update golang.org/x/exp digest to 352e893 by @renovate in #2065
• fix(deps): update module github.com/sigstore/sigstore to v1.7.2 by @renovate in #2085
• OCI image-spec / distribution-spec v1.1 updates, first round by @mtrmac in #2062
• fix(deps): update module github.com/sylabs/sif/v2 to v2.12.0 by @renovate in #2087
• chore(deps): update dependency containers/automation_images to v20230809 by @renovate in #2089
• Merge release branch into main by @mtrmac in #2070
• BREAKING: Update for move of github.com/theupdateframework/go-tuf/encrypted by @mtrmac in #2054
• Update module github.com/containers/ocicrypt to v1.1.8 by @renovate in #2091
• chore(deps): update dependency containers/automation_images to v20230816 by @renovate in #2093
• fix(deps): update module github.com/containers/storage to v1.49.0 by @renovate in #2095
• fix(deps): update module github.com/sylabs/sif/v2 to v2.13.0 by @renovate in #2097
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.6.0 by @renovate in #2098
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.6.1 by @renovate in #2099
• fix(deps): update golang.org/x/exp digest to d852ddb by @renovate in #2101
• fix(deps): update module golang.org/x/term to v0.12.0 by @renovate in #2103
• fix(deps): update module github.com/sigstore/sigstore to v1.7.3 by @renovate in #2102
• fix removal of temp file in GetBlob on Windows by @mikenorgate in #2104
• fix(deps): update module golang.org/x/crypto to v0.13.0 by @renovate in #2106
• Fix build with golangci-lint 1.54.2 by @mtrmac in #2107
• fix(deps): update module golang.org/x/oauth2 to v0.12.0 by @renovate in #2108
• Implement, and default to, a SQLite BlobInfoCache instead of BoltDB by @mtrmac in #2092
• fix(deps): update module github.com/docker/docker to v24.0.6+incompatible by @renovate in #2109
• Update dependencies of docker/docker by @mtrmac in #2110
• Correctly handle encryption/decryption changes in non-OCI formats by @mtrmac in #1932
• chore(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4 [security] by @renovate in #2111
• fix(deps): update module github.com/containers/storage to v1.50.1 by @renovate in #2112

New Contributors

• @Pvlerick made their first contribution in #2015
• @mikenorgate made their first contribution in #2104

Full Changelog: v5.27.0...v5.28.0

v5.26.2

What's Changed

• [release-5.26] c/storage to 1.48, bump c/image to v5.26.1, and then to v5.26.2-dev by @TomSweeneyRedHat in #2019
• [release-5.26] Test the release-5.26 branch against the 1.13 branch of Skopeo by @mtrmac in #2090

Full Changelog: v5.26.1...v5.26.2

v5.27.0

• New copy.Options.EnsureCompressionVariantsExist allows creating images that are consumable by existing gzip-only consumers, but include a Zstd-compressed version is preferred by c/image.
• OCI images using Zstd compression now carry a io.github.containers.compression.zstd annotation in the OCI image index.

v5.26.1

Full Changelog: v5.26.0...v5.26.1
[release-5.26] Bump to v5.26.1
[release-5.26] Bump c/storage to 1.48.0

v5.26.0

What's Changed

• Release 5.25.0 by @mtrmac in #1909
• fix(deps): update module github.com/docker/docker to v23.0.3+incompatible by @renovate in #1910
• fix(deps): update module golang.org/x/term to v0.7.0 by @renovate in #1911
• fix(deps): update module github.com/klauspost/compress to v1.16.4 by @renovate in #1912
• fix(deps): update module github.com/sigstore/sigstore to v1.6.1 by @renovate in #1913
• chore(deps): update dependency containers/automation_images to v20230405 by @renovate in #1914
• fix(deps): update module golang.org/x/crypto to v0.8.0 by @renovate in #1915
• fix(deps): update module golang.org/x/oauth2 to v0.7.0 by @renovate in #1916
• fix(deps): update module github.com/containers/storage to v1.46.1 by @renovate in #1917
• fix(deps): update module github.com/sigstore/sigstore to v1.6.2 by @renovate in #1918
• Don't completely silently ignore non-OCI manifests in OCI layouts by @mtrmac in #1922
• fix(deps): update module github.com/klauspost/compress to v1.16.5 by @renovate in #1925
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.4.0 by @renovate in #1924
• fix(deps): update module github.com/docker/docker to v23.0.4+incompatible by @renovate in #1926
• Simplify the tarball: transport by @mtrmac in #1923
• fix(deps): update module github.com/sigstore/sigstore to v1.6.3 by @renovate in #1928
• Fix conversion determination when encrypting by @mtrmac in #1930
• fix(deps): update golang.org/x/exp digest to 47ecfdc by @renovate in #1934
• Update the docker-daemon: client, and docker/docker dependency by @mtrmac in #1937
• chore(deps): update dependency containers/automation_images to v20230426 by @renovate in #1939
• fix(deps): update module github.com/sylabs/sif/v2 to v2.11.3 by @renovate in #1936
• fix(deps): update module github.com/klauspost/pgzip to v1.2.6 by @renovate in #1941
• fix(deps): update module golang.org/x/sync to v0.2.0 by @renovate in #1942
• fix(deps): update module golang.org/x/term to v0.8.0 by @renovate in #1943
• fix(deps): update module github.com/sigstore/fulcio to v1.3.1 by @renovate in #1935
• fix(deps): update module github.com/sigstore/rekor to v1.1.1 by @renovate in #1940
• fix(deps): update module github.com/sigstore/sigstore to v1.6.4 by @renovate in #1945
• Update github.com/opencontainers/image-spec to v1.1.0-rc3 by @mtrmac in #1944
• fix(deps): update module golang.org/x/oauth2 to v0.8.0 by @renovate in #1949
• fix(deps): update module github.com/docker/docker to v23.0.6+incompatible by @renovate in #1931
• fix(deps): update module golang.org/x/crypto to v0.9.0 by @renovate in #1950
• Use a pointer receiver for internal/set.Set by @mtrmac in #1951
• fix(deps): update module github.com/docker/distribution to v2.8.2+incompatible by @renovate in #1955
• fix(deps): update module github.com/sylabs/sif/v2 to v2.11.4 by @renovate in #1956
• fix(deps): update module github.com/docker/docker to v24 by @renovate in #1958
• fix(deps): update module github.com/sirupsen/logrus to v1.9.2 by @renovate in #1957
• chore(deps): update dependency containers/automation_images to v20230517 by @renovate in #1959
• fix(deps): update module github.com/stretchr/testify to v1.8.3 by @renovate in #1960
• fix(deps): update module github.com/docker/docker to v24.0.1+incompatible by @renovate in #1961
• fix(deps): update module github.com/docker/docker to v24.0.2+incompatible by @renovate in #1965
• fix(deps): update module github.com/imdario/mergo to v0.3.16 by @renovate in #1967
• fix(deps): update module github.com/sigstore/rekor to v1.2.1 by @renovate in #1966
• Clean up auth.json documentation by @mtrmac in #1964
• fix(deps): update module github.com/stretchr/testify to v1.8.4 by @renovate in #1969
• fix(deps): update module github.com/burntsushi/toml to v1.3.0 by @renovate in #1970
• fix(deps): update module github.com/sigstore/sigstore to v1.6.5 by @renovate in #1971
• manifest: prepare internal EditInstances by @flouthoc in #1896
• fix(deps): update github.com/sigstore/rekor digest to 4c81ff2 by @renovate in #1974
• fix(deps): update github.com/cyberphone/json-canonicalization digest to 504adb8 by @renovate in #1973
• fix(deps): update golang.org/x/exp digest to 2e198f4 by @renovate in #1975
• chore(deps): update dependency containers/automation_images to v20230601 by @renovate in #1978
• copy/multiple: use more flexible EditInstances instead of UpdateInstances by @flouthoc in #1883
• fix(deps): update module github.com/sirupsen/logrus to v1.9.3 by @renovate in #1981
• Use x/exp/slices, and other small cleanups by @mtrmac in #1977
• copy/multiple: split selection of images to be copied in copyMultipleImages by @flouthoc in #1982
• fix(deps): update module github.com/burntsushi/toml to v1.3.1 by @renovate in #1984
• fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.3 by @renovate in #1985
• fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.4 by @renovate in #1986
• Don't claim that libostree is required by default. by @mtrmac in #1989
• fix(deps): update module github.com/burntsushi/toml to v1.3.2 by @renovate in #1990
• fix(deps): update module github.com/go-openapi/swag to v0.22.4 by @renovate in #1991
• fix(deps): update module golang.org/x/term to v0.9.0 by @renovate in #1993
• Stop having an opinion on TLS version by @mtrmac in #1963
• fix(deps): update module github.com/klauspost/compress to v1.16.6 by @renovate in #1994
• fix(deps): update module golang.org/x/crypto to v0.10.0 by @renovate in #1995
• fix(deps): update module github.com/sylabs/sif/v2 to v2.11.5 by @renovate in #1997
• fix(deps): update module golang.org/x/oauth2 to v0.9.0 by @renovate in #1996
• fix(deps): update module golang.org/x/sync to v0.3.0 by @renovate in #1999
• chore(deps): update dependency containers/automation_images to v20230614 by @renovate in #2000
• Don't store signatures if there is none of them by @mike-sul in #2001
• fix(deps): update module github.com/sigstore/sigstore to v1.7.0 by @renovate in #2002
• fix(deps): update module github.com/imdario/mergo to v1 by @mtrmac in #2006
• Clarify how oci and oci-archive parse colons by @mtrmac in #2007
• fix(deps): update module github.com/sigstore/sigstore to v1.7.1 by @renovate in #2008
• fix(deps): update module github.com/containers/storage to v1.47.0 by @renovate in #2011
• list,oci_index: automatically add inbuilt annotations on add by @flouthoc in #1992

New Contributors

• @mike-sul made their first contribution in #2001

Full Changelog: v5.25.0...v5.26.0

v5.25.0

What's Changed

• Release v5.24.0 by @mtrmac in #1814
• fix(deps): update module github.com/theupdateframework/go-tuf to v0.5.2 by @renovate in #1815
• Migrate from ghodss/yaml to gopkg.in/yaml.v3 by @mtrmac in #1818
• build(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 by @dependabot in #1820
• Add a more specific error message on invalid docker-config-in-OCI-image images by @mtrmac in #1822
• Update to github.com/vbauerster/mpb/v8 by @mtrmac in #1821
• Cirrus: Use human-readable CI VM Images by @cevich in #1817
• Update to docker/docker v23.0.0 by @mtrmac in #1825
• Update to Go 1.18 by @mtrmac in #1827
• Update to golangci-lint 1.51.0 by @mtrmac in #1824
• Update golang.org/x/exp digest to 46f607a by @renovate in #1829
• Update module github.com/sylabs/sif/v2 to v2.9.1 by @renovate in #1830
• Update module github.com/vbauerster/mpb/v8 to v8.1.6 by @renovate in #1831
• Reconnecting blob reader by @mtrmac in #1816
• manifest: introduce internal/manifest with private types and freeze public manifest.List by @flouthoc in #1791
• fix(deps): update module golang.org/x/term to v0.5.0 by @renovate in #1833
• fix(deps): update module github.com/opencontainers/selinux to v1.11.0 by @renovate in #1835
• [CI:DOCS] Disable dependabot by @cevich in #1837
• fix(deps): update module golang.org/x/crypto to v0.6.0 by @renovate in #1838
• Run codespell on codebase by @rhatdan in #1841
• fix(deps): update module golang.org/x/oauth2 to v0.5.0 by @renovate in #1840
• fix(deps): update module github.com/docker/docker to v23.0.1+incompatible by @renovate in #1823
• Remove a direct use of golang.org/x/net/http2 by @mtrmac in #1843
• Merge pullSource tests as table driven format by @QiWang19 in #1826
• Relax retry heuristics by @mtrmac in #1847
• Simplify bodyReader.errorIfNotReconnecting by @mtrmac in #1850
• Update letsencrypt/boulder after letsencrypt/boulder#6651 by @mtrmac in #1849
• More warning fixes by @mtrmac in #1846
• Merge release branch into main by @mtrmac in #1842
• Update module github.com/sigstore/fulcio to v1.1.0 by @renovate in #1853
• Make it clear that cleartext signatures are not accepted in simple signing by @mtrmac in #1854
• Make some symbols in internal packages package-private by @mtrmac in #1855
• distribution: remove use of deprecated dial.DualStack by @giuseppe in #1856
• fix(deps): update module github.com/sylabs/sif/v2 to v2.9.2 by @renovate in #1857
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.2.0 by @renovate in #1858
• Fix builds of the ostree transport by @mtrmac in #1860
• [release-5.24] Backport retries heuristics updates by @mtrmac in #1859
• Merge release branch into main by @mtrmac in #1861
• fix(deps): update module github.com/sigstore/sigstore to v1.5.2 by @renovate in #1862
• fix(deps): update module github.com/containers/storage to v1.45.4 by @renovate in #1863
• fix(deps): update module github.com/stretchr/testify to v1.8.2 by @renovate in #1865
• fix(deps): update module github.com/sylabs/sif/v2 to v2.10.0 by @renovate in #1864
• fix(deps): update module github.com/klauspost/compress to v1.16.0 by @renovate in #1866
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.2.1 by @renovate in #1868
• manifest,zstd: give priority to zstd compressed images when pulling image from a manifest list by @flouthoc in #1789
• client: enable HTTP(S) keep-alive by @giuseppe in #1867
• fix(deps): update module github.com/sigstore/sigstore to v1.6.0 by @renovate in #1870
• fix(deps): update module golang.org/x/term to v0.6.0 by @renovate in #1871
• fix(deps): update module golang.org/x/crypto to v0.7.0 by @renovate in #1872
• fix(deps): update module golang.org/x/oauth2 to v0.6.0 by @renovate in #1873
• Split copy/copy.go into three files by @mtrmac in #1878
• fix(deps): update module github.com/sylabs/sif/v2 to v2.11.0 by @renovate in #1879
• copy: move c.compression* to imageCopier by @flouthoc in #1881
• Remove some inaccurate comments by @mtrmac in #1880
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.3.0 by @renovate in #1882
• fix(deps): update module github.com/klauspost/compress to v1.16.3 by @renovate in #1885
• fix(deps): update golang.org/x/exp digest to 522b1b5 by @renovate in #1844
• Don't claim auth.json contains encrypted information by @mtrmac in #1884
• fix(deps): update module github.com/imdario/mergo to v0.3.14 by @renovate in #1887
• fix(deps): update module github.com/go-openapi/strfmt to v0.21.5 by @renovate in #1889
• refactor(docs): Disambiguate sigstoreSigned documentation by @Delet0r in #1890
• fix(deps): update module github.com/sylabs/sif/v2 to v2.11.1 by @renovate in #1891
• Cirrus: Replace Ubuntu container w/ Debian VM by @cevich in #1886
• Don’t discard annotations on blob reuse and partial pulls by @mtrmac in #1892
• chore(deps): update dependency containers/automation_images to v20230320 by @renovate in #1893
• fix(deps): update module github.com/imdario/mergo to v0.3.15 by @renovate in #1895
• fix(deps): update module github.com/vbatts/tar-split to v0.11.3 by @renovate in #1897
• fix(deps): update module github.com/go-openapi/strfmt to v0.21.7 by @renovate in #1898
• fix(deps): update module github.com/docker/docker to v23.0.2+incompatible by @renovate in #1900
• fix(deps): update module github.com/sigstore/rekor to v1.1.0 by @renovate in #1901
• Allow using cosign-generated private keys with a "SIGSTORE" type by @mtrmac in #1902
• chore(deps): update dependency containers/automation_images to v20230330 by @renovate in #1905
• Add ability to verify a signature with a set of fingerprints by @Jamstah in #1904
• fix(deps): update golang.org/x/exp digest to 10a5072 by @renovate in #1906
• Update, and support, Fulcio v1.2.0 by @mtrmac in #1903
• Add FIXMEs about handling of zstd:chunked blob annotations on blob changes by @mtrmac in #1894
• Vendor in latest containers/storage by @rhatdan in #1908

New Contributors

• @Delet0r made their first contribution in #1890

Full Changelog: v5.24.2...v5.25.0

v5.24.2

Relax retry heuristics

v5.24.1

• Try to reconnect on some aborted layer downloads

v5.24.0

Now supports both creating and verifying sigstore signatures that use
Fulcio and Rekor.
A New API for signing images during copy.
docker-archive: now can read non-seekable streams.
Improved error messages for registry errors.

• Introduce oci/{archive,layout}.ImageNotFoundError
• Don't use any default path fallbacks if the user specified a path
• Introduce signature/sigstore.NewSigner
• Introduce signature/simplesigning.NewSigner
• Add pkg/cli/sigstore
• Add functional-option NewPRSigstoreSigned
• Add signature/sigstore.GenerateKeyPair
• Avoid confusion about 404 on lookaside
• Heuristically warn about lookaside servers serving HTML
• Add a limit for the total number of signatures in lookaside
• Update the public.ecr.aws error with current data
• Add a test for isManifestUnknownError
• Consolidate handleErrorResponse calls to registryHTTPResponseToError
• Discard any but the first element of errcode.Errors
• Add more detailed error tests
• Make invalid HTTP bodies unwrappable as unexpectedHTTPResponseError
• Use registryHTTPResponseToError on /tags/list failure
• Simplify error messages using the default error text
• Use registryHttpResponseToError in many more places
• set directory transport destination as thread-safe
• Recognize invalid error responses of registry.redhat.io
• Make the pseudo-config used in sigstore attachments a bit more valid
• Convert TestSignatureStorageBaseURL to table-based
• Don't call net/url.URL.Parse when we mean net/url.Parse
• Rename all "url" variables to something else
• Fix documentation comment of the stubs package
• Simplify ociReference.getManifestDescriptor
• Simplify ociReference.getManifestDescriptor a bit
• Fix typos
• Remove unnecessary conversions
• Actually test the caller-requested function
• Remove ineffective assignments
• Fix an always-true condition
• Fix unordered list formatting in containers-policy.json(5)
• docker/reference: reduce regex compilations
• docker/reference/regexp.go: constify strings
• docker/reference.literal: return QuoteMeta directly
• docker/reference.expression: use strings.Join()
• Run (gofmt -s)
• Don't incorrectly report success on failure paths
• Clarify the semantics of the optional.creator field in simple signature payload
• Call x509.SystemCertPool directly instead of tlsconfig.SystemCertPool
• Remove sockets.DialerFromEnvironment
• Use io.SeekStart instead of a hard-coded 0
• Add support for non-seekable files in docker-archive: sources
• Add comments to BlobInfo to warn against adding more edit fields
• Split test data from TestV1RegistriesConfNonempty and TestV2RegistriesConfNonempty
• Reject files mixing v1 and v2 registries.conf, even with empty fields
• Fix a typo
• Move the "human-readable description" of a helper into setAuthToCredHelper
• Correctly report a credHelpers location in SetCredentials
• Add missing documentation of build tags
• Fix comments about exponential backoff with Retry-After
• storage source: Don't store small blobs on disk in GetBlob()
• config: use authPath struct consistently
• config: Make parsing function a method on authFile
• storage: Immediately unlink tmpfile
• Don't duplicate the getPathToAuth rules for user-specified paths in getAuthPaths
• Move killGPGAgent into a helper package
• Terminate the GPG agent spawned by c/image/signature tests
• Speed up pkg/blobcache tests
• Turn copy.TestCreateSignature into a table-based test
• Reorder the tests in copy.TestCreateSignature
• Add a test case for signing dir: with an explicit identity
• Fix a documentation typo
• Return a generic signature.Signature from SignDockerManifestWithPrivateKeyFileUnstable
• Introduce Signer = internal/signer.Signer, and internal/signer.SignerImplementation
• Introduce signature/sigstore/internal.SigstoreSigner
• Make SigstoreSigner implement signer.SignerImplementation
• Rename signature/sigstore/sign.go to signer.go
• Consolidate the two signing implementations to copier.createSignatureWithSigner
• Refactor copy.Image to sign using []*signer.Signer
• Add copy.Options.Signers
• Don't use GPG in copy.TestCreateSignatures
• Make sure value types also implement json.Marshaler
• Add signature/internal.UntrustedRekor{SET,Payload}
• Refactor SigstoreSigner.SignImageManifest a bit
• Rekor upload
• Move the docker client User-Agent value to a shared subpackage
• Add Fulcio with OIDC authentication
• Add Fulcio with user-provided OIDC token
• Drop dead code that causes a regex compilation on init
• Do not preallocate regex in init program
• Replace copy&pasted code by a shared modifiedJSON function
• Add VerifyRekorSET
• manifest: pull Variant from an OCI config
• Remove left-over logging from test development
• Cirrus: Use F37 CI VM Image
• Add Fulcio certificate acceptance logic
• Split loadBytesFromDataOrPath and prepareTrustRoot in prSigstoreSigned
• Make a part of TestPRSigstoreSignedIsSignatureAccepted table-driven
• Split sigstore configuration parsing and API into separate files
• Add tests to reject neither of keyPath / keyData being set
• Add support for Fulcio and Rekor to sigstoreSigned

v5.23.1

• Make the pseudo-config used in sigstore attachments a bit more valid
• Recognize invalid error responses of registry.redhat.io