Releases: spiffe/go-spiffe
Releases · spiffe/go-spiffe
v2.4.0
Added
- Support for using a custom backoff strategy in the Workload API client (#302)
- Support for a default JWT-SVID picker (#301)
v2.3.0
Changed
- Empty bundles are now supported, in alignment with the SPIFFE specification (#288)
v2.2.0
Changed
- Upgraded to go-jose v4 which has a stronger security posture than v3. Go-spiffe was not impacted by the security weaknesses of v3 due to stringing algorithm checking that is now handled by go-jose v4 (#276)
Fixed
- Makefile invocation for Apple Silicon-based Macs (#275)
Added
- Support Ed25519 keys for Workload SVIDs (#248)
v2.1.7
Fixed
- Panic if the Workload API returned a malformed JWT-SVID (#233)
- Race that causes WaitForUpdate to return immediately after watcher is initialized even if there is no update (#260)
v2.1.6
Added
- Name convenience method to the spiffeid.TrustDomain type (#228)
v2.1.5
Added
- PeerIDFromConnectionState method for extracting the peer ID from TLS connection state (#225)
Changed
- The
tlsconfig to enforce a minimum TLS version of TLS1.2 (#226)
Fixed
- Panic when failing to parse raw SVID response returned from the Workload API (#223)
v2.1.4
Added
- Support for the SVID hints obtained from the Workload API (#220)
v2.1.3
Changed
- JoinPathSegments properly disallows dot segments (#221)
Added
- ValidatePathSegment function for validating an individual path segment (#221)
v2.1.2
Changed
- Minimum supported go version to 1.17 (#209)
v2.1.1
Added
- Support for dialing named pipes using an npipe URL scheme (#198)
