Skip to content

v3.1.1

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 20 Dec 22:08
· 6 commits to main since this release
v3.1.1
This tag was signed with the committer’s verified signature.
fibonacci1729 Brian
GPG key ID: A395E812410D2BF8
Learn about vigilant mode.
aa919ce
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Spin 3.1.1

This is a patch release to fix a bug that was found in the deny-all adapter used to implement configuration inheritance for component dependencies.

Verifying the Release Signature

After downloading the v3.1.1 release of Spin, either via the artifact attached to this release corresponding to your OS/architecture combination or via the installation method of your choice, you are ready to verify the release signature.

First, install cosign. This is the tool we'll use to perform signature verification. Then run the following command:

cosign verify-blob \
    --signature spin.sig --certificate crt.pem \
    --certificate-identity https://github.com/fermyon/spin/.github/workflows/release.yml@refs/tags/v3.1.1 \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-sha aa919ce36a5f6c45e6c9b66bcd94657281f44bf3 \
    --certificate-github-workflow-repository fermyon/spin \
    spin

If the verification passed, you should see:

Verified OK

Full Changelog: v3.1.0...v3.1.1

Assets 10
Loading