v0.8.5
·
62 commits
to main
since this release
v0.8.5
aymanbagabas
Ayman Bagabas
This tag was signed with the committer’s verified signature.
The key has expired.
aymanbagabas
Ayman Bagabas
d299f52
This commit was signed with the committer’s verified signature.
The key has expired.
aymanbagabas
Ayman Bagabas
This release fixes an issue with Wish Bubbletea middleware taking over Git SSH requests and causing them to fail. See #683 for more details.
Changelog
Full Changelog: v0.8.4...v0.8.5
Verifying the artifacts
First, download the checksums.txt file, for example, with wget:
wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.5/checksums.txt'Then, verify it using cosign:
cosign verify-blob \
--certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--cert 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.5/checksums.txt.pem' \
--signature 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.5/checksums.txt.sig' \
./checksums.txtIf the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:
sha256sum --ignore-missing -c checksums.txtDone! You artifacts are now verified!
Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.