Replace plain text NEWS file with Markdown-formatted CHANGELOG.md
This commit is contained in:
parent
656fb065be
commit
57e9458ce5
|
@ -0,0 +1,104 @@
|
||||||
|
# Change Log
|
||||||
|
|
||||||
|
## v0.14.0 (2022-06-13)
|
||||||
|
- Switch to Go module versioning conventions.
|
||||||
|
|
||||||
|
## v0.13 (2022-06-13)
|
||||||
|
- Reduce minimum Go version to 1.17.
|
||||||
|
- Update install instructions.
|
||||||
|
|
||||||
|
## v0.12 (2022-06-07)
|
||||||
|
- Retry failed log requests. This should make certspotter resilient
|
||||||
|
to rate limiting by logs.
|
||||||
|
- Add `-version` flag.
|
||||||
|
- Eliminate unnecessary dependency. certspotter now depends only on
|
||||||
|
golang.org/x packages.
|
||||||
|
- Switch to Go modules.
|
||||||
|
|
||||||
|
## v0.11 (2021-08-17)
|
||||||
|
- Add support for contacting logs via HTTP proxies;
|
||||||
|
just set the appropriate environment variable as documented at
|
||||||
|
<https://golang.org/pkg/net/http/#ProxyFromEnvironment>.
|
||||||
|
- Work around RFC 6962 ambiguity related to consistency proofs
|
||||||
|
for empty trees.
|
||||||
|
|
||||||
|
## v0.10 (2020-04-29)
|
||||||
|
- Improve speed by processing logs in parallel
|
||||||
|
- Add `-start_at_end` option to begin monitoring new logs at the end,
|
||||||
|
which significantly speeds up Cert Spotter, at the cost of missing
|
||||||
|
certificates that were added to a log before Cert Spotter starts
|
||||||
|
monitoring it
|
||||||
|
- (Behavior change) Scan logs in their entirety the first time Cert
|
||||||
|
Spotter is run, unless `-start_at_end` specified (behavior change)
|
||||||
|
- The log list is now retrieved from certspotter.org at startup instead
|
||||||
|
of being embedded in the source. This will allow Cert Spotter to react
|
||||||
|
more quickly to the frequent changes in logs.
|
||||||
|
- (Behavior change) the `-logs` option now expects a JSON file in the v2
|
||||||
|
log list format. See <https://www.certificate-transparency.org/known-logs>
|
||||||
|
and <https://www.gstatic.com/ct/log_list/v2/log_list_schema.json>.
|
||||||
|
- `-logs` now accepts an HTTPS URL in addition to a file path.
|
||||||
|
- (Behavior change) the `-underwater` option has been removed. If you want
|
||||||
|
its behavior, specify `https://loglist.certspotter.org/underwater.json` to
|
||||||
|
the `-logs` option.
|
||||||
|
|
||||||
|
## v0.9 (2018-04-19)
|
||||||
|
- Add Cloudflare Nimbus logs
|
||||||
|
- Remove Google Argon 2017 log
|
||||||
|
- Remove WoSign and StartCom logs due to disqualification by Chromium
|
||||||
|
and extended downtime
|
||||||
|
|
||||||
|
## v0.8 (2017-12-08)
|
||||||
|
- Add Symantec Sirius log
|
||||||
|
- Add DigiCert 2 log
|
||||||
|
|
||||||
|
## v0.7 (2017-11-13)
|
||||||
|
- Add Google Argon logs
|
||||||
|
- Fix bug that caused crash on 32 bit architectures
|
||||||
|
|
||||||
|
## v0.6 (2017-10-19)
|
||||||
|
- Add Comodo Mammoth and Comodo Sabre logs
|
||||||
|
- Minor bug fixes and improvements
|
||||||
|
|
||||||
|
## v0.5 (2017-05-18)
|
||||||
|
- Remove PuChuangSiDa 1 log due to excessive downtime and presumptive
|
||||||
|
disqualification from Chrome
|
||||||
|
- Add Venafi Gen2 log
|
||||||
|
- Improve monitoring robustness under certain pathological behavior
|
||||||
|
by logs
|
||||||
|
- Minor documentation improvements
|
||||||
|
|
||||||
|
## v0.4 (2017-04-03)
|
||||||
|
- Add PuChuangSiDa 1 log
|
||||||
|
- Remove Venafi log due to fork and disqualification from Chrome
|
||||||
|
|
||||||
|
## v0.3 (2017-02-20)
|
||||||
|
- Revise `-all_time` flag (behavior change):
|
||||||
|
- If `-all_time` is specified, scan the entirety of all logs, even
|
||||||
|
existing logs
|
||||||
|
- When a new log is added, scan it in its entirety even if `-all_time`
|
||||||
|
is not specified
|
||||||
|
- Add new logs:
|
||||||
|
- Google Icarus
|
||||||
|
- Google Skydiver
|
||||||
|
- StartCom
|
||||||
|
- WoSign
|
||||||
|
- Overhaul log processing and auditing logic:
|
||||||
|
- STHs are never deleted unless they can be verified
|
||||||
|
- Multiple unverified STHs can be queued per log, laying groundwork
|
||||||
|
for STH pollination support
|
||||||
|
- New state directory layout; current state directories will be
|
||||||
|
migrated, but migration will be removed in a future version
|
||||||
|
- Persist condensed Merkle Tree state between runs, instead of
|
||||||
|
reconstructing it from consistency proof every time
|
||||||
|
- Use a lock file to prevent multiple instances of Cert Spotter from
|
||||||
|
running concurrently (which could clobber the state directory).
|
||||||
|
- Minor bug fixes and improvements
|
||||||
|
|
||||||
|
## v0.2 (2016-08-25)
|
||||||
|
- Suppress duplicate identifiers in output.
|
||||||
|
- Fix "EOF" error when running under Go 1.7.
|
||||||
|
- Fix bug where hook script could fail silently.
|
||||||
|
- Fix compilation under Go 1.5.
|
||||||
|
|
||||||
|
## v0.1 (2016-07-27)
|
||||||
|
- Initial release.
|
102
NEWS
102
NEWS
|
@ -1,102 +0,0 @@
|
||||||
v0.14.0 (2022-06-13)
|
|
||||||
* Switch to Go module versioning conventions.
|
|
||||||
|
|
||||||
v0.13 (2022-06-13)
|
|
||||||
* Reduce minimum Go version to 1.17.
|
|
||||||
* Update install instructions.
|
|
||||||
|
|
||||||
v0.12 (2022-06-07)
|
|
||||||
* Retry failed log requests. This should make certspotter resilient
|
|
||||||
to rate limiting by logs.
|
|
||||||
* Add -version flag.
|
|
||||||
* Eliminate unnecessary dependency. certspotter now depends only on
|
|
||||||
golang.org/x packages.
|
|
||||||
* Switch to Go modules.
|
|
||||||
|
|
||||||
v0.11 (2021-08-17)
|
|
||||||
* Add support for contacting logs via HTTP proxies;
|
|
||||||
just set the appropriate environment variable as documented at
|
|
||||||
https://golang.org/pkg/net/http/#ProxyFromEnvironment
|
|
||||||
* Work around RFC 6962 ambiguity related to consistency proofs
|
|
||||||
for empty trees.
|
|
||||||
|
|
||||||
v0.10 (2020-04-29)
|
|
||||||
* Improve speed by processing logs in parallel
|
|
||||||
* Add -start_at_end option to begin monitoring new logs at the end,
|
|
||||||
which significantly speeds up Cert Spotter, at the cost of missing
|
|
||||||
certificates that were added to a log before Cert Spotter starts
|
|
||||||
monitoring it
|
|
||||||
* (Behavior change) Scan logs in their entirety the first time Cert
|
|
||||||
Spotter is run, unless -start_at_end specified (behavior change)
|
|
||||||
* The log list is now retrieved from certspotter.org at startup instead
|
|
||||||
of being embedded in the source. This will allow Cert Spotter to react
|
|
||||||
more quickly to the frequent changes in logs.
|
|
||||||
* (Behavior change) the -logs option now expects a JSON file in the v2
|
|
||||||
log list format. See <https://www.certificate-transparency.org/known-logs>
|
|
||||||
and <https://www.gstatic.com/ct/log_list/v2/log_list_schema.json>.
|
|
||||||
* -logs now accepts an HTTPS URL in addition to a file path.
|
|
||||||
* (Behavior change) the -underwater option has been removed. If you want
|
|
||||||
its behavior, specify https://loglist.certspotter.org/underwater.json to
|
|
||||||
the -logs option.
|
|
||||||
|
|
||||||
v0.9 (2018-04-19)
|
|
||||||
* Add Cloudflare Nimbus logs
|
|
||||||
* Remove Google Argon 2017 log
|
|
||||||
* Remove WoSign and StartCom logs due to disqualification by Chromium
|
|
||||||
and extended downtime
|
|
||||||
|
|
||||||
v0.8 (2017-12-08)
|
|
||||||
* Add Symantec Sirius log
|
|
||||||
* Add DigiCert 2 log
|
|
||||||
|
|
||||||
v0.7 (2017-11-13)
|
|
||||||
* Add Google Argon logs
|
|
||||||
* Fix bug that caused crash on 32 bit architectures
|
|
||||||
|
|
||||||
v0.6 (2017-10-19)
|
|
||||||
* Add Comodo Mammoth and Comodo Sabre logs
|
|
||||||
* Minor bug fixes and improvements
|
|
||||||
|
|
||||||
v0.5 (2017-05-18)
|
|
||||||
* Remove PuChuangSiDa 1 log due to excessive downtime and presumptive
|
|
||||||
disqualification from Chrome
|
|
||||||
* Add Venafi Gen2 log
|
|
||||||
* Improve monitoring robustness under certain pathological behavior
|
|
||||||
by logs
|
|
||||||
* Minor documentation improvements
|
|
||||||
|
|
||||||
v0.4 (2017-04-03)
|
|
||||||
* Add PuChuangSiDa 1 log
|
|
||||||
* Remove Venafi log due to fork and disqualification from Chrome
|
|
||||||
|
|
||||||
v0.3 (2017-02-20)
|
|
||||||
* Revise -all_time flag (behavior change):
|
|
||||||
- If -all_time is specified, scan the entirety of all logs, even
|
|
||||||
existing logs
|
|
||||||
- When a new log is added, scan it in its entirety even if -all_time
|
|
||||||
is not specified
|
|
||||||
* Add new logs:
|
|
||||||
- Google Icarus
|
|
||||||
- Google Skydiver
|
|
||||||
- StartCom
|
|
||||||
- WoSign
|
|
||||||
* Overhaul log processing and auditing logic:
|
|
||||||
- STHs are never deleted unless they can be verified
|
|
||||||
- Multiple unverified STHs can be queued per log, laying groundwork
|
|
||||||
for STH pollination support
|
|
||||||
- New state directory layout; current state directories will be
|
|
||||||
migrated, but migration will be removed in a future version
|
|
||||||
- Persist condensed Merkle Tree state between runs, instead of
|
|
||||||
reconstructing it from consistency proof every time
|
|
||||||
* Use a lock file to prevent multiple instances of Cert Spotter from
|
|
||||||
running concurrently (which could clobber the state directory).
|
|
||||||
* Minor bug fixes and improvements
|
|
||||||
|
|
||||||
v0.2 (2016-08-25)
|
|
||||||
* Suppress duplicate identifiers in output.
|
|
||||||
* Fix "EOF" error when running under Go 1.7.
|
|
||||||
* Fix bug where hook script could fail silently.
|
|
||||||
* Fix compilation under Go 1.5.
|
|
||||||
|
|
||||||
v0.1 (2016-07-27)
|
|
||||||
* Initial release.
|
|
Loading…
Reference in New Issue