in-toto is a framework to protect supply chain integrity.
See CHANGELOG.md for details.
See CHANGELOG.md for details.
This release includes breaking changes such as the removal of the user_settings module and changes to exceptions raised during artifact recording. Additionally, it incorporates changes for issues captured in security advisories GHSA-p86f-xmg6-9q4x, GHSA-jjgp-whrp-gq8m, and GHSA-wc64-c5rv-32pf, the last of which has been assigned CVE-2023-32076.
--bits
is used with non RSA keys in in-toto-keygen
(#588)