Releases: letsencrypt/boulder
Releases · letsencrypt/boulder
v0.20251208.0
v0.20251208.0
This tag was signed with the committer’s verified signature.
aarongable
Aaron Gable
What's Changed
- ratelimits: Refactor Reset() to accept a batch of Transactions by @beautifulentropy in #8503
- Update CI to go1.25.5 by @aarongable in #8511
- Store authzIDs directly in order table by @jsha in #8460
- Add current datetime column to orderFqdnSets and authz2 tables by @aarongable in #8512
- sa: Fix modelToOrder to populate V2Authorizations from Authzs column by @aaomidi in #8514
- Remove ECDSA P-224 curve support from the ceremony tool by @pgporada in #8515
- Allow monitoring_only logs as well as test logs for submitToTestLogs by @mcpherrinm in #8510
- database: Add vitess + mysql 8.4 to our development environment by @beautifulentropy in #8468
Full Changelog: v0.20251202.0...v0.20251208.0
Contributors
mcpherrinm, jsha, and 4 other contributors
Assets 5
v0.20251202.0
What's Changed
- sa: use dummy date instead of zero date by @jsha in #8481
- borp/sa: Update borp to pass Transaction args through BoulderTypeConverter by @beautifulentropy in #8494
- sfe: Keep loading intervals in sync with promise, fix wording by @beautifulentropy in #8500
- sfe/redis: Add limiter config to SFE and cleanup creds by @beautifulentropy in #8501
- Make CAA checking more like DCV checking by @aarongable in #8491
- Update Public Suffix List to v0.50.1 by @aarongable in #8495
- sa: Stop injecting max_statement_time and long_query_time into DSNs by @beautifulentropy in #8490
- Remove dead code by @mcpherrinm in #8506
- build(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in #8507
Full Changelog: v0.20251118.0...v0.20251202.0
Contributors
mcpherrinm, jsha, and 3 other contributors
Assets 8
v0.20251118.0
v0.20251118.0
This tag was signed with the committer’s verified signature.
aarongable
Aaron Gable
What's Changed
- build(deps): bump actions/github-script from 7 to 8 by @dependabot[bot] in #8472
- wfe: Add healthz endpoint by @jprenken in #8484
- Use promauto.With(stats) instead of stats.MustRegister() by @aarongable in #8483
- database: Remove Partitions from our tables by @beautifulentropy in #8489
- sfe/overrides: Update agreements with revised wording from legal by @beautifulentropy in #8488
Full Changelog: v0.20251110.0...v0.20251118.0
Contributors
aarongable, jprenken, and 2 other contributors
Assets 8
v0.20251110.0
What's Changed
- Remove 10-second timeout from RA's override loading code by @jprenken in #8477
- test: Remove queries containing DDL from unit tests by @beautifulentropy in #8479
- Refactor GetSCTs to use a single loop with a ticker by @mcpherrinm in #8470
- Use promauto to register stats in bdns by @mcpherrinm in #8480
- Export prometheus client_golang's Go build_info metric by @mcpherrinm in #8482
Full Changelog: v0.20251103.0...v0.20251110.0
Contributors
mcpherrinm, jprenken, and beautifulentropy
Assets 8
v0.20251103.0
v0.20251103.0
This tag was signed with the committer’s verified signature.
beautifulentropy
Samantha Frank
What's Changed
- sa: NewOrderAndAuthzs checks that nonzero authzs were provided by @jsha in #8464
- Add visibility into nonce redemption failure causes by @aarongable in #8448
- Use json tags to suppress Account fields in API responses by @aarongable in #8455
- Deprecate NoPendingAuthzReuse flag by @jsha in #8458
- build(deps): bump the aws group with 3 updates by @dependabot[bot] in #8467
- iana: Remove hardcoded multicast prefixes by @jprenken in #8456
- Remove Python tests for TLS-ALPN-01 by @jsha in #8457
- wfe/ra: Periodically load rate limit overrides from the database by @jprenken in #8407
- sfe: Create Salesforce Case at override request form submission time by @beautifulentropy in #8438
- Clean up dangling OCSP configs by @jenhagg in #8461
New Contributors
Full Changelog: v0.20251027.0...v0.20251103.0
Contributors
jsha, aarongable, and 4 other contributors
Assets 8
v0.20251027.0
v0.20251027.0
This tag was signed with the committer’s verified signature.
aarongable
Aaron Gable
What's Changed
- Add an extra timeout waiting for RVAs by @mcpherrinm in #8434
- Use a newer version of proxysql, consul, and redis by @pgporada in #8450
- Bind issuers to only issue for specified profiles by @aarongable in #8409
- build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 by @dependabot[bot] in #8449
- Remove requirement for IncludeCRLDistributionPoints config by @aarongable in #8462
- Update README to reference t.sh and tn.sh by @aarongable in #8463
- bdns: remove logDNSError by @jsha in #8445
- Remove deprecated Temporary() usage in DNS retry logic by @sheurich in #8441
- Make release workflow compatible with immutable releases by @aarongable in #8454
Full Changelog: v0.20251021.0...v0.20251027.0
Contributors
mcpherrinm, jsha, and 4 other contributors
Assets 8
v0.20251021.0
What's Changed
- Reduce nonce redemption flake by giving WFE time to mark SubConns READY by @aarongable in #8442
- Simplify IssueCertificate into straight-line code by @aarongable in #8424
- Delete sa.GetMaxExpiration and sa.GetRevokedCerts by @aarongable in #8401
- Ceremony: add checks for too-large validity period by @aarongable in #8446
- build(deps): bump the aws group with 3 updates by @dependabot[bot] in #8444
- Remove support for the old log line checksum format by @mcpherrinm in #8416
Full Changelog: v0.20251014.0...v0.20251021.0
Contributors
mcpherrinm, aarongable, and dependabot
Assets 5
v0.20251014.0
v0.20251014.0
This tag was signed with the committer’s verified signature.
beautifulentropy
Samantha Frank
What's Changed
- build(deps): bump the otel group with 6 updates by @dependabot[bot] in #8437
- sfe: Add configurable automatic approvals for first-tier limits by @beautifulentropy in #8381
- Switch to new log checksum format by @mcpherrinm in #8415
- Reland "SA: Stop supporting OCSP status NotReady" by @aarongable in #8430
Full Changelog: v0.20251007.0...v0.20251014.0
Contributors
mcpherrinm, aarongable, and 2 other contributors
Assets 5
v0.20251007.0
v0.20251007.0
This tag was signed with the committer’s verified signature.
aarongable
Aaron Gable
What's Changed
- Revert "SA: Stop supporting OCSP status NotReady" by @aarongable in #8429
- Introduce nonfunctional IssuerConfig.Profiles config field by @aarongable in #8423
- Refactor CA unittests to focus on top-level IssueCertificate by @aarongable in #8422
- Add logging of nonce prefix at nonce-service startup by @jsha in #8433
- publisher: Do not log failures to submit to audit logs by @beautifulentropy in #8435
- Update CI to go1.25.2 by @aarongable in #8436
Full Changelog: v0.20251003.0...v0.20251007.0
Contributors
jsha, aarongable, and beautifulentropy
Assets 5
v0.20250929.0
What's Changed
- CA: Stop using OCSP status NotReady by @aarongable in #8394
- Remove support for temporally-sharded CRLs by @aarongable in #8400
- wfe: Permit Transfer-Encoding: chunked HTTP request bodies by @benburkert in #8403
- build(deps): bump the aws group with 4 updates by @dependabot[bot] in #8392
- Use GetRevocationStatus instead of GetCertificateStatus by @aarongable in #8402
- Start accepting a new log checksum format by @mcpherrinm in #8413
New Contributors
- @benburkert made their first contribution in #8403
Full Changelog: v0.20250922.0...v0.20250929.0
Contributors
benburkert, mcpherrinm, and 2 other contributors