Step CLI v0.28.6 (25-03-18)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.6_amd64.tar.gz
• 📦 step_linux_0.28.6_arm64.tar.gz
• 📦 step_linux_0.28.6_armv7.tar.gz
• 📦 step-cli_0.28.6-1_amd64.deb
• 📦 step-cli-0.28.6-1.x86_64.rpm
• 📦 step-cli_0.28.6-1_arm64.deb
• 📦 step-cli-0.28.6-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.6_amd64.tar.gz
• 📦 step_darwin_0.28.6_arm64.tar.gz

Windows

• 📦 step_windows_0.28.6_amd64.zip
• 📦 step_windows_0.28.6_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.6_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.6_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.6_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• ea5f95e Bump certificates to 0.28.3 (#1390)
• 2e5b5c9 Add changelog for 0.28.6 (#1389)
• 20a81b4 Merge pull request #1387 from smallstep/dependabot/go_modules/golang.org/x/net-0.36.0
• fe48303 Bump golang.org/x/net from 0.35.0 to 0.36.0
• af579f3 Merge pull request #1384 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.36.0
• 533f832 Bump golang.org/x/crypto from 0.35.0 to 0.36.0
• 26abca7 Merge pull request #1386 from smallstep/dependabot/go_modules/golang.org/x/term-0.30.0
• ac5872a Bump golang.org/x/term from 0.29.0 to 0.30.0
• 7842976 Merge pull request #1385 from smallstep/dependabot/go_modules/golang.org/x/sys-0.31.0
• b06043e Bump golang.org/x/sys from 0.30.0 to 0.31.0

Thanks!

Those were the changes on v0.28.6!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.6-rc1 (25-03-18)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.6-rc1_amd64.tar.gz
• 📦 step_linux_0.28.6-rc1_arm64.tar.gz
• 📦 step_linux_0.28.6-rc1_armv7.tar.gz
• 📦 step-cli_0.28.6.rc1-1_amd64.deb
• 📦 step-cli-0.28.6.rc1-1.x86_64.rpm
• 📦 step-cli_0.28.6.rc1-1_arm64.deb
• 📦 step-cli-0.28.6.rc1-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.6-rc1_amd64.tar.gz
• 📦 step_darwin_0.28.6-rc1_arm64.tar.gz

Windows

• 📦 step_windows_0.28.6-rc1_amd64.zip
• 📦 step_windows_0.28.6-rc1_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.6-rc1_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.6-rc1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.6-rc1_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 009e95a Bump certificates to 0.28.3
• 2e5b5c9 Add changelog for 0.28.6 (#1389)
• 20a81b4 Merge pull request #1387 from smallstep/dependabot/go_modules/golang.org/x/net-0.36.0
• fe48303 Bump golang.org/x/net from 0.35.0 to 0.36.0
• af579f3 Merge pull request #1384 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.36.0
• 533f832 Bump golang.org/x/crypto from 0.35.0 to 0.36.0
• 26abca7 Merge pull request #1386 from smallstep/dependabot/go_modules/golang.org/x/term-0.30.0
• ac5872a Bump golang.org/x/term from 0.29.0 to 0.30.0
• 7842976 Merge pull request #1385 from smallstep/dependabot/go_modules/golang.org/x/sys-0.31.0
• b06043e Bump golang.org/x/sys from 0.30.0 to 0.31.0

Thanks!

Those were the changes on v0.28.6-rc1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.5 (25-03-05)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.5_amd64.tar.gz
• 📦 step_linux_0.28.5_arm64.tar.gz
• 📦 step_linux_0.28.5_armv7.tar.gz
• 📦 step-cli_0.28.5-1_amd64.deb
• 📦 step-cli-0.28.5-1.x86_64.rpm
• 📦 step-cli_0.28.5-1_arm64.deb
• 📦 step-cli-0.28.5-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.5_amd64.tar.gz
• 📦 step_darwin_0.28.5_arm64.tar.gz

Windows

• 📦 step_windows_0.28.5_amd64.zip
• 📦 step_windows_0.28.5_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.5_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.5_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.5_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 144d46a Merge pull request #1382 from smallstep/herman/crypto-v0.59.1
• 9006f26 Merge pull request #1383 from smallstep/herman/fix-token-user-braces
• 565dcf0 Change .Token.user.field to not use curly braces
• 015bf37 Upgrade go.step.sm/crypto to v0.59.1

Thanks!

Those were the changes on v0.28.5!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.5-rc1 (25-03-05)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.5-rc1_amd64.tar.gz
• 📦 step_linux_0.28.5-rc1_arm64.tar.gz
• 📦 step_linux_0.28.5-rc1_armv7.tar.gz
• 📦 step-cli_0.28.5.rc1-1_amd64.deb
• 📦 step-cli-0.28.5.rc1-1.x86_64.rpm
• 📦 step-cli_0.28.5.rc1-1_arm64.deb
• 📦 step-cli-0.28.5.rc1-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.5-rc1_amd64.tar.gz
• 📦 step_darwin_0.28.5-rc1_arm64.tar.gz

Windows

• 📦 step_windows_0.28.5-rc1_amd64.zip
• 📦 step_windows_0.28.5-rc1_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.5-rc1_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.5-rc1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.5-rc1_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 25e071b Bump go.step.cm/crypto to latest to see if it fixes releases

Thanks!

Those were the changes on v0.28.5-rc1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.28.4

Changelog

• Replace jq --argfile with --slurpfile by @hslatman in #1366
• Fix cast package tests for linux/arm32 by @hslatman in #1368
• Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot in #1370
• Bump go.step.sm/crypto from 0.57.1 to 0.58.0 by @dependabot in #1372
• Bump golang.org/x/crypto from 0.33.0 to 0.35.0 by @dependabot in #1373
• Bump github.com/smallstep/cli-utils from 0.10.0 to 0.11.0 by @dependabot in #1369
• Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 by @dependabot in #1374
• Skip opening the default browser if STEP_OPEN_BROWSER=false by @jdoss in #1361
• Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 by @dependabot in #1376
• Bump github.com/smallstep/cli-utils from 0.11.0 to 0.12.1 by @dependabot in #1379
• Bump go.step.sm/crypto from 0.58.0 to 0.59.0 by @dependabot in #1378
• command/ca/token: support custom "user" claim by @fuhry in #1375
• Allow a few global defaults to be pulled from the CA by @dopey in #1377
• Update changelog for v0.28.4 by @dopey in #1380

New Contributors

• @fuhry made their first contribution in #1375

Full Changelog: v0.28.3...v0.28.4

Step CLI v0.28.3 (25-02-20)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.3_amd64.tar.gz
• 📦 step_linux_0.28.3_arm64.tar.gz
• 📦 step_linux_0.28.3_armv7.tar.gz
• 📦 step-cli_0.28.3-1_amd64.deb
• 📦 step-cli-0.28.3-1.x86_64.rpm
• 📦 step-cli_0.28.3-1_arm64.deb
• 📦 step-cli-0.28.3-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.3_amd64.tar.gz
• 📦 step_darwin_0.28.3_arm64.tar.gz

Windows

• 📦 step_windows_0.28.3_amd64.zip
• 📦 step_windows_0.28.3_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.3_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.3_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.3_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 74c1b44 Bump certificates to v0.28.2 | updated go.mod golang to 1.23 (#1365)
• 140b479 Changelog for v0.28.3 (#1364)
• 3c3c6bf Merge pull request #1363 from smallstep/herman/fix-gosec
• 475b7eb Fix new golangci-lint issues
• cee7040 Merge pull request #1355 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.33.0
• 6c2b99b Bump golang.org/x/crypto from 0.32.0 to 0.33.0
• 1d86322 Merge pull request #1357 from smallstep/dependabot/go_modules/golang.org/x/term-0.29.0
• 0a0c3cd Bump golang.org/x/term from 0.28.0 to 0.29.0
• 367528b Merge pull request #1356 from smallstep/dependabot/go_modules/golang.org/x/sys-0.30.0
• 168e5f8 Merge pull request #1358 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.5
• f0226bc Bump google.golang.org/protobuf from 1.36.4 to 1.36.5
• 0ecda7b Bump golang.org/x/sys from 0.29.0 to 0.30.0
• ef5521b Merge pull request #1350 from smallstep/mariano/redirect-uri
• 283c2d5 Update utils/cautils/bootstrap.go
• 4f2b63a Merge pull request #1353 from smallstep/mariano/renew
• 36d189b Use a released version of crypto
• 153b692 Add help with the limitations of the --kms flag
• da3b6d3 Apply suggestions from code review
• 1c4695d Use go.step.sm/crypto from smallstep/crypto#689
• 611b9a7 Fix linter errors
• 0bd0223 Merge pull request #1354 from smallstep/dependabot/go_modules/github.com/golang/glog-1.2.4
• b4efcff Bump github.com/golang/glog from 1.2.2 to 1.2.4
• bbc2f41 Add support for KMS in the ca renew and rekey commands
• fba09a1 Merge pull request #1352 from smallstep/dependabot/github_actions/actions/setup-go-5.3.0
• b8d5614 Bump actions/setup-go from 5.2.0 to 5.3.0
• 996e323 Merge pull request #1351 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.4
• 00d5eab Bump google.golang.org/protobuf from 1.36.3 to 1.36.4
• 0ae8763 Handle the redirect-url flag
• 4fbb813 Merge pull request #1347 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.57.0
• 0d3bd60 Bump go.step.sm/crypto from 0.56.0 to 0.57.0
• fc73499 Merge pull request #1348 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.3
• 49aa134 Bump google.golang.org/protobuf from 1.36.2 to 1.36.3
• 7362344 Merge pull request #1346 from smallstep/dependabot/github_actions/softprops/action-gh-release-2.2.1
• 5eee4c4 Bump softprops/action-gh-release from 2.2.0 to 2.2.1
• bb5069f Merge pull request #1345 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.2
• 6af48cf Bump google.golang.org/protobuf from 1.36.1 to 1.36.2
• 45676f9 Merge pull request #1339 from smallstep/herman/upgrade-linkedca-v0.23.0
• 49c4f76 Upgrade github.com/smallstep/certificates to cda0eec3
• afa6eac Use github.com/smallstep/linkedca @ v0.23.0
• 7a16b1f Merge pull request #1342 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.32.0
• e6d561e Bump golang.org/x/crypto from 0.31.0 to 0.32.0
• 178edd4 Merge pull request #1340 from smallstep/dependabot/go_modules/golang.org/x/term-0.28.0
• 4619d7a Bump golang.org/x/term from 0.27.0 to 0.28.0
• 53acb17 Merge pull request #1341 from smallstep/dependabot/go_modules/golang.org/x/sys-0.29.0
• df2f690 Bump golang.org/x/sys from 0.28.0 to 0.29.0
• 79884f7 Merge pull request #1338 from smallstep/dependabot/go_modules/github.com/google/go-tpm-0.9.3
• 31dfee4 Bump github.com/google/go-tpm from 0.9.2 to 0.9.3
• d51feb2 Merge pull request #1337 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.56.0
• e7f97f9 Bump go.step.sm/crypto from 0.55.0 to 0.56.0
• 151fdb3 Merge pull request #1336 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.1
• efba69c Upgrade golang.org/x/net to v0.33.0
• d885bcc Bump google.golang.org/protobuf from 1.36.0 to 1.36.1
• b597c44 Merge pull request #1333 from smallstep/dependabot/go_modules/github.com/google/go-tpm-0.9.2
• 05f9342 Merge pull request #1334 from smallstep/dependabot/go_modules/google.golang.org/protobuf-1.36.0
• a1502e6 Bump google.golang.org/protobuf from 1.35.2 to 1.36.0
• 03fb39a Bump github.com/google/go-tpm from 0.9.1 to 0.9.2
• a3be82f Merge pull request #1331 from smallstep/dependabot/github_actions/actions/setup-go-5.2.0
• 2c6f460 Merge pull request #1332 from smallstep/dependabot/github_actions/softprops/action-gh-release-2.2.0
• 37e7da5 Bump softprops/action-gh-release from 2.1.0 to 2.2.0
• ce9f6da Bump actions/setup-go from 5.1.0 to 5.2.0
• 6d65706 Merge pull request #1328 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.31.0
• d2c05a3 Bump golang.org/x/crypto from 0.30.0 to 0.31.0
• e7cd11a Merge pull request #1326 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.9.5
• 4de3f87 Update to github.com/smallstep/certificates @ 51e253be
• b509945 Bump github.com/slackhq/nebula from 1.9.4 to 1.9.5
• 503a05e Merge pull request #1324 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.55.0
• f7fa6c4 Bump go.step.sm/crypto from 0.54.2 to 0.55.0
• 739bf9a Merge pull request #1327 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.30.0
• e01cd4b Bump golang.org/x/crypto from 0.29.0 to 0.30.0
• 3548dcf Merge pull request #1325 from smallstep/dependabot/go_modules/golang.org/x/sys-0.28.0
• 6b2d879...

Step CLI v0.28.2 (24-11-20)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.2_amd64.tar.gz
• 📦 step_linux_0.28.2_arm64.tar.gz
• 📦 step_linux_0.28.2_armv7.tar.gz
• 📦 step-cli_0.28.2-1_amd64.deb
• 📦 step-cli-0.28.2-1.x86_64.rpm
• 📦 step-cli_0.28.2-1_arm64.deb
• 📦 step-cli-0.28.2-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.2_amd64.tar.gz
• 📦 step_darwin_0.28.2_arm64.tar.gz

Windows

• 📦 step_windows_0.28.2_amd64.zip
• 📦 step_windows_0.28.2_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.2_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.2_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.2_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 6fb3e24 Changelog for v0.28.2 (#1321)
• 6486532 [ci] goreleaser changed build directory for arm64 to arm64_v8.0 (#1319)

Thanks!

Those were the changes on v0.28.2!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.2-rc2 (24-11-20)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.2-rc2_amd64.tar.gz
• 📦 step_linux_0.28.2-rc2_arm64.tar.gz
• 📦 step_linux_0.28.2-rc2_armv7.tar.gz
• 📦 step-cli_0.28.2.rc2-1_amd64.deb
• 📦 step-cli-0.28.2.rc2-1.x86_64.rpm
• 📦 step-cli_0.28.2.rc2-1_arm64.deb
• 📦 step-cli-0.28.2.rc2-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.2-rc2_amd64.tar.gz
• 📦 step_darwin_0.28.2-rc2_arm64.tar.gz

Windows

• 📦 step_windows_0.28.2-rc2_amd64.zip
• 📦 step_windows_0.28.2-rc2_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.2-rc2_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.2-rc2_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.2-rc2_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• 1dc2642 [ci] fix deprecation warnings from goreleaser linter

Thanks!

Those were the changes on v0.28.2-rc2!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Step CLI v0.28.2-rc1 (24-11-20)

Official Release Artifacts

Below are the most popular artifacts for step on each platform.

For packaged versions (Homebrew, Scoop, etc.), see our installation docs.

Linux

• 📦 step_linux_0.28.2-rc1_amd64.tar.gz
• 📦 step_linux_0.28.2-rc1_arm64.tar.gz
• 📦 step_linux_0.28.2-rc1_armv7.tar.gz
• 📦 step-cli_0.28.2.rc1-1_amd64.deb
• 📦 step-cli-0.28.2.rc1-1.x86_64.rpm
• 📦 step-cli_0.28.2.rc1-1_arm64.deb
• 📦 step-cli-0.28.2.rc1-1.aarch64.rpm
• see Assets below for more builds

macOS Darwin

• 📦 step_darwin_0.28.2-rc1_amd64.tar.gz
• 📦 step_darwin_0.28.2-rc1_arm64.tar.gz

Windows

• 📦 step_windows_0.28.2-rc1_amd64.zip
• 📦 step_windows_0.28.2-rc1_arm64.zip

Signatures and Checksums

step uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate ~/Download/step_darwin_0.28.2-rc1_amd64.tar.gz.pem \
  --signature ~/Downloads/step_darwin_0.28.2-rc1_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  ~/Downloads/step_darwin_0.28.2-rc1_amd64.tar.gz

The checksums.txt file (in the 'Assets' section below) contains a checksum for every artifact in the release.

Changelog

• ba888b4 Use * rather than explicit version to find arm64 builds
• d49e5c5 [ci] goreleaser changed build directory for arm64 to arm64_v8.0

Thanks!

Those were the changes on v0.28.2-rc1!

Come join us on Discord to ask questions, chat about PKI, or get a sneak peek at the freshest PKI memes.

Release v0.28.1

Changelog for 0.28.1 (#1318)