1.0.0 (2025-08-11)
BREAKING
- This first full release of BOMnipotent is incompatible with the beta version:
- The database schema required a breaking overhaul.
- User key pairs need to follow the OpenPGP standard. Keys created previously to this version do no longer work.
Added
- The server creates and offers Sha256 and Sha512 hashes for BOMs and CSAF documents.
- OpenPGP config
allowing the server to host a public key and sign documents, thus becoming a CSAF trusted provider.
- If OpenPGP is configured, the server offers signatures of BOMs and CSAF documents, and the client downloads them.
Fixed
- Error messages during the initial config loading were not logged.
- The server was unable to start if a tmp_admin was specified in the config.