v1.5.0

What's Changed

• Bump actions/checkout from 3 to 4 by @dependabot in #93
• Update dependency-review workflow by @marcransome in #94
• Bump github/codeql-action from 2 to 3 by @dependabot in #97
• Use Markdown alert in README.md by @marcransome in #98
• Bump actions/dependency-review-action from 3 to 4 by @dependabot in #99
• Update workflow names by @marcransome in #100
• Add OpenSSF Scorecard supply-chain security workflow by @marcransome in #101
• Add OpenSSF Scorecard badge by @marcransome in #102
• Update OpenSSF Scorecard badge by @marcransome in #103
• Remediate OpenSSF Scorecard pinned-dependencies by @marcransome in #104
• Remediate OpenSSF Scorecard token-permissions by @marcransome in #105
• Bump OpenSSF Scorecard workflow actions by @marcransome in #106
• Bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in #108
• Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #107
• Bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in #111
• Bump actions/dependency-review-action from 4.1.3 to 4.2.3 by @dependabot in #112
• Bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #113
• Refactor error handling logic by @marcransome in #109
• Add SLSA provenance workflow by @marcransome in #114
• Switch to default CMake generator by @marcransome in #115
• Split SLSA workflow steps by @marcransome in #116
• Pin SLSA reusable workflow using git tag by @marcransome in #117
• Fix SLSA artifact hashing by @marcransome in #118
• Generate SLSA attestations for x86_64 and arm64 by @marcransome in #119
• Fix machine hardware name comparison logic by @marcransome in #120
• Generate tar.xz artifacts without file prefixes by @marcransome in #121
• Fix artifact name in SLSA workflow by @marcransome in #122
• Add release job to SLSA workflow by @marcransome in #123
• Fix SLSA provenance name suffix by @marcransome in #124
• Update release trigger event by @marcransome in #125
• Add token permissions to release job by @marcransome in #126
• Add checksums and in-toto attestations to release by @marcransome in #127
• Fix job output references and rename jobs by @marcransome in #128
• Fix job name in release workflow by @marcransome in #129
• Download in-toto attestations in release job by @marcransome in #130
• Fix in-toto attestations upload for release by @marcransome in #131
• Conditionally upload SLSA provenance by @marcransome in #132
• Fix ternary for conditional SLSA provenance by @marcransome in #133
• Remove redundant in-toto attestations upload by @marcransome in #134
• Refactor release workflow by @marcransome in #135
• Add missing test dependency to release workflow by @marcransome in #137
• Update release workflow dependencies by @marcransome in #138
• Fix unbound variable in release workflow by @marcransome in #139
• Add SLSA verification step to release workflow by @marcransome in #140
• Pin SLSA verifier to tag version by @marcransome in #141
• Remove SLSA verifier pending upstream updates by @marcransome in #144
• Bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #142
• Harden workflow runners by @marcransome in #147
• Update README.md by @marcransome in #145
• Update README.md by @marcransome in #148
• Add FlogConfig unit tests by @marcransome in #77
• Disable unit test requiring isatty() by @marcransome in #150

New Contributors

• @dependabot made their first contribution in #93

Full Changelog: 1.4.0...v1.5.0