Sourced from github.com/google/ko's releases.

v0.13.0

What's Changed

• SPDX: Fix package manager label by @​puerco in ko-build/ko#801
• SPDX 2.3 support by @​puerco in ko-build/ko#803
• ci: build and test using 1.18 and 1.19 (drop 1.17) by @​imjasonh in ko-build/ko#812
• removes repo move message by @​mchmarny in ko-build/ko#814
• feat: write sbom result to disk by @​developer-guy in ko-build/ko#822
• feat: adding support for using multiple keychain for sending sbom results to a different repository by @​developer-guy in ko-build/ko#821
• Move docs to ko.build by @​imjasonh in ko-build/ko#749
• Update setup-ko version by @​ianlewis in ko-build/ko#836
• Add -- usage in readme by @​jwcesign in ko-build/ko#840
• add CONTRIBUTING, code of conduct, roadmap by @​imjasonh in ko-build/ko#837
• attempt to fix GH Pages publishing by @​imjasonh in ko-build/ko#843
• doc: fix link to Installation page in Getting Started by @​antoineco in ko-build/ko#846
• .ko.yaml: bump golang 1.18 -> 1.19 by @​srenatus in ko-build/ko#848
• truncate -image-refs file by @​imjasonh in ko-build/ko#855
• update docs: fix broken links, align with README by @​imjasonh in ko-build/ko#854
• Handle KO_DOCKER_REPO=ko.local/repo and --bare correctly by @​imjasonh in ko-build/ko#820
• another docs update by @​imjasonh in ko-build/ko#856
• ko.build: support some common shortlinks by @​imjasonh in ko-build/ko#872
• install: fail with 404 instead of gzip error when url was wrong by @​grosser in ko-build/ko#879
• feat: deduplicate tags by @​bluebrown in ko-build/ko#884
• install mkdocs-redirect when publishing site by @​imjasonh in ko-build/ko#873
• nit: replace one-item slice with const by @​imjasonh in ko-build/ko#885
• Temp fix for SLSA generators by @​laurentsimon in ko-build/ko#886
• Fix verifier by @​laurentsimon in ko-build/ko#891
• Fix link in static-assets.md by @​yuryu in ko-build/ko#893
• add KO_DEFAULTBASEIMAGE usage to docs by @​developer-guy in ko-build/ko#895
• Publish an tagged image on release by @​vdemeester in ko-build/ko#868
• Add option to configure default platforms by @​ReToCode in ko-build/ko#897
• Fix broken SLSA link by @​imjasonh in ko-build/ko#899
• add MAINTAINERS.md by @​imjasonh in ko-build/ko#905
• fix: possible race condition when applying templates to flags/ldflags by @​caarlos0 in ko-build/ko#913
• update docs to reflect actual default base image by @​imjasonh in ko-build/ko#903
• remove repeated error message on failure by @​imjasonh in ko-build/ko#921
• website: update CNCF announcement by @​imjasonh in ko-build/ko#920
• fix KO_CONFIG_PATH pointing to a file by @​imjasonh in ko-build/ko#923
• upgrade to cosign v2.0.0-rc.0 by @​imjasonh in ko-build/ko#933
• Feature: Add ECR presubmit testing. by @​mattmoor in ko-build/ko#934
• remove 'ko deps' by @​imjasonh in ko-build/ko#937
• feat: Add KO_GO_PATH env var by @​embano1 in ko-build/ko#930
• add ko.build/slack short link by @​imjasonh in ko-build/ko#945
• update link to ko goreleaser docs by @​imjasonh in ko-build/ko#936
• add ko community meeting details by @​developer-guy in ko-build/ko#938
• fix cosign by adding --yes by @​imjasonh in ko-build/ko#973
• fix: handle docker's unknown/unknown platform in index manifests by @​imjasonh in ko-build/ko#975
• fix file extension for cyclonedx by @​developer-guy in ko-build/ko#974

New Contributors

• @​ianlewis made their first contribution in ko-build/ko#836

... (truncated)

• e22e7a1 bump ggcr dep to @​main (#976)
• 8e075ae fix file extension for cyclonedx (#974)
• 11670b7 fix: handle docker's unknown/unknown platform in index manifests (#975)
• 7ce9478 fix cosign by adding --yes (#973)
• 9302da7 Bump k8s.io/apimachinery from 0.26.1 to 0.26.2 (#972)
• a158883 Bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#971)
• 86b6c28 Bump actions/checkout from 2 to 3 (#966)
• 0bd12fb Bump slsa-framework/slsa-github-generator from 1.2.1 to 1.5.0 (#967)
• d5125da Bump github.com/sigstore/cosign/v2 from 2.0.0-rc.2 to 2.0.0 (#965)
• 03f4aed add ko community meeting details (#938)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)