v1.5.0-rc1 (2021-08-23)

Fixes

• Fix case-insensitive comparison of program path and target program path leading to soft lock in Windows if APPDATA is configured with incorrect casing via registry.

v1.5.0-rc0 (2021-04-16)

Features

• trivrost will log the progress of downloads if the connection was interrupted for any reason.
• The binary can now be compressed with UPX when using make compress. Reduces the final filesize to less than 50%.

Fixes

• trivrost will no longer attempt to repeat range requests to a host after it has failed to conformly respond while displaying the confusing message Taking longer than usual: HTTP Status 200 and will now fail immediately in such cases instead.
• trivrost will no longer fail to comply with HTTP 2 strictly using lower-case HTTP Header names. This had been caused by methods of http.Header still being oriented around HTTP 1 canonical header names due to Go's backwards compatibility promise.
• Instead of always showing 'Cannot reach server' to the user, show more precise/useful messages on connection issues.
• hasher will no longer blindly overwrite an existing bundle info file but instead error out.
• hasher will no longer create a directory if a non-existing one is passed as an argument.
• hasher will now exit with an error when the pathToHash has no files to hash.
• timestamps.json is ignored, if it is corrupt and no longer prevents trivrost from starting.

Changes

• Update dependencies to recent versions: gopsutils, testify, gojsonschema, logrus, prometheus/client_golang, go_ieproxy, fatih/color, golang/x/sys, golang/x/net
• DWARF symbols are now stripped from the trivrost binary to reduce file size. This can save a few bytes on some platforms.
• Every TLS Certificate fingerprint will be logged once with the host name it has first been seen on.
• Shorter log-output for proxy detection. Reduces average size of the log output by 5–15%.
• Shorter log-output for HTTP errors, reduces size of log output by a few percent.
• Do not hide the download speed label, even if the speed is zero.
• The download-speed label now shows a three seconds average.
• The same download-related log messages will now be printed at most 5 times (with information about this limit in the last message).

v1.4.6 (2021-01-25)

Fixes

• Windows binary signing: Use RFC-3161 timestamp server with sha 256 config. SHA-1 ciphers are considered deprecated. Nothing should change for the enduser.

v1.4.5 (2021-01-04)

Fixes

• Switch timestamp server for signing from Verisign to Globalsign.

v1.4.4 (2020-01-17)

Changes

• Validator's /validate endpoint now always answers with status code 200 OK. Endpoint /metrics should be tested for value of trivrost_validation_ok as a healthcheck instead.

v1.4.3 (2020-01-17)

Fixes

• Fix validator displaying wrong URL when using configurl.

v1.4.2 (2020-01-17)

Fixes

• Fix validator saying configurl is not set when it is.

v1.4.1 (2020-01-17)

Features

• cmd/validator: Run as service for use as healthcheck when started with --act-as-service command line argument; send HTTP GET requests to :80/validate. Customize port with --port. Override deployment-config URL with configurl query parameter.

v1.4.0 (2019-11-22)

Features

• cmd/validator will now check that command binary's will be downloaded per platform, where previously it would only check if they are available under their respective bundle URL.
• Added new field IsUpdateMandatory to deployment-config, which allows to deny the user the launch of the application when system bundles require changes.

Fixes

• Fixed changes to the launcher icon not being applied after a self-update on Linux.
• cmd/validator: fix only the first missing bundle URL being reported.
• Fix missing LauncherUpdate in deployment-config leading to error when documentation explicitly allows it.
• Fix false positives in log warning about program name on disk having diverged from what is configured in the embedded launcher-config on Windows and MacOS.

Changes

• trivrost now allows users to continue past failed self-updates as well as omitted changes to system bundles in system mode installations, unless further configuration is made; see the new field IsUpdateMandatory in deployment-config.

v1.3.5 (2019-11-11)

Fixes

• Ignore --psn_X_YYYYY arugment which is appended by MacOS to the command line arguments when the programm was launched through a Gatekeeper context. Regression found in v1.3.2, v1.3.3, v1.3.4.