v0.8.0
Soft Serve 0.8.0 puts you in control
This release contains new features and important bug fixes to different Soft Serve components. You now can services that you don't need as well as use a custom config path different from the data directory.
Toggle Server Componenets
Soft Serve runs 4 different services that listen to various ports to serve Git repositories and metadata over the network. It has an SSH server, HTTP server, Git TCP server, and a Prometheus stats server. They all start when you run soft serve
! Now, you can disable unwanted components in your config file or via environment variables.
git:
# Disable Git daemon TCP server
enabled: false
stats:
# Disable Promethues stats server
enabled: false
Custom Config Path
Soft Serve defaults to reading your config.yaml
from $SOFT_SERVE_DATA/config.yaml
. Now, you can have a custom path for the config file using $SOFT_SERVE_CONFIG_LOCATION
.
export SOFT_SERVE_CONFIG_LOCATION=$HOME/.soft-serve.yaml
soft serve
Changelog
New Features
- c354d5f: feat: optionally pull config from a custom file (envvar), default to data path. (#557) (@fire833)
- 069db27: feat: support toggling servers on/off in configuration (#594) (#612) (@jaw)
- 0540b4d: feat: test framework supports turning off -race flag (#605) (@jaw)
- 446ec63: feat: update go.mod to use go 1.22 and toolchain go1.23.2 (@aymanbagabas)
Bug fixes
- c78da07: fix(config): add SOFT_SERVE_CONFIG_LOCATION to Environ (@aymanbagabas)
- 00be796: fix(config): add default values for the enabled fields (@aymanbagabas)
- 7c45a99: fix(daemon): close listener only once (#615) (@aymanbagabas)
- 85b4625: fix: add missing arg length check to fix runtime panic (#568) (@christophershirk)
- 3aa71e0: fix: git daemon listens only when starting it (#607) (@jaw)
- 1de446f: fix: prevent enumeration of private repo (#614) (@kyokugirl)
- a2cf786: fix: respect anon-access on ssh (@aymanbagabas)
- 5d5c55e: fix: test framework supports ensuring specific port is open (#606) (@jaw)
- 6658cf1: fix: update position constant in
JoinHorizontal
(#552) (@aditipatelpro)
Other work
Verifying the artifacts
First, download the checksums.txt
file, for example, with wget
:
wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.0/checksums.txt'
Then, verify it using cosign
:
cosign verify-blob \
--certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--cert 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.0/checksums.txt.pem' \
--signature 'https://github.com/charmbracelet/soft-serve/releases/download/v0.8.0/checksums.txt.sig' \
./checksums.txt
If the output is Verified OK
, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum
:
sha256sum --ignore-missing -c checksums.txt
Done! You artifacts are now verified!
Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.