Skip to content

v1.6.0
Compare
Choose a tag to compare
@github-actions github-actions released this 07 Feb 08:38
· 27 commits to fork since this release
v1.6.0
c3c9e06

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.0.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

f705f382ce0455be1a5e72b6b42e59f4c11deb968f0435b5f7816f41c36d78c5  npiperelay_windows_386.exe
fad2292be310250b3b5f827705dea46285adf02a7d6be6c2554fbbf9104adb2e  npiperelay_windows_386.zip
01ec20a2314bfa736f5c0b8cfd393200f6fb41b99e366ef4ceb7ab76256ce14f  npiperelay_windows_amd64.exe
be8e922b252a08b2a29b8251bf452dddd77e0e002e01a5e8e161911d3c4b86c1  npiperelay_windows_amd64.zip
Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

  • c3c9e06 Upgrade Go version from 1.21 to 1.22
  • ce139a8 Bump golang.org/x/sys from 0.15.0 to 0.16.0
  • 114b012 Bump github/codeql-action from 2 to 3
  • 392fa8f Bump actions/setup-go from 4 to 5
  • 7907d6a Bump golang.org/x/sys from 0.13.0 to 0.15.0
  • b8c8862 Fix GoReleaser changelog by fetching all history

(Application executable in release assets built with Go version 1.22.0).

Assets 7
Loading