v2025.2

New features

• sign: Support generic "spki" type of commit signatures by @ueno in #3278

The current "ed25519" signing type assumes raw Ed25519 key format for
both public and private keys. This patch generalizes it by adding a
new signature type "spki" which uses the X.509 SubjectPublicKeyInfo
format for public keys. Keys in this format can easily be created with
openssl tools and provide crypto agility[1] as the format embeds
algorithm identifier.

Minor features, bugfixes and other changes

• Release 2025.1 by @jmarrero in #3371
• docs: update Dockerfile by @igoropaniuk in #3370
• libotutil: Remove redundant import of prctl.h by @fossdd in #3375
• Update GIR by @Mstrodl in #3376
• Update gir followup by @cgwalters in #3378
• zipl: remove 'sdboot' image before generating new one by @nikita-dubrovskii in #3379
• prepare-root: Log when we're mounting with verity required by @cgwalters in #3377
• sepolicy: Add ostree_sepolicy_set_null_log by @cgwalters in #3381
• libostree: remove unused libmount include by @alyssais in #3383
• libostree: add private dependencies to pkg-config by @alyssais in #3382
• core: Fix bare-user xattr canonicalization by @cgwalters in #3385
• boot: Drop ostree-finalize-staged.path by @jlebon in #3389
• Use fsfreeze_thaw_cycle(/boot) instead of fsync(/boot) by @champtar in #3393
• Update introduction.md by @vmorris in #3394
• test-gpg-verify-result: Show what the result was before asserting about it by @smcv in #3387
• commit: Clarify that syncfs is of repo/tmp by @cgwalters in #3395

New Contributors

• @igoropaniuk made their first contribution in #3370
• @fossdd made their first contribution in #3375
• @alyssais made their first contribution in #3383
• @champtar made their first contribution in #3393
• @vmorris made their first contribution in #3394

Full Changelog: v2025.1...v2025.2