-
Notifications
You must be signed in to change notification settings - Fork 547
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump the gomod group across 1 directory with 16 updates #3924
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/go_modules/gomod-4c7a773253
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dependabot
bot
added
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
labels
Nov 4, 2024
dependabot
bot
force-pushed
the
dependabot/go_modules/gomod-4c7a773253
branch
from
November 11, 2024 16:12
0b7c436
to
4c33eba
Compare
hectorj2f
approved these changes
Nov 11, 2024
Bumps the gomod group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) | `1.2.1` | `1.2.2` | | [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) | `1.6.3` | `1.6.5` | | [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.9` | `1.8.10` | | [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) | `0.6.1` | `0.6.2` | | [github.com/sigstore/timestamp-authority](https://github.com/sigstore/timestamp-authority) | `1.2.2` | `1.2.3` | Updates `github.com/google/certificate-transparency-go` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/google/certificate-transparency-go/releases) - [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md) - [Commits](google/certificate-transparency-go@v1.2.1...v1.2.2) Updates `github.com/sigstore/fulcio` from 1.6.3 to 1.6.5 - [Release notes](https://github.com/sigstore/fulcio/releases) - [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md) - [Commits](sigstore/fulcio@v1.6.3...v1.6.5) Updates `github.com/sigstore/sigstore` from 1.8.9 to 1.8.10 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.9...v1.8.10) Updates `github.com/sigstore/sigstore-go` from 0.6.1 to 0.6.2 - [Release notes](https://github.com/sigstore/sigstore-go/releases) - [Commits](sigstore/sigstore-go@v0.6.1...v0.6.2) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/timestamp-authority` from 1.2.2 to 1.2.3 - [Release notes](https://github.com/sigstore/timestamp-authority/releases) - [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md) - [Commits](sigstore/timestamp-authority@v1.2.2...v1.2.3) Updates `github.com/spiffe/go-spiffe/v2` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/spiffe/go-spiffe/releases) - [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md) - [Commits](spiffe/go-spiffe@v2.3.0...v2.4.0) Updates `go.step.sm/crypto` from 0.51.2 to 0.53.0 - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.51.2...v0.53.0) Updates `golang.org/x/crypto` from 0.27.0 to 0.28.0 - [Commits](golang/crypto@v0.27.0...v0.28.0) Updates `golang.org/x/term` from 0.24.0 to 0.25.0 - [Commits](golang/term@v0.24.0...v0.25.0) Updates `google.golang.org/api` from 0.196.0 to 0.199.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.196.0...v0.199.0) Updates `google.golang.org/protobuf` from 1.34.2 to 1.35.1 Updates `sigs.k8s.io/release-utils` from 0.8.4 to 0.8.5 - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.8.4...v0.8.5) --- updated-dependencies: - dependency-name: github.com/google/certificate-transparency-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/fulcio dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/timestamp-authority dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/spiffe/go-spiffe/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/go_modules/gomod-4c7a773253
branch
from
November 18, 2024 17:26
4c33eba
to
105efc3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the gomod group with 5 updates in the / directory:
1.2.1
1.2.2
1.6.3
1.6.5
1.8.9
1.8.10
0.6.1
0.6.2
1.2.2
1.2.3
Updates
github.com/google/certificate-transparency-go
from 1.2.1 to 1.2.2Release notes
Sourced from github.com/google/certificate-transparency-go's releases.
... (truncated)
Changelog
Sourced from github.com/google/certificate-transparency-go's changelog.
... (truncated)
Commits
6b2be75
Update CHANGELOG.md for v1.2.2 release (#1605)dc125e6
Bump distroless/base-debian12 (#1604)ce9bc5c
add flag for HTTP idle connection timeout value (#1597)dc370ba
Bump the all-deps group with 3 updates (#1603)517bc29
Bump golang in /internal/witness/cmd/feeder in the all-deps group (#1601)02f4a60
Bump golang (#1600)8a3cffc
Bump golang in /internal/witness/cmd/witness in the all-deps group (#1599)21cef72
Bump golang in /integration in the all-deps group (#1602)f8905ec
Bump github.com/prometheus/client_golang in the all-deps group (#1598)3ac0744
Bump the all-deps group with 2 updates (#1595)Updates
github.com/sigstore/fulcio
from 1.6.3 to 1.6.5Release notes
Sourced from github.com/sigstore/fulcio's releases.
Changelog
Sourced from github.com/sigstore/fulcio's changelog.
Commits
7920be2
Add CHANGELOG for v1.6.5 (#1835)ab24f1c
use go1.23.2 (#1834)8b77b21
Bump chainguard.dev/sdk in the all group across 1 directory (#1833)50cc9ca
Bump github.com/prometheus/common from 0.59.1 to 0.60.0 (#1832)f3c069d
Bump golang from 1.23.1 to 1.23.2 in the all group (#1828)85bf1df
Bump the all group with 4 updates (#1829)04f761b
Bump github.com/spiffe/go-spiffe/v2 from 2.3.0 to 2.4.0 (#1831)a2cba3e
fallback to json default cfg path if yaml does not exist (#1810)c07462d
extend TLS cert used in tests to 100 year expiration (#1826)df65c59
Include IDP type and subject domain in configuration API response (#1824)Updates
github.com/sigstore/sigstore
from 1.8.9 to 1.8.10Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
305ff9e
bump to go 1.22.8 (#1865)d88a949
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#1860)cfde863
build(deps): Bump the gomod group across 1 directory with 3 updates (#1859)e928a84
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azcore (#1861)66f05db
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1862)f0978ed
build(deps): Bump the all group with 2 updates (#1863)9398b12
build(deps): Bump the all group in /test/e2e with 2 updates (#1864)bd8ee68
Mark TUF client as deprecated (#1858)c59dfa0
build(deps): Bump golang.org/x/crypto from 0.25.0 to 0.28.0 (#1852)bde3e53
build(deps): Bump golang.org/x/term from 0.22.0 to 0.25.0 (#1851)Updates
github.com/sigstore/sigstore-go
from 0.6.1 to 0.6.2Release notes
Sourced from github.com/sigstore/sigstore-go's releases.
Commits
0726854
Bump golang.org/x/crypto from 0.26.0 to 0.27.0 (#289)8c0e75b
Use sentinel errors bundle validation invalidateBundle
func (#291)Updates
github.com/sigstore/sigstore/pkg/signature/kms/aws
from 1.8.8 to 1.8.9Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.
Commits
4c750b7
oauthflow: Add SubjectFromUnverifiedToken (#1826)b27128f
build(deps): Bump the all group in /test/e2e with 2 updates (#1824)65aaa14
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)21ad778
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)ebbebbf
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)615304f
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)6fb1d8b
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)075e85c
build(deps): Bump actions/upload-artifact in the all group (#1825)0ca1da6
build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)26aae9d
build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)Updates
github.com/sigstore/sigstore/pkg/signature/kms/azure
from 1.8.8 to 1.8.9Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.
Commits
4c750b7
oauthflow: Add SubjectFromUnverifiedToken (#1826)b27128f
build(deps): Bump the all group in /test/e2e with 2 updates (#1824)65aaa14
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)21ad778
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)ebbebbf
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)615304f
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)6fb1d8b
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)075e85c
build(deps): Bump actions/upload-artifact in the all group (#1825)0ca1da6
build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)26aae9d
build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)Updates
github.com/sigstore/sigstore/pkg/signature/kms/gcp
from 1.8.8 to 1.8.9Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.
Commits
4c750b7
oauthflow: Add SubjectFromUnverifiedToken (#1826)b27128f
build(deps): Bump the all group in /test/e2e with 2 updates (#1824)65aaa14
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)21ad778
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)ebbebbf
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)615304f
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)6fb1d8b
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)075e85c
build(deps): Bump actions/upload-artifact in the all group (#1825)0ca1da6
build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)26aae9d
build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)Updates
github.com/sigstore/sigstore/pkg/signature/kms/hashivault
from 1.8.8 to 1.8.9Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.
Commits
4c750b7
oauthflow: Add SubjectFromUnverifiedToken (#1826)b27128f
build(deps): Bump the all group in /test/e2e with 2 updates (#1824)65aaa14
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)21ad778
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)ebbebbf
build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)615304f
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)6fb1d8b
build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)075e85c
build(deps): Bump actions/upload-artifact in the all group (#1825)0ca1da6
build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)26aae9d
build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)Updates
github.com/sigstore/timestamp-authority
from 1.2.2 to 1.2.3Release notes
Sourced from github.com/sigstore/timestamp-authority's releases.
... (truncated)
Commits
b3b3209
Bump the gomod group across 1 directory with 8 updates (#828)2cbf49e
Bump golang from 1.22.6 to 1.23.1 in the docker group (#825)5707a1a
bump github/codeql-action from 3.26.8 to 3.26.9 in the actions group (#832)7a56c89
chore: bump go to use v1.23 (#831)4253b65
Bump github/codeql-action from 3.26.7 to 3.26.8 in the actions group (#830)e97ea9d
Bump github/codeql-action from 3.26.6 to 3.26.7 in the actions group (#829)5499788
Bump actions/upload-artifact from 4.3.6 to 4.4.0 in the actions group (#822)deefc7c
Bump github/codeql-action from 3.26.5 to 3.26.6 in the actions group (#819)b242d2c
Bump github/codeql-action from 3.26.4 to 3.26.5 in the actions group (#818)d447b2a
Bump the actions group with 2 updates (#817)Updates
github.com/spiffe/go-spiffe/v2
from 2.3.0 to 2.4.0Release notes
Sourced from github.com/spiffe/go-spiffe/v2's releases.
Changelog
Sourced from github.com/spiffe/go-spiffe/v2's changelog.
Commits
84d40aa
v2.4.0 changelog (#304)7e5a279
feat: add a WithDefaultJWTSVIDPicker source option (