-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🤖 triggering CI on branch 'release-next' after synching from upstream/main #4
Commits on Aug 30, 2023
-
Bump github.com/go-playground/validator/v10 from 10.15.2 to 10.15.3 (s…
…igstore#457) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.15.2 to 10.15.3. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.15.2...v10.15.3) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3fb9cbc - Browse repository at this point
Copy the full SHA 3fb9cbcView commit details
Commits on Sep 4, 2023
-
Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (sigstore#463)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@6e04d22...11086d2) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 0916469 - Browse repository at this point
Copy the full SHA 0916469View commit details -
Bump github.com/sigstore/sigstore from 1.7.2 to 1.7.3 (sigstore#458)
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.2...v1.7.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 220195a - Browse repository at this point
Copy the full SHA 220195aView commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (sigstore#459)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.2...v1.7.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 712db3a - Browse repository at this point
Copy the full SHA 712db3aView commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (sigst…
…ore#460) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.2...v1.7.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for e396da8 - Browse repository at this point
Copy the full SHA e396da8View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (sigstore#461)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.2...v1.7.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f8164e0 - Browse repository at this point
Copy the full SHA f8164e0View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (sigstore#462)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.2...v1.7.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3c78b95 - Browse repository at this point
Copy the full SHA 3c78b95View commit details
Commits on Sep 5, 2023
-
Bump actions/checkout from 3.6.0 to 4.0.0 (sigstore#464)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@f43a0e5...3df4ab1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2c6d8fe - Browse repository at this point
Copy the full SHA 2c6d8feView commit details
Commits on Sep 6, 2023
-
Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 (sigstore#468)
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.4.0 to 4.6.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@3fa32b8...5fdedb9) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 645c3c1 - Browse repository at this point
Copy the full SHA 645c3c1View commit details -
Bump github.com/rs/cors from 1.9.0 to 1.10.0 (sigstore#467)
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/rs/cors/releases) - [Commits](rs/cors@v1.9.0...v1.10.0) --- updated-dependencies: - dependency-name: github.com/rs/cors dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2df9605 - Browse repository at this point
Copy the full SHA 2df9605View commit details -
Bump golang.org/x/net from 0.14.0 to 0.15.0 (sigstore#466)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to 0.15.0. - [Commits](golang/net@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for aaefec4 - Browse repository at this point
Copy the full SHA aaefec4View commit details -
Fix bug where TSA signing fails if cert hash != content hash. (sigsto…
…re#465) This was fixed upstream in digitorus/timestamp#19. We should cut a patch release - the buggy behavior was introduced in v1.1.2. NOTE: This potentially breaks some users if they are relying on the new cert hash behavior introduced in v1.1.2 to support other hash types, but this fixes those who were broken by the v1.1.2 update. Support for other hash types can be added in another PR by moving to using [timestamp.CreateResponseWithOpts](https://pkg.go.dev/github.com/digitorus/timestamp#Timestamp.CreateResponseWithOpts) and passing in the appropriate hash (but I'm considering that out of scope for this PR). Signed-off-by: Billy Lynch <billy@chainguard.dev>
Configuration menu - View commit details
-
Copy full SHA for 444d6e3 - Browse repository at this point
Copy the full SHA 444d6e3View commit details
Commits on Sep 7, 2023
-
Bump actions/upload-artifact from 3.1.2 to 3.1.3 (sigstore#470)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b7f8ab...a8a3f3a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ad6b53e - Browse repository at this point
Copy the full SHA ad6b53eView commit details
Commits on Sep 8, 2023
-
Bump actions/dependency-review-action from 3.0.8 to 3.1.0 (sigstore#472)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.8 to 3.1.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@f6fff72...6c5ccda) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 99600d8 - Browse repository at this point
Copy the full SHA 99600d8View commit details -
Bump actions/cache from 3.3.1 to 3.3.2 (sigstore#473)
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@88522ab...704facf) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3c9220d - Browse repository at this point
Copy the full SHA 3c9220dView commit details -
upgrade to Go1.21 (sigstore#471)
* upgrade to Go1.21 Signed-off-by: cpanato <ctadeu@gmail.com> * fix lints Signed-off-by: cpanato <ctadeu@gmail.com> --------- Signed-off-by: cpanato <ctadeu@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 52fd880 - Browse repository at this point
Copy the full SHA 52fd880View commit details
Commits on Sep 12, 2023
-
Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 (sigstore#475)
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.6.0 to 5.0.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@5fdedb9...7ec5c2b) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 473cf2a - Browse repository at this point
Copy the full SHA 473cf2aView commit details
Commits on Sep 19, 2023
-
Bump go.step.sm/crypto from 0.35.0 to 0.35.1 (sigstore#478)
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.35.0 to 0.35.1. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.35.0...v0.35.1) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d3dee5a - Browse repository at this point
Copy the full SHA d3dee5aView commit details -
Bump go.uber.org/zap from 1.25.0 to 1.26.0 (sigstore#477)
Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0. - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.25.0...v1.26.0) --- updated-dependencies: - dependency-name: go.uber.org/zap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 740387a - Browse repository at this point
Copy the full SHA 740387aView commit details -
Bump github.com/go-playground/validator/v10 from 10.15.3 to 10.15.4 (s…
…igstore#479) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.15.3 to 10.15.4. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.15.3...v10.15.4) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 553c14f - Browse repository at this point
Copy the full SHA 553c14fView commit details -
Bump golang from 1.20.7 to 1.21.1 (sigstore#469)
Bumps golang from 1.20.7 to 1.21.1. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 58ea1e7 - Browse repository at this point
Copy the full SHA 58ea1e7View commit details -
expand README on Cloud KMS deployment (sigstore#476)
Signed-off-by: Dmitry Savintsev <dsavints@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 7855317 - Browse repository at this point
Copy the full SHA 7855317View commit details
Commits on Sep 20, 2023
-
Bump golang from
d2aad22
tocffaba7
(sigstore#480)Bumps golang from `d2aad22` to `cffaba7`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 74bfe0c - Browse repository at this point
Copy the full SHA 74bfe0cView commit details
Commits on Sep 21, 2023
-
Bump golang from
cffaba7
toafccce4
(sigstore#481)Bumps golang from `cffaba7` to `afccce4`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2baa0b7 - Browse repository at this point
Copy the full SHA 2baa0b7View commit details
Commits on Sep 22, 2023
-
Bump golang from
afccce4
toc416cee
(sigstore#482)Bumps golang from `afccce4` to `c416cee`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2f33f9d - Browse repository at this point
Copy the full SHA 2f33f9dView commit details
Commits on Sep 25, 2023
-
Bump actions/checkout from 4.0.0 to 4.1.0 (sigstore#483)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@3df4ab1...8ade135) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d9a1068 - Browse repository at this point
Copy the full SHA d9a1068View commit details
Commits on Sep 27, 2023
-
Bump golang from
c416cee
to19600fd
(sigstore#484)Bumps golang from `c416cee` to `19600fd`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for fa83a9b - Browse repository at this point
Copy the full SHA fa83a9bView commit details
Commits on Sep 28, 2023
-
Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (sigst…
…ore#485) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/v1.17.0/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.16.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 20cf4f8 - Browse repository at this point
Copy the full SHA 20cf4f8View commit details
Commits on Sep 29, 2023
-
new http-ping-only flag for 'timestamp-server serve' (sigstore#474)
* add httpPingOnly middleware Add a small custom middlerware httpPingOnly to allow only /ping entrypoint for the http (non-https) server. Related to issue sigstore#420. Signed-off-by: Dmitry S <dsavints@gmail.com> * Add command-line flag --http-ping-only New optional command-line flag --http-ping-only allows to enforce that the http server (which doesn't support mTLS) allows only to access the /ping entrypoint. This would limit the risk of the timestamp server being accessed without mTLS in case of the strict mTLS requirement while still allowing the mTLS-exempt /ping entrypoint to be called for example by the heartbeat checkers (load balancers etc.). Fixes sigstore#420. Signed-off-by: Dmitry Savintsev <dsavints@gmail.com> * use 404 for anything other than /ping Signed-off-by: Dmitry Savintsev <dsavints@gmail.com> * minor changes based on PR feedback * remove parameter for httpPingOnly * remove debug message on httpPingOnly * use const 'pingPath' consistently Signed-off-by: Dmitry Savintsev <dsavints@gmail.com> * 2023 as copyright year for new files Signed-off-by: Dmitry Savintsev <dsavints@gmail.com> --------- Signed-off-by: Dmitry S <dsavints@gmail.com> Signed-off-by: Dmitry Savintsev <dsavints@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5db959c - Browse repository at this point
Copy the full SHA 5db959cView commit details
Commits on Oct 2, 2023
-
Bump github.com/go-playground/validator/v10 from 10.15.4 to 10.15.5 (s…
…igstore#487) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.15.4 to 10.15.5. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.15.4...v10.15.5) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for dd1b069 - Browse repository at this point
Copy the full SHA dd1b069View commit details -
Bump github.com/rs/cors from 1.10.0 to 1.10.1 (sigstore#486)
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.10.0 to 1.10.1. - [Release notes](https://github.com/rs/cors/releases) - [Commits](rs/cors@v1.10.0...v1.10.1) --- updated-dependencies: - dependency-name: github.com/rs/cors dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 43342cb - Browse repository at this point
Copy the full SHA 43342cbView commit details
Commits on Oct 6, 2023
-
Bump golang from 1.21.1 to 1.21.2 (sigstore#489)
Bumps golang from 1.21.1 to 1.21.2. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 911babf - Browse repository at this point
Copy the full SHA 911babfView commit details -
Bump golang.org/x/net from 0.15.0 to 0.16.0 (sigstore#490)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.16.0. - [Commits](golang/net@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d6e0fd3 - Browse repository at this point
Copy the full SHA d6e0fd3View commit details
Commits on Oct 9, 2023
-
Bump ossf/scorecard-action from 2.2.0 to 2.3.0 (sigstore#493)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@08b4669...483ef80) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 43dfa05 - Browse repository at this point
Copy the full SHA 43dfa05View commit details -
Bump sigs.k8s.io/release-utils from 0.7.4 to 0.7.5 (sigstore#492)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.4 to 0.7.5. - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.7.4...v0.7.5) --- updated-dependencies: - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f2a8345 - Browse repository at this point
Copy the full SHA f2a8345View commit details -
Bump github.com/spf13/viper from 1.16.0 to 1.17.0 (sigstore#491)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.16.0 to 1.17.0. - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.16.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for b9423c5 - Browse repository at this point
Copy the full SHA b9423c5View commit details
Commits on Oct 10, 2023
-
Bump go.step.sm/crypto from 0.35.1 to 0.36.0 (sigstore#494)
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.35.1 to 0.36.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.35.1...v0.36.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 13df787 - Browse repository at this point
Copy the full SHA 13df787View commit details
Commits on Oct 11, 2023
-
Bump golang.org/x/net from 0.16.0 to 0.17.0 (sigstore#495)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.16.0 to 0.17.0. - [Commits](golang/net@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d425e08 - Browse repository at this point
Copy the full SHA d425e08View commit details -
Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (sigstore#496)
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0. - [Release notes](https://github.com/google/go-cmp/releases) - [Commits](google/go-cmp@v0.5.9...v0.6.0) --- updated-dependencies: - dependency-name: github.com/google/go-cmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7f8ecf0 - Browse repository at this point
Copy the full SHA 7f8ecf0View commit details -
Bump golang from 1.21.2 to 1.21.3 (sigstore#497)
Bumps golang from 1.21.2 to 1.21.3. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 66640c7 - Browse repository at this point
Copy the full SHA 66640c7View commit details -
Support other hash algs for pre-signed timestamp besides SHA256 (sigs…
…tore#488) There are three relevant hash algs used in this codebase: * The certificate hash alg, which specifies how the CA certificate hashed the to-be-signed certificate * The message hash alg, specified in the request, which says how the timestamp message was hashed * The timestamp hash alg, which specifies how the timestamp signer should hash the pre-signed timestamp structure The latter of these three was not configurable. We had a previous approach that used the certificate hash alg, but this does not have to match the timestamp hash alg. Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Configuration menu - View commit details
-
Copy full SHA for f4c7467 - Browse repository at this point
Copy the full SHA f4c7467View commit details -
CHANGELOG for v1.2.0 (sigstore#498)
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Configuration menu - View commit details
-
Copy full SHA for c21da35 - Browse repository at this point
Copy the full SHA c21da35View commit details
Commits on Oct 12, 2023
-
Bump golang from
02d7116
tob6142cd
(sigstore#499)Bumps golang from `02d7116` to `b6142cd`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6509979 - Browse repository at this point
Copy the full SHA 6509979View commit details
Commits on Oct 13, 2023
-
Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (sigstore#501)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ff70e8e - Browse repository at this point
Copy the full SHA ff70e8eView commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (sigstore#500)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 13fad36 - Browse repository at this point
Copy the full SHA 13fad36View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (sigst…
…ore#502) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c15d9ff - Browse repository at this point
Copy the full SHA c15d9ffView commit details -
Bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 (sigstore#503)
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for b3d9733 - Browse repository at this point
Copy the full SHA b3d9733View commit details -
Bump cloud.google.com/go/security from 1.15.1 to 1.15.2 (sigstore#504)
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.1 to 1.15.2. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.15.1...kms/v1.15.2) --- updated-dependencies: - dependency-name: cloud.google.com/go/security dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 845169e - Browse repository at this point
Copy the full SHA 845169eView commit details -
Bump golang from
b6142cd
to24a0937
(sigstore#505)Bumps golang from `b6142cd` to `24a0937`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 46841a3 - Browse repository at this point
Copy the full SHA 46841a3View commit details
Commits on Oct 16, 2023
-
Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (sigstore#506)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.7.3 to 1.7.4. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.3...v1.7.4) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ad7a4e2 - Browse repository at this point
Copy the full SHA ad7a4e2View commit details
Commits on Oct 18, 2023
-
Bump actions/checkout from 4.1.0 to 4.1.1 (sigstore#507)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@8ade135...b4ffde6) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for eea4737 - Browse repository at this point
Copy the full SHA eea4737View commit details
Commits on Oct 19, 2023
-
Bump go.step.sm/crypto from 0.36.0 to 0.36.1 (sigstore#508)
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.36.0 to 0.36.1. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.36.0...v0.36.1) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 4fa78f3 - Browse repository at this point
Copy the full SHA 4fa78f3View commit details
Commits on Oct 24, 2023
-
Bump ossf/scorecard-action from 2.3.0 to 2.3.1 (sigstore#509)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.0 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@483ef80...0864cf1) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a6a842d - Browse repository at this point
Copy the full SHA a6a842dView commit details
Commits on Oct 27, 2023
-
Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (sigstore#512)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 55f8bea - Browse repository at this point
Copy the full SHA 55f8beaView commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (sigstore#513)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 65ab839 - Browse repository at this point
Copy the full SHA 65ab839View commit details -
Bump cloud.google.com/go/security from 1.15.2 to 1.15.3 (sigstore#510)
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.2 to 1.15.3. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.15.2...kms/v1.15.3) --- updated-dependencies: - dependency-name: cloud.google.com/go/security dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 851eef6 - Browse repository at this point
Copy the full SHA 851eef6View commit details -
Bump sigs.k8s.io/release-utils from 0.7.5 to 0.7.6 (sigstore#511)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.5 to 0.7.6. - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.7.5...v0.7.6) --- updated-dependencies: - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 0cb750b - Browse repository at this point
Copy the full SHA 0cb750bView commit details -
Bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 (sigstore#514)
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 42b4bb4 - Browse repository at this point
Copy the full SHA 42b4bb4View commit details
Commits on Oct 30, 2023
-
Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (sigstore#515)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 6d81f86 - Browse repository at this point
Copy the full SHA 6d81f86View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (sigst…
…ore#516) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 265dc96 - Browse repository at this point
Copy the full SHA 265dc96View commit details
Commits on Nov 2, 2023
-
Bump golang from
24a0937
to5206873
(sigstore#518)Bumps golang from `24a0937` to `5206873`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 73866a2 - Browse repository at this point
Copy the full SHA 73866a2View commit details -
Bump cloud.google.com/go/security from 1.15.3 to 1.15.4 (sigstore#519)
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.3 to 1.15.4. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.15.3...kms/v1.15.4) --- updated-dependencies: - dependency-name: cloud.google.com/go/security dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a436890 - Browse repository at this point
Copy the full SHA a436890View commit details
Commits on Nov 3, 2023
-
Bump golang from
5206873
tob113af1
(sigstore#520)Bumps golang from `5206873` to `b113af1`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 973514f - Browse repository at this point
Copy the full SHA 973514fView commit details
Commits on Nov 6, 2023
-
Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (sigstore#522)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7295f35 - Browse repository at this point
Copy the full SHA 7295f35View commit details -
Bump github.com/go-playground/validator/v10 from 10.15.5 to 10.16.0 (s…
…igstore#521) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.15.5 to 10.16.0. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.15.5...v10.16.0) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 769ccec - Browse repository at this point
Copy the full SHA 769ccecView commit details -
Bump actions/dependency-review-action from 3.1.0 to 3.1.1 (sigstore#523)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@6c5ccda...9f45b24) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 9f980a8 - Browse repository at this point
Copy the full SHA 9f980a8View commit details
Commits on Nov 8, 2023
-
Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (sigstore#526)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.2 to 3.2.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@11086d2...1fc5bd3) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 500ab31 - Browse repository at this point
Copy the full SHA 500ab31View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8c4669e - Browse repository at this point
Copy the full SHA 8c4669eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3023e15 - Browse repository at this point
Copy the full SHA 3023e15View commit details
Commits on Nov 9, 2023
-
Bump golang.org/x/net from 0.17.0 to 0.18.0 (sigstore#527)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0. - [Commits](golang/net@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 74fb598 - Browse repository at this point
Copy the full SHA 74fb598View commit details
Commits on Nov 14, 2023
-
Bump actions/dependency-review-action from 3.1.2 to 3.1.3 (sigstore#528)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@fde92ac...7bbfa03) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f375bbe - Browse repository at this point
Copy the full SHA f375bbeView commit details -
Bump sigs.k8s.io/release-utils from 0.7.6 to 0.7.7 (sigstore#529)
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) from 0.7.6 to 0.7.7. - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.7.6...v0.7.7) --- updated-dependencies: - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7143794 - Browse repository at this point
Copy the full SHA 7143794View commit details
Commits on Nov 16, 2023
-
Bump golang from
81cd210
to57bf74a
(sigstore#530)Bumps golang from `81cd210` to `57bf74a`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 28e12d6 - Browse repository at this point
Copy the full SHA 28e12d6View commit details
Commits on Nov 20, 2023
-
Bump go.step.sm/crypto from 0.36.1 to 0.37.0 (sigstore#531)
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.36.1 to 0.37.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.36.1...v0.37.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 00e7839 - Browse repository at this point
Copy the full SHA 00e7839View commit details
Commits on Nov 21, 2023
-
Bump anchore/sbom-action from 0.14.3 to 0.15.0 (sigstore#532)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.14.3 to 0.15.0. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@78fc58e...fd74a6f) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 28ba2b4 - Browse repository at this point
Copy the full SHA 28ba2b4View commit details
Commits on Nov 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 36e86af - Browse repository at this point
Copy the full SHA 36e86afView commit details
Commits on Nov 23, 2023
-
Bump golang from
daa9d10
to9baee0e
(sigstore#534)Bumps golang from `daa9d10` to `9baee0e`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 0764e55 - Browse repository at this point
Copy the full SHA 0764e55View commit details
Commits on Nov 28, 2023
-
Bump actions/dependency-review-action from 3.1.3 to 3.1.4 (sigstore#535)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@7bbfa03...01bc870) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 54d5245 - Browse repository at this point
Copy the full SHA 54d5245View commit details -
Bump golang.org/x/net from 0.18.0 to 0.19.0 (sigstore#536)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.18.0 to 0.19.0. - [Commits](golang/net@v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5049242 - Browse repository at this point
Copy the full SHA 5049242View commit details
Commits on Nov 29, 2023
-
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (sigstore#537)
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 9545198 - Browse repository at this point
Copy the full SHA 9545198View commit details -
Bump go.step.sm/crypto from 0.37.0 to 0.38.0 (sigstore#538)
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.37.0 to 0.38.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 72f8454 - Browse repository at this point
Copy the full SHA 72f8454View commit details
Commits on Dec 1, 2023
-
Bump github.com/go-openapi/spec from 0.20.9 to 0.20.11 (sigstore#539)
Bumps [github.com/go-openapi/spec](https://github.com/go-openapi/spec) from 0.20.9 to 0.20.11. - [Commits](go-openapi/spec@v0.20.9...v0.20.11) --- updated-dependencies: - dependency-name: github.com/go-openapi/spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7392f1b - Browse repository at this point
Copy the full SHA 7392f1bView commit details
Commits on Dec 4, 2023
-
Bump github.com/go-openapi/strfmt from 0.21.7 to 0.21.8 (sigstore#540)
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.21.7 to 0.21.8. - [Commits](go-openapi/strfmt@v0.21.7...v0.21.8) --- updated-dependencies: - dependency-name: github.com/go-openapi/strfmt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 76f427b - Browse repository at this point
Copy the full SHA 76f427bView commit details
Commits on Dec 5, 2023
-
Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (sigstore#541)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.5...v1.7.6) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7d48d6b - Browse repository at this point
Copy the full SHA 7d48d6bView commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (sigstore#543)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.5...v1.7.6) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for dd8cf29 - Browse repository at this point
Copy the full SHA dd8cf29View commit details -
Bump anchore/sbom-action from 0.15.0 to 0.15.1 (sigstore#546)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.0 to 0.15.1. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@fd74a6f...5ecf649) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 586b558 - Browse repository at this point
Copy the full SHA 586b558View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (sigstore#545)
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.5...v1.7.6) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c2ffcf8 - Browse repository at this point
Copy the full SHA c2ffcf8View commit details -
Bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 (sigstore#542)
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.5...v1.7.6) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for b1c3c13 - Browse repository at this point
Copy the full SHA b1c3c13View commit details -
Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (sigst…
…ore#544) Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.7.5...v1.7.6) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 109d0cc - Browse repository at this point
Copy the full SHA 109d0ccView commit details
Commits on Dec 6, 2023
-
Bump golang from 1.21.4 to 1.21.5 (sigstore#547)
Bumps golang from 1.21.4 to 1.21.5. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 1de5181 - Browse repository at this point
Copy the full SHA 1de5181View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4ae8873 - Browse repository at this point
Copy the full SHA 4ae8873View commit details -
chore: update release-next sync'd with upstream
Signed-off-by: Lance Ball <lball@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 0586383 - Browse repository at this point
Copy the full SHA 0586383View commit details -
Signed-off-by: Lance Ball <lball@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 758b0ed - Browse repository at this point
Copy the full SHA 758b0edView commit details