Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/sigstore/rekor from 1.2.2 to 1.3.1 #311

Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/sigstore/rekor from 1.2.2 to 1.3.1 #311

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 10, 2023
edited
Loading

Bumps github.com/sigstore/rekor from 1.2.2 to 1.3.1.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.1

Changelog

  • 543d7a1 build(deps): Bump google.golang.org/api from 0.145.0 to 0.146.0 (#1748)
  • 91f86ee build(deps): Bump go.step.sm/crypto from 0.35.1 to 0.36.0 (#1747)
  • 3998fb5 enable GCP cloud profiling on rekor-server (#1746)
  • 7fa3cd5 move index storage into interface (#1741)
  • bcd004b build(deps): Bump google.golang.org/api from 0.144.0 to 0.145.0 (#1743)
  • a327826 build(deps): Bump github.com/spf13/viper from 1.16.0 to 1.17.0 (#1742)
  • ebd9939 build(deps): Bump sigs.k8s.io/release-utils from 0.7.4 to 0.7.5 (#1744)
  • 144fa87 build(deps): Bump google/cloud-sdk from 0633262 to 0c79a8f (#1745)
  • 75774ff build(deps): Bump golang.org/x/mod from 0.12.0 to 0.13.0 (#1738)
  • 22d40ca build(deps): Bump golang.org/x/net from 0.15.0 to 0.16.0 (#1739)
  • 5b1a052 update builder image to use go1.21.2 (#1734)
  • 70abc2d build(deps): Bump golang.org/x/sync from 0.3.0 to 0.4.0 (#1740)
  • 22d8c0a build(deps): Bump golang from 1.21.1 to 1.21.2 (#1735)
  • 69331c1 build(deps): Bump google/cloud-sdk from 7435d67 to 0633262 (#1736)
  • e62f001 build(deps): Bump google.golang.org/api from 0.143.0 to 0.144.0 (#1733)
  • 8bf16df build(deps): Bump google/cloud-sdk from f0639d4 to 7435d67 (#1732)
  • 11c1a66 build(deps): Bump google/cloud-sdk from 448.0.0 to 449.0.0 (#1731)
  • a948fdb add info to readme to denote additional documentation sources (#1722)
  • c8d2137 build(deps): Bump google/cloud-sdk from 0f8392d to 4e47ec6 (#1728)
  • 247eee2 build(deps): Bump github.com/go-playground/validator/v10 (#1727)
  • f418085 build(deps): Bump github.com/rs/cors from 1.10.0 to 1.10.1 (#1726)
  • 51703d8 build(deps): Bump google/cloud-sdk from 45bc204 to 0f8392d (#1725)
  • 1667aee build(deps): Bump google/cloud-sdk from e98bd3d to 45bc204 (#1723)
  • 18db712 Update contact for code of conduct (#1720)
  • af623a7 build(deps): Bump github.com/prometheus/client_golang (#1718)
  • 3e609fd build(deps): Bump google/cloud-sdk from 5ba24d6 to e98bd3d (#1719)
  • 302ee96 build(deps): Bump golang from c416cee to 19600fd (#1716)
  • 404ed50 build(deps): Bump google/cloud-sdk from 447.0.0 to 448.0.0 (#1715)
  • 4c633a2 build(deps): Bump google.golang.org/api from 0.142.0 to 0.143.0 (#1713)
  • 869bbc6 fix: typo (#1711)
  • 21102e6 Fix panic when parsing SSH SK pubkeys (#1712)
  • 5b28a61 build(deps): Bump google/cloud-sdk from e2db260 to b364d98 (#1714)
  • ed1fa70 build(deps): Bump actions/checkout from 4.0.0 to 4.1.0 (#1710)
  • 8c5415c build(deps): Bump google/cloud-sdk from bd87f4f to e2db260 (#1709)
  • 817f23e Correct index creation (#1708)
  • a05fc3d build(deps): Bump golang from afccce4 to c416cee (#1705)
  • 5f2ffa2 build(deps): Bump google/cloud-sdk from a55fcf3 to bd87f4f (#1706)
  • bf6a152 build(deps): Bump google.golang.org/grpc from 1.58.1 to 1.58.2 (#1707)
  • 0f1ac48 build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#1702)
  • 111570c build(deps): Bump github.com/sigstore/sigstore from 1.7.2 to 1.7.3 (#1701)
  • 2082deb build(deps): Bump google/cloud-sdk from fa0225b to a55fcf3 (#1703)
  • 37e7dbd build(deps): Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#1700)
  • 52e2b23 build(deps): Bump golang from cffaba7 to afccce4 (#1704)
  • 314823d build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#1690)
  • 0e7b8a4 build(deps): Bump go.step.sm/crypto from 0.35.0 to 0.35.1 (#1688)
  • cb49620 Update .ko.yaml (#1682)
  • a423aa8 build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#1696)
  • a3e0897 build(deps): Bump github.com/go-playground/validator/v10 (#1697)

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.1

New Features

  • enable GCP cloud profiling on rekor-server (#1746)
  • move index storage into interface (#1741)
  • add info to readme to denote additional documentation sources (#1722)
  • Add type of ed25519 key for TUF (#1677)
  • Allow parsing base64-encoded TUF metadata and root content (#1671)

Quality Enhancements

  • disable quota in trillian in test harness (#1680)

Bug Fixes

  • Update contact for code of conduct (#1720)
  • fix: typo (#1711)
  • Fix panic when parsing SSH SK pubkeys (#1712)
  • Correct index creation (#1708)
  • Update .ko.yaml (#1682)
  • docs: fixzes a small typo on the readme (#1686)
  • chore: fix backfill-redis Makefile target (#1685)

Contributors

  • Andres Galante
  • Andrew Block
  • Appu
  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • guangwu
  • Hayden B
  • jonvnadelberg
  • Lance Ball

v1.3.0

New Features

  • feat: Support publishing new log entries to Pub/Sub topics (#1580)
  • Change values of Identity.Raw, add fingerprints (#1628)
  • Extract all subjects from SANs for x509 verifier (#1632)
  • Fix type comment for Identity struct (#1619)
  • Refactor Identities API (#1611)
  • Refactor Verifiers to return multiple keys (#1601)

Quality Enhancements

  • set min go version to 1.21 (#1651)
  • Upgrade to go1.21 (#1636)

Bug Fixes

  • Update openapi.yaml (#1655)
  • pass transient errors through retrieveLogEntry (#1653)
  • return full entryID on HTTP 409 responses (#1650)

... (truncated)

Commits
  • 543d7a1 build(deps): Bump google.golang.org/api from 0.145.0 to 0.146.0 (#1748)
  • 91f86ee build(deps): Bump go.step.sm/crypto from 0.35.1 to 0.36.0 (#1747)
  • 3998fb5 enable GCP cloud profiling on rekor-server (#1746)
  • 7fa3cd5 move index storage into interface (#1741)
  • bcd004b build(deps): Bump google.golang.org/api from 0.144.0 to 0.145.0 (#1743)
  • a327826 build(deps): Bump github.com/spf13/viper from 1.16.0 to 1.17.0 (#1742)
  • ebd9939 build(deps): Bump sigs.k8s.io/release-utils from 0.7.4 to 0.7.5 (#1744)
  • 144fa87 build(deps): Bump google/cloud-sdk from 0633262 to 0c79a8f (#1745)
  • 75774ff build(deps): Bump golang.org/x/mod from 0.12.0 to 0.13.0 (#1738)
  • 22d40ca build(deps): Bump golang.org/x/net from 0.15.0 to 0.16.0 (#1739)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 10, 2023
@dependabot dependabot bot mentioned this pull request Oct 10, 2023
Closed
@dependabot
build(deps): bump github.com/sigstore/rekor from 1.2.2 to 1.3.1
c31cc9d 
Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.2.2 to 1.3.1.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](sigstore/rekor@v1.2.2...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/rekor-1.3.1 branch from d89f44f to c31cc9d Compare October 10, 2023 09:59
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 12, 2023

Superseded by #313.

@dependabot dependabot bot closed this Oct 12, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/sigstore/rekor-1.3.1 branch October 12, 2023 04:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants