Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/sigstore/rekor from 1.2.3-0.20230707120854-3ded91ee7185 to 1.3.0 #12

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2023

Bumps github.com/sigstore/rekor from 1.2.3-0.20230707120854-3ded91ee7185 to 1.3.0.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.0

Changelog

  • ed3d0b1 changelog for v1.3.0 (#1657)
  • f0fe617 Update openapi.yaml (#1655)
  • be96b95 build(deps): Bump google/cloud-sdk from 4769605 to 648eb94 (#1656)
  • a0a4820 build(deps): Bump google/cloud-sdk from f656d61 to 4769605 (#1654)
  • 4c6df3e pass transient errors through retrieveLogEntry (#1653)
  • f3d6483 return full entryID on HTTP 409 responses (#1650)
  • 2934605 set min go version to 1.21 (#1651)
  • a9f538d build(deps): Bump github.com/go-playground/validator/v10 (#1648)
  • 3a89ae4 build(deps): Bump google/cloud-sdk from 443.0.0 to 444.0.0 (#1647)
  • 6208b39 build(deps): Bump google.golang.org/api from 0.135.0 to 0.138.0 (#1646)
  • a49cd04 feat: Support publishing new log entries to Pub/Sub topics (#1580)
  • 45bbaf0 build(deps): Bump gocloud.dev from 0.33.0 to 0.34.0 (#1645)
  • 7cc7f47 build(deps): Bump actions/checkout from 3.5.3 to 3.6.0 (#1644)
  • 280efef build(deps): Bump github.com/sassoftware/relic/v7 from 7.6.0 to 7.6.1 (#1642)
  • ab09135 build(deps): Bump github.com/go-playground/validator/v10 (#1641)
  • ee5c702 build(deps): Bump go.step.sm/crypto from 0.34.0 to 0.35.0 (#1640)
  • a561d26 build(deps): Bump github.com/redis/go-redis/v9 from 9.0.5 to 9.1.0 (#1639)
  • 13bbd9a build(deps): Bump github.com/sassoftware/relic/v7 from 7.5.9 to 7.6.0 (#1638)
  • 29e331b Upgrade to go1.21 (#1636)
  • 4e05235 build(deps): Bump github.com/sigstore/protobuf-specs from 0.2.0 to 0.2.1 (#1637)
  • 3e1715a Change values of Identity.Raw, add fingerprints (#1628)
  • c1e6614 build(deps): Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1634)
  • 08ea39a Extract all subjects from SANs for x509 verifier (#1632)
  • ea666c7 build(deps): Bump github.com/theupdateframework/go-tuf (#1631)
  • d78fdf4 build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#1629)
  • 1da6c56 build(deps): Bump github.com/sassoftware/relic/v7 from 7.5.6 to 7.5.9 (#1630)
  • 6357794 build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#1621)
  • 19b4bee build(deps): Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 (#1623)
  • e65310e build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#1622)
  • 52d5b4c build(deps): Bump actions/setup-go from 4.0.1 to 4.1.0 (#1620)
  • 8d2424a build(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (#1624)
  • 4ba20c4 Fix type comment for Identity struct (#1619)
  • 0d88d22 build(deps): bump gocloud.dev from 0.32.0 to 0.33.0 (#1609)
  • e7b377a Refactor Identities API (#1611)
  • d954fef build(deps): bump github.com/go-playground/validator/v10 (#1617)
  • bd0db76 build(deps): bump github.com/sassoftware/relic/v7 from 7.5.5 to 7.5.6 (#1615)
  • e76446a build(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 (#1614)
  • 753e020 build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#1616)
  • 50952a6 build(deps): bump go.step.sm/crypto from 0.33.0 to 0.34.0 (#1612)
  • 924fb3a build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 (#1608)
  • 8a25878 build(deps): bump golang from 1.20.6 to 1.20.7 (#1610)
  • 1ba7865 build(deps): bump go.uber.org/zap from 1.24.0 to 1.25.0 (#1607)
  • a4b3120 build(deps): bump golang from cfc9d1b to 010a0ff (#1604)
  • fa379b0 build(deps): bump go.step.sm/crypto from 0.32.5 to 0.33.0 (#1602)
  • cbc9c44 Refactor Verifiers to return multiple keys (#1601)
  • 8a30776 build(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 (#1600)
  • 96dad3c build(deps): bump golang from 8e5a006 to cfc9d1b (#1588)
  • d51dea6 Update checkpoint link (#1597)

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.0

New Features

  • feat: Support publishing new log entries to Pub/Sub topics (#1580)
  • Change values of Identity.Raw, add fingerprints (#1628)
  • Extract all subjects from SANs for x509 verifier (#1632)
  • Fix type comment for Identity struct (#1619)
  • Refactor Identities API (#1611)
  • Refactor Verifiers to return multiple keys (#1601)

Quality Enhancements

  • set min go version to 1.21 (#1651)
  • Upgrade to go1.21 (#1636)

Bug Fixes

  • Update openapi.yaml (#1655)
  • pass transient errors through retrieveLogEntry (#1653)
  • return full entryID on HTTP 409 responses (#1650)
  • Update checkpoint link (#1597)
  • Use correct log index in inclusion proof (#1599)
  • remove instrumentation library (#1595)
  • pki: clean up fuzzer (#1594)
  • alpine: add max metadata size to fuzzer (#1571)

Contributors

  • AdamKorcz
  • Appu
  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Ceridwen Coghlan
  • Hayden B
  • James Alseth

v1.2.2

Quality Enhancements

  • swap killswitch for 'docker-compose restart' (#1562)
  • pass treeSize and rootHash to avoid trillian import (#1513)
  • Move github.com/sigstore/protobuf-specs users into a separate subpackage (#1511)

Bug Fixes

  • pass down error with message instead of nil (#1560)

Contributors

  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Eng Zer Jun
  • Miloslav Trmač

v1.2.1

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 2, 2023
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/rekor-1.3.0 branch from 30e6341 to 9b82aa5 Compare October 2, 2023 20:13
Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.2.3-0.20230707120854-3ded91ee7185 to 1.3.0.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/rekor/commits/v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/rekor-1.3.0 branch from 9b82aa5 to ff901c4 Compare October 2, 2023 20:21
@haydentherapper haydentherapper merged commit 4bae881 into main Oct 2, 2023
9 checks passed
@haydentherapper haydentherapper deleted the dependabot/go_modules/github.com/sigstore/rekor-1.3.0 branch October 2, 2023 20:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant