Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump github.com/sigstore/rekor from 1.2.2-0.20230530122220-67cc9e58bd23 to 1.2.2 #3096

Merged
merged 1 commit into from
Jun 29, 2023
Merged

chore(deps): bump github.com/sigstore/rekor from 1.2.2-0.20230530122220-67cc9e58bd23 to 1.2.2 #3096

merged 1 commit into from
Jun 29, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 29, 2023
edited
Loading

Bumps github.com/sigstore/rekor from 1.2.2-0.20230530122220-67cc9e58bd23 to 1.2.2.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.2.2

Changelog

  • 9c13e97 changelog for v1.2.2 (#1570)
  • aacc6ae fuzz: Add utility to create structured jar bytes (#1548)
  • beae36f build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#1567)
  • 67b37f1 build(deps): bump go.step.sm/crypto from 0.32.1 to 0.32.2 (#1568)
  • a1349da swap killswitch for 'docker-compose restart' (#1562)
  • a9f13f6 build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#1564)
  • 3c405d3 build(deps): bump golang from 8f958bf to 344193a (#1563)
  • 0ac9ff7 build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.31.0 (#1565)
  • c17612e chore: replace github.com/ghodss/yaml with sigs.k8s.io/yaml (#1558)
  • c2e3149 pass down error with message instead of nil (#1560)
  • ffdd884 build(deps): bump github.com/sigstore/sigstore from 1.7.0 to 1.7.1 (#1556)
  • 00010f2 build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (#1554)
  • b7427aa build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws (#1555)
  • 4aab392 build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#1553)
  • ad4c9b5 build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#1557)
  • 37d2923 build(deps): bump golang from 6b3fa4b to 8f958bf (#1551)
  • 4ad3681 build(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 (#1552)
  • 40ed74d build(deps): bump go.step.sm/crypto from 0.32.0 to 0.32.1 (#1550)
  • 1e6818c build(deps): bump gocloud.dev from 0.29.0 to 0.30.0 (#1549)
  • b036ef5 build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 (#1545)
  • 32c71d5 build(deps): bump golang.org/x/sync from 0.2.0 to 0.3.0 (#1547)
  • ab48775 build(deps): bump github.com/prometheus/client_golang (#1546)
  • 8dbd76a update sigstore/sigstore/pkg/signature/kms/aws to v1.7.0 (#1544)
  • 89d7540 build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault (#1541)
  • a3924df build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp (#1543)
  • 193085f build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure (#1539)
  • a913d94 build(deps): bump github.com/sigstore/sigstore from 1.6.5 to 1.7.0 (#1542)
  • 5cc2078 build(deps): bump golang.org/x/mod from 0.10.0 to 0.11.0 (#1540)
  • 7889964 build(deps): bump golang from e7bb4d1 to 6b3fa4b (#1538)
  • 3e37426 build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1537)
  • adca94e build(deps): bump golang from 4b1fc02 to e7bb4d1 (#1536)
  • 2ae46bf build(deps): bump golang.org/x/crypto from 0.9.0 to 0.10.0 (#1535)
  • d13cc57 build(deps): bump go.step.sm/crypto from 0.31.2 to 0.32.0 (#1534)
  • 5c4b8ac bump golangci-lint version to v1.53.x (#1533)
  • 2ba7cc8 bump go-swagger to v0.30.5 (#1532)
  • 7ca40d0 build(deps): bump github.com/go-openapi/errors from 0.20.3 to 0.20.4 (#1529)
  • cabcc98 build(deps): bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#1530)
  • 59ed3e3 build(deps): bump github/codeql-action from 2.3.6 to 2.13.4 (#1528)
  • c656213 build(deps): bump actions/checkout from 3.5.2 to 3.5.3 (#1527)
  • a2dbcab build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#1526)
  • f01f9cd update builder image to use go1.20.5 (#1524)
  • f763496 build(deps): bump golang from 1.20.4 to 1.20.5 (#1522)
  • 2b1bab9 build(deps): bump github.com/hashicorp/go-retryablehttp (#1523)
  • 9eb7ec6 build(deps): bump github.com/go-playground/validator/v10 (#1521)
  • 1d0520b build(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#1520)
  • d412f53 build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#1519)
  • 4c81ff2 build(deps): bump go.step.sm/crypto from 0.31.1 to 0.31.2 (#1518)
  • c4bd9c9 build(deps): bump github.com/sigstore/sigstore from 1.6.4 to 1.6.5 (#1516)

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.2.2

Quality Enhancements

  • swap killswitch for 'docker-compose restart' (#1562)
  • pass treeSize and rootHash to avoid trillian import (#1513)
  • Move github.com/sigstore/protobuf-specs users into a separate subpackage (#1511)

Bug Fixes

  • pass down error with message instead of nil (#1560)

Contributors

  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Eng Zer Jun
  • Miloslav Trmač

v1.2.1

Bug Fixes

  • run go mod tidy in hack/tools (#1510)

Contributors

  • Bob Callaway

v1.2.0

Functional Enhancements

  • add client method to generate TLE struct (#1498)
  • add dsse type (#1487)
  • support other KMS providers (AWS, Azure, Hashicorp) in addition to GCP (#1488)
  • Add concurrency to backfill-redis (#1504)
  • omit informational message if machine-parseable output has been requested (#1486)
  • Publish stable checkpoint periodically to Redis (#1461)
  • Add intoto v0.0.2 to backfill script (#1500)
  • add new method to test insertability of proposed entries into log (#1410)

Quality Enhancements

  • use t.Skip() in fuzzers (#1506)
  • improve fuzzing coverage (#1499)
  • Remove watcher script (#1484)

Bug Fixes

  • Merge pull request from GHSA-frqx-jfcm-6jjr
  • Remove requirement of PayloadHash for intoto 0.0.1 (#1490)
  • fix lint errors, bump linter up to 1.52 (#1485)
  • Remove dependencies from pkg/util (#1469)

Contributors

  • Bob Callaway
  • Carlos Tadeu Panato Junior

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 29, 2023
@codecov
Copy link

codecov bot commented Jun 29, 2023
edited
Loading

Codecov Report

Merging #3096 (679ea45) into main (2a77460) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #3096   +/-   ##
=======================================
  Coverage   30.64%   30.64%           
=======================================
  Files         155      155           
  Lines        9791     9791           
=======================================
  Hits         3000     3000           
  Misses       6341     6341           
  Partials      450      450

hectorj2f
hectorj2f previously approved these changes Jun 29, 2023
View reviewed changes
@hectorj2f hectorj2f enabled auto-merge (squash) June 29, 2023 16:47
@dependabot
chore(deps): bump github.com/sigstore/rekor
679ea45 
Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.2.2-0.20230530122220-67cc9e58bd23 to 1.2.2.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/rekor/commits/v1.2.2)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/rekor-1.2.2 branch from 250b17d to 679ea45 Compare June 29, 2023 17:12
@hectorj2f hectorj2f merged commit 629fb6b into main Jun 29, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/sigstore/rekor-1.2.2 branch June 29, 2023 18:11
@github-actions github-actions bot added this to the v2.1.1 milestone Jun 29, 2023
@cpanato cpanato modified the milestones: v2.1.1, v2.2.0 Jul 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hectorj2f hectorj2f hectorj2f approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
v2.2.0
Development

Successfully merging this pull request may close these issues.
2 participants
@hectorj2f @cpanato