Bump github.com/sigstore/sigstore from 1.0.1 to 1.1.0 #299

dependabot · 2021-12-29T02:27:05Z

Bumps github.com/sigstore/sigstore from 1.0.1 to 1.1.0.

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.1.0

What's Changed

Idp specific default flows by @houdini91 in sigstore/sigstore#123

Bump github.com/aws/aws-sdk-go from 1.42.1 to 1.42.2 by @dependabot in sigstore/sigstore#139

Bump github.com/aws/aws-sdk-go from 1.42.2 to 1.42.3 by @dependabot in sigstore/sigstore#140

Bump github.com/google/go-containerregistry from 0.6.0 to 0.7.0 by @dependabot in sigstore/sigstore#142

Bump github.com/aws/aws-sdk-go from 1.42.3 to 1.42.4 by @dependabot in sigstore/sigstore#143

expose innerWrapper as VerifierAdapter by @dekkagaijin in sigstore/sigstore#144

also expose the wrapped verifier in VerifierAdapter by @dekkagaijin in sigstore/sigstore#145

Bump github.com/aws/aws-sdk-go from 1.42.4 to 1.42.5 by @dependabot in sigstore/sigstore#147

Feat : Fuzzing by @naveensrinivasan in sigstore/sigstore#146

Linter - Included linter check for doc rules by @naveensrinivasan in sigstore/sigstore#148

Bump github.com/aws/aws-sdk-go from 1.42.5 to 1.42.7 by @dependabot in sigstore/sigstore#150

update deps by @dekkagaijin in sigstore/sigstore#151

Bump github.com/aws/aws-sdk-go from 1.42.8 to 1.42.9 by @dependabot in sigstore/sigstore#152

Move the ssh signing/verification utilities to sigstore from rekor. by @dlorenc in sigstore/sigstore#141

Bump github.com/aws/aws-sdk-go from 1.42.9 to 1.42.10 by @dependabot in sigstore/sigstore#153

Fix revive lint warnings. by @dlorenc in sigstore/sigstore#156

Included fuzzing for more cryptoutils by @naveensrinivasan in sigstore/sigstore#157

Bump github.com/aws/aws-sdk-go from 1.42.10 to 1.42.11 by @dependabot in sigstore/sigstore#161

hack: add hack/tools to hold non required dependencies/tools for the project by @cpanato in sigstore/sigstore#159

update lint action by @dekkagaijin in sigstore/sigstore#155

Fuzzing password and some signature API by @naveensrinivasan in sigstore/sigstore#160

Bump github.com/aws/aws-sdk-go from 1.42.11 to 1.42.12 by @dependabot in sigstore/sigstore#162

Bump github.com/Azure/azure-sdk-for-go from 59.3.0+incompatible to 59.4.0+incompatible by @dependabot in sigstore/sigstore#163

Docs for Fuzzing by @naveensrinivasan in sigstore/sigstore#165

Fuzzing - Included RSA Targets by @naveensrinivasan in sigstore/sigstore#164

Bump github.com/aws/aws-sdk-go from 1.42.12 to 1.42.14 by @dependabot in sigstore/sigstore#166

Clean up lint errors by @bobcallaway in sigstore/sigstore#167

Included fuzz badge by @naveensrinivasan in sigstore/sigstore#168

Included CIFuzz by @naveensrinivasan in sigstore/sigstore#169

Bump github.com/aws/aws-sdk-go from 1.42.14 to 1.42.15 by @dependabot in sigstore/sigstore#171

Fuzzing for RSAPASS by @naveensrinivasan in sigstore/sigstore#170

Bump github.com/aws/aws-sdk-go from 1.42.15 to 1.42.16 by @dependabot in sigstore/sigstore#174

Upgraded go-securesystemslib from 0.1.0 to 0.2.0 by @naveensrinivasan in sigstore/sigstore#178

Bump github.com/aws/aws-sdk-go from 1.42.16 to 1.42.17 by @dependabot in sigstore/sigstore#176

Additional corpus for ecdsa and ed25519 by @naveensrinivasan in sigstore/sigstore#177

Fuzz testing DSSE by @naveensrinivasan in sigstore/sigstore#173

Bump github.com/aws/aws-sdk-go from 1.42.17 to 1.42.18 by @dependabot in sigstore/sigstore#180

Bump github.com/Azure/azure-sdk-for-go from 59.4.0+incompatible to 60.0.0+incompatible by @dependabot in sigstore/sigstore#179

Updatathon by @dekkagaijin in sigstore/sigstore#181

Bump github.com/ReneKroon/ttlcache/v2 from 2.9.0 to 2.10.0 by @dependabot in sigstore/sigstore#184

Bump github.com/aws/aws-sdk-go from 1.42.19 to 1.42.20 by @dependabot in sigstore/sigstore#187

Bump actions/upload-artifact from 2.2.4 to 2.3.0 by @dependabot in sigstore/sigstore#185

bump github.com/secure-systems-lab/go-securesystemslib to v0.3.0 by @dekkagaijin in sigstore/sigstore#189

bump the rest of the deps by @dekkagaijin in sigstore/sigstore#190

fix wrong return value in error case by @bobcallaway in sigstore/sigstore#192

Bump github.com/aws/aws-sdk-go from 1.42.20 to 1.42.21 by @dependabot in sigstore/sigstore#194

Bump github.com/aws/aws-sdk-go from 1.42.21 to 1.42.22 by @dependabot in sigstore/sigstore#195

Bump github.com/Azure/azure-sdk-for-go from 60.0.0+incompatible to 60.1.0+incompatible by @dependabot in sigstore/sigstore#196

... (truncated)

Commits

6fca1a4 Fuzz- Fixes the invalid UTF-8 string for DSSE (#212)
75bc699 Bump github.com/Azure/azure-sdk-for-go (#210)
f2936c2 Bump github.com/hashicorp/vault/api from 1.3.0 to 1.3.1 (#209)
4b9ca0c Bump github.com/aws/aws-sdk-go from 1.42.24 to 1.42.25 (#208)
a4792a9 Bump github.com/aws/aws-sdk-go from 1.42.23 to 1.42.24 (#207)
1c9305b Bump github.com/ReneKroon/ttlcache/v2 from 2.10.0 to 2.11.0 (#206)
587d504 Dsse multi signature wrapper (#203)
e1648cc Bump github.com/Azure/azure-sdk-for-go (#204)
fe925bc Bump actions/upload-artifact from 2.3.0 to 2.3.1 (#202)
e8a1ea7 Bump github.com/aws/aws-sdk-go from 1.42.22 to 1.42.23 (#201)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 29, 2021

cpanato approved these changes Dec 29, 2021

View reviewed changes

cpanato requested a review from bobcallaway December 29, 2021 09:10

lukehinds merged commit 754b833 into main Dec 29, 2021

dependabot bot deleted the dependabot/go_modules/github.com/sigstore/sigstore-1.1.0 branch December 29, 2021 09:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/sigstore/sigstore from 1.0.1 to 1.1.0 #299

Bump github.com/sigstore/sigstore from 1.0.1 to 1.1.0 #299

dependabot bot commented on behalf of github Dec 29, 2021

Bump github.com/sigstore/sigstore from 1.0.1 to 1.1.0 #299

Bump github.com/sigstore/sigstore from 1.0.1 to 1.1.0 #299

Conversation

dependabot bot commented on behalf of github Dec 29, 2021

v1.1.0

What's Changed