chore(deps): bump the gomod group across 1 directory with 11 updates #4018

dependabot · 2025-01-20T16:21:12Z

Bumps the gomod group with 4 updates in the / directory: github.com/google/certificate-transparency-go, github.com/google/go-containerregistry, github.com/sigstore/protobuf-specs and github.com/sigstore/rekor.

Updates github.com/google/certificate-transparency-go from 1.3.0 to 1.3.1

Release notes

Sourced from github.com/google/certificate-transparency-go's releases.

v1.3.1

What's Changed

Add AllLogListSignatureURL by @AlexLaroche in google/certificate-transparency-go#1634

chore: relax go directive to permit 1.22.x by @dnwe in google/certificate-transparency-go#1640

Add TiledLogs to log list JSON by @mcpherrinm in google/certificate-transparency-go#1635

Dependencies

Bump github.com/fullstorydev/grpcurl from 1.9.1 to 1.9.2 in the all-deps group by @dependabot in google/certificate-transparency-go#1627

Bump the all-deps group with 3 updates by @dependabot in google/certificate-transparency-go#1628

Bump the docker-deps group across 5 directories with 3 updates by @dependabot in google/certificate-transparency-go#1630

Bump github/codeql-action from 3.27.5 to 3.27.6 in the all-deps group by @dependabot in google/certificate-transparency-go#1629

Bump golang.org/x/crypto from 0.30.0 to 0.31.0 in the go_modules group by @dependabot in google/certificate-transparency-go#1631

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1633

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1632

Bump the docker-deps group across 4 directories with 1 update by @dependabot in google/certificate-transparency-go#1638

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1637

Bump the all-deps group across 1 directory with 2 updates by @dependabot in google/certificate-transparency-go#1641

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1643

Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the all-deps group by @dependabot in google/certificate-transparency-go#1642

New Contributors

@AlexLaroche made their first contribution in google/certificate-transparency-go#1634

@dnwe made their first contribution in google/certificate-transparency-go#1640

@mcpherrinm made their first contribution in google/certificate-transparency-go#1635

Full Changelog: google/certificate-transparency-go@v1.3.0...v1.3.1

Changelog

Sourced from github.com/google/certificate-transparency-go's changelog.

v1.3.1

Add AllLogListSignatureURL by @AlexLaroche in google/certificate-transparency-go#1634

Add TiledLogs to log list JSON by @mcpherrinm in google/certificate-transparency-go#1635

chore: relax go directive to permit 1.22.x by @dnwe in google/certificate-transparency-go#1640

Dependency Update

Bump github.com/fullstorydev/grpcurl from 1.9.1 to 1.9.2 in the all-deps group by @dependabot in google/certificate-transparency-go#1627

Bump the all-deps group with 3 updates by @dependabot in google/certificate-transparency-go#1628

Bump the docker-deps group across 5 directories with 3 updates by @dependabot in google/certificate-transparency-go#1630

Bump github/codeql-action from 3.27.5 to 3.27.6 in the all-deps group by @dependabot in google/certificate-transparency-go#1629

Bump golang.org/x/crypto from 0.30.0 to 0.31.0 in the go_modules group by @dependabot in google/certificate-transparency-go#1631

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1633

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1632

Bump the docker-deps group across 4 directories with 1 update by @dependabot in google/certificate-transparency-go#1638

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1637

Bump the all-deps group across 1 directory with 2 updates by @dependabot in google/certificate-transparency-go#1641

Bump the all-deps group with 2 updates by @dependabot in google/certificate-transparency-go#1643

Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the all-deps group by @dependabot in google/certificate-transparency-go#1642

Commits

ea0e2f4 Update CHANGELOG in prep for v1.3.1 (#1644)
7a59cf0 Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the all-deps group (#1642)
01156be Bump the all-deps group with 2 updates (#1643)
facd20e Bump the all-deps group across 1 directory with 2 updates (#1641)
dcb444a Add TiledLogs to log list JSON (#1635)
113e37f chore: relax go directive to permit 1.22.x (#1640)
e63797b Bump the all-deps group with 2 updates (#1637)
fba5180 Bump the docker-deps group across 4 directories with 1 update (#1638)
77ccd13 Bump the all-deps group with 2 updates (#1632)
087b77f Add AllLogListSignatureURL (#1634)
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

remote/transport: Make bearer transport go-routine-safe by @2opremio in google/go-containerregistry#1806

Expose compare package by @jonjohnsonjr in google/go-containerregistry#2001

fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @bmoylan in google/go-containerregistry#1947

bump actions to latest by @ajayk in google/go-containerregistry#2011

don't pin chainguard-dev/actions by @imjasonh in google/go-containerregistry#2025

Check for 406 status code when handling referrers API endpoint response by @malancas in google/go-containerregistry#2026

mutate: Create a defensive annotations copy by @jonjohnsonjr in google/go-containerregistry#2030

Detect zstd in crane append by @jonjohnsonjr in google/go-containerregistry#2023

bump deps using hack/bump-deps.sh by @imjasonh in google/go-containerregistry#2042

New Contributors

@bmoylan made their first contribution in google/go-containerregistry#1947

@ajayk made their first contribution in google/go-containerregistry#2011

@malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

c4dd792 bump deps using hack/bump-deps.sh (#2042)
6bce25e Detect zstd in crane append (#2023)
06dcd85 mutate: Create a defensive annotations copy (#2030)
a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
4630c40 don't pin chainguard-dev/actions (#2025)
808e354 bump actions to latest (#2011)
a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
00f182b Expose compare package (#2001)
b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
See full diff in compare view

Updates github.com/sigstore/protobuf-specs from 0.3.2 to 0.3.3

Changelog

Sourced from github.com/sigstore/protobuf-specs's changelog.

0.3.3

Allowed specifying artifact digest for verification (#406

Added version to SigningConfig message (#383

Changed

Docs: Clarify that integration time is only trustworthy with a Signed Entry Timestamp (#442

Docs: Clarify inclusion promise requirement (#380

Docs: Clarify that artifact digest verification should not be used with in-toto attestations (#461

Commits

dadc81e Add warning when verifying with artifact digest (#461)
22f84aa gen: bump patch versions for v0.3.3 (#463)
6ad0fad Add changelog for v0.3.3 (#462)
1e0daec build(deps): bump softprops/action-gh-release from 2.2.0 to 2.2.1 (#458)
7d16e8c build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2 (#459)
6d7dc79 build(deps): bump com.diffplug.spotless from 7.0.0 to 7.0.1 in /java (#460)
0893628 build(deps): bump alpine from 21dc606 to b97e2a8 (#456)
a00cfe9 build(deps): bump com.diffplug.spotless from 6.25.0 to 7.0.0 in /java (#457)
e04a14b build(deps): bump ruby/setup-ruby from 1.206.0 to 1.207.0 (#455)
27b9f3c build(deps): bump ruby/setup-ruby from 1.205.0 to 1.206.0 (#454)
Additional commits viewable in compare view

Updates github.com/sigstore/rekor from 1.3.7 to 1.3.8

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.8

Changelog

Please see https://github.com/sigstore/rekor/blob/main/CHANGELOG.md for changes included in this release.

New Contributors

@sgpinkus made their first contribution in sigstore/rekor#2322

@dnwe made their first contribution in sigstore/rekor#2325

Full Changelog: sigstore/rekor@v1.3.7...v1.3.8

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.8

Bug Fixes

fix zizmor issues (#2298)

remove unneeded value in log message (#2282)

Quality Enhancements

chore: relax go directive to permit 1.22.x

fetch minisign from homebrew instead of custom ppa (#2329)

fix(ci): simplify GOVERSION extraction

chore(deps): bump actions pins to latest

Updates go and golangci-lint (#2302)

update builder to use go1.23.4 (#2301)

clean up spaces

log request body on 500 error to aid debugging (#2283)

Contributors

Appu Goundan

Bob Callaway

Carlos Tadeu Panato Junior

Dominic Evans

sgpinkus

Commits

88b5ce5 add changelog for v1.3.8 (#2331)
1e9cdae chore: relax go directive to permit 1.22.x
dcad58c build(deps): Bump google.golang.org/api from 0.214.0 to 0.216.0 (#2328)
1082f48 build(deps): Bump the all group with 11 updates (#2327)
362ccea build(deps): Bump google/cloud-sdk from 504.0.1 to 505.0.0 (#2326)
c505919 fetch minisign from homebrew instead of custom ppa (#2329)
280c8c1 fix(ci): simplify GOVERSION extraction
7bf4b21 chore(deps): bump actions pins to latest
513c30e Update types.md (#2322)
8f7b5a0 build(deps): Bump sigs.k8s.io/release-utils from 0.8.5 to 0.9.0
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore from 1.8.11 to 1.8.12

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.12

What's Changed

build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1912

build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1911

build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @dependabot in sigstore/sigstore#1909

build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1917

build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1915

build(deps): Bump the gomod group across 2 directories with 5 updates by @dependabot in sigstore/sigstore#1916

build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @dependabot in sigstore/sigstore#1920

build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @dependabot in sigstore/sigstore#1924

build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in sigstore/sigstore#1921

build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in sigstore/sigstore#1922

build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @dependabot in sigstore/sigstore#1923

build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @dependabot in sigstore/sigstore#1908

build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot in sigstore/sigstore#1910

build(deps): Bump the tools group across 1 directory with 2 updates by @dependabot in sigstore/sigstore#1913

cleanup ci by @cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

Commits

e28cdf3 cleanup ci (#1927)
8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.11 to 1.8.12

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.

v1.8.12

What's Changed

build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1912

build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1911

build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @dependabot in sigstore/sigstore#1909

build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1917

build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1915

build(deps): Bump the gomod group across 2 directories with 5 updates by @dependabot in sigstore/sigstore#1916

build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @dependabot in sigstore/sigstore#1920

build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @dependabot in sigstore/sigstore#1924

build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in sigstore/sigstore#1921

build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in sigstore/sigstore#1922

build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @dependabot in sigstore/sigstore#1923

build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @dependabot in sigstore/sigstore#1908

build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot in sigstore/sigstore#1910

build(deps): Bump the tools group across 1 directory with 2 updates by @dependabot in sigstore/sigstore#1913

cleanup ci by @cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

Commits

e28cdf3 cleanup ci (#1927)
8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.11 to 1.8.12

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.

v1.8.12

What's Changed

build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1912

build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1911

build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @dependabot in sigstore/sigstore#1909

build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1917

build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1915

build(deps): Bump the gomod group across 2 directories with 5 updates by @dependabot in sigstore/sigstore#1916

build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @dependabot in sigstore/sigstore#1920

build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @dependabot in sigstore/sigstore#1924

build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in sigstore/sigstore#1921

build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in sigstore/sigstore#1922

build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @dependabot in sigstore/sigstore#1923

build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @dependabot in sigstore/sigstore#1908

build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot in sigstore/sigstore#1910

build(deps): Bump the tools group across 1 directory with 2 updates by @dependabot in sigstore/sigstore#1913

cleanup ci by @cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

Commits

e28cdf3 cleanup ci (#1927)
8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.11 to 1.8.12

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.

v1.8.12

What's Changed

build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1912

build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1911

build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @dependabot in sigstore/sigstore#1909

build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1917

build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1915

build(deps): Bump the gomod group across 2 directories with 5 updates by @dependabot in sigstore/sigstore#1916

build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @dependabot in sigstore/sigstore#1920

build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @dependabot in sigstore/sigstore#1924

build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in sigstore/sigstore#1921

build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in sigstore/sigstore#1922

build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @dependabot in sigstore/sigstore#1923

build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @dependabot in sigstore/sigstore#1908

build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot in sigstore/sigstore#1910

build(deps): Bump the tools group across 1 directory with 2 updates by @dependabot in sigstore/sigstore#1913

cleanup ci by @cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

Commits

e28cdf3 cleanup ci (#1927)
8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.11 to 1.8.12

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.

v1.8.12

What's Changed

build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1912

build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1911

build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @dependabot in sigstore/sigstore#1909

build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @dependabot in sigstore/sigstore#1917

build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1915

build(deps): Bump the gomod group across 2 directories with 5 updates by @dependabot in sigstore/sigstore#1916

build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @dependabot in sigstore/sigstore#1920

build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @dependabot in sigstore/sigstore#1924

build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in sigstore/sigstore#1921

build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @dependabot in sigstore/sigstore#1922

build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @dependabot in sigstore/sigstore#1923

build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @dependabot in sigstore/sigstore#1908

build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot in sigstore/sigstore#1910

build(deps): Bump the tools group across 1 directory with 2 updates by @dependabot in sigstore/sigstore#1913

cleanup ci by @cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

Commits

e28cdf3 cleanup ci (#1927)
8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
Additional commits viewable in compare view

Updates google.golang.org/api from 0.214.0 to 0.216.0

Release notes

Sourced from google.golang.org/api's releases.

v0.216.0

0.216.0 (2025-01-09)

Features

all: Auto-regenerate discovery clients (#2946) (fe72ad1)

all: Auto-regenerate discovery clients (#2947) (0386e0f)

all: Auto-regenerate discovery clients (#2948) (a04a14b)

all: Auto-regenerate discovery clients (#2950) (7ad3a5f)

all: Auto-regenerate discovery clients (#2951) (d6e4f8d)

all: Auto-regenerate discovery clients (#2953) (

Bumps the gomod group with 4 updates in the / directory: [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go), [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry), [github.com/sigstore/protobuf-specs](https://github.com/sigstore/protobuf-specs) and [github.com/sigstore/rekor](https://github.com/sigstore/rekor). Updates `github.com/google/certificate-transparency-go` from 1.3.0 to 1.3.1 - [Release notes](https://github.com/google/certificate-transparency-go/releases) - [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md) - [Commits](google/certificate-transparency-go@v1.3.0...v1.3.1) Updates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.3 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.20.2...v0.20.3) Updates `github.com/sigstore/protobuf-specs` from 0.3.2 to 0.3.3 - [Release notes](https://github.com/sigstore/protobuf-specs/releases) - [Changelog](https://github.com/sigstore/protobuf-specs/blob/main/CHANGELOG.md) - [Commits](sigstore/protobuf-specs@v0.3.2...v0.3.3) Updates `github.com/sigstore/rekor` from 1.3.7 to 1.3.8 - [Release notes](https://github.com/sigstore/rekor/releases) - [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md) - [Commits](sigstore/rekor@v1.3.7...v1.3.8) Updates `github.com/sigstore/sigstore` from 1.8.11 to 1.8.12 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.11...v1.8.12) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.11 to 1.8.12 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.11...v1.8.12) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.11 to 1.8.12 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.11...v1.8.12) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.11 to 1.8.12 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.11...v1.8.12) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.11 to 1.8.12 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.11...v1.8.12) Updates `google.golang.org/api` from 0.214.0 to 0.216.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.214.0...v0.216.0) Updates `google.golang.org/protobuf` from 1.36.1 to 1.36.3 --- updated-dependencies: - dependency-name: github.com/google/certificate-transparency-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/google/go-containerregistry dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/protobuf-specs dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/rekor dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jan 20, 2025

dependabot bot mentioned this pull request Jan 20, 2025

chore(deps): bump google.golang.org/api from 0.214.0 to 0.216.0 #4009

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the gomod group across 1 directory with 11 updates #4018

chore(deps): bump the gomod group across 1 directory with 11 updates #4018

dependabot bot commented on behalf of github Jan 20, 2025

chore(deps): bump the gomod group across 1 directory with 11 updates #4018

Are you sure you want to change the base?

chore(deps): bump the gomod group across 1 directory with 11 updates #4018

Conversation

dependabot bot commented on behalf of github Jan 20, 2025

v1.3.1

What's Changed

Dependencies

New Contributors

v1.3.1

Dependency Update

v0.20.3

What's Changed

New Contributors

0.3.3

Changed

v1.3.8

Changelog

New Contributors

v1.3.8

Bug Fixes

Quality Enhancements

Contributors

v1.8.12

What's Changed

v1.8.12

What's Changed

v1.8.12

What's Changed

v1.8.12

What's Changed

v1.8.12

What's Changed

v0.216.0

0.216.0 (2025-01-09)

Features