fix(deps): update module github.com/sigstore/fulcio to v1.8.2

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/sigstore/fulcio	v1.7.1 -> v1.8.2

---

Release Notes

sigstore/fulcio (github.com/sigstore/fulcio)

v1.8.2

Compare Source

Testing

• make email address in test cases rfc822 conformant (#​2205)

v1.8.1

Compare Source

Same as v1.8.0, but with a fix for the CI build pipeline.

v1.8.0

Compare Source

Bug Fixes

• fix: K8s API does not accept unauthorized requests (#​2111)
• fix: vault for enterprise expects only the key name (#​2117)
• fix(config): respect cacert on oidc-issuers (#​2098)
• Register /healthz endpoint when listening on duplex http/grpc port (#​2046)

Features

• feat: adds cert loading and key-match validation. (#​2173)
• expose gcp kms retry and timeout options (#​2132)
• server: Use warning log level for client errors (#​2147)
• Add workflow to periodically validate OIDC issuers (#​2188)
• Add Chainguard issuer (#​2078)
• Add logging for template error (#​2194)
• Add extension for deployment environment (#​2190)

Removal

• Remove cmd/create_tink_keyset (#​2096)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: image/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 10 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.24.0 -> 1.24.6
github.com/sigstore/sigstore	v1.9.5 -> v1.9.6-0.20250729224751-181c5d3339b3
github.com/sirupsen/logrus	v1.9.3 -> v1.9.4-0.20230606125235-dd1b4c2e81af
github.com/coreos/go-oidc/v3	v3.14.1 -> v3.16.0
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/sergi/go-diff	v1.3.2-0.20230802210424-5b0b94c5c0d3 -> v1.4.0
github.com/sigstore/protobuf-specs	v0.4.1 -> v0.5.0
google.golang.org/genproto/googleapis/api	v0.0.0-20250825161204-c5933d9347a5 -> v0.0.0-20250929231259-57b25ae835d4
google.golang.org/genproto/googleapis/rpc	v0.0.0-20250825161204-c5933d9347a5 -> v0.0.0-20251022142026-3a174f9686a8
google.golang.org/grpc	v1.75.0 -> v1.76.0
google.golang.org/protobuf	v1.36.9 -> v1.36.10

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: image/go.sum

Command failed: go get -t ./...
go: module github.com/sigstore/[email protected] requires go >= 1.25.0; switching to go1.25.4
go: downloading go1.25.4 (linux/amd64)
go: download go1.25.4: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off