Update to upstream - v1.6.5 #203

JasonPowr · 2024-11-28T14:22:04Z

No description provided.

Bumps the go_modules group group with 2 updates: [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) and gopkg.in/go-jose/go-jose.v2. Updates `github.com/go-jose/go-jose/v3` from 3.0.2 to 3.0.3 - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.2...v3.0.3) Updates `gopkg.in/go-jose/go-jose.v2` from 2.6.1 to 2.6.3 --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect dependency-group: go_modules-security-group - dependency-name: gopkg.in/go-jose/go-jose.v2 dependency-type: indirect dependency-group: go_modules-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: Bob Callaway <[email protected]>

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.49.0 to 0.50.0. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.49.0...v0.50.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/googleapis/api-linter](https://github.com/googleapis/api-linter) from 1.63.6 to 1.64.0. - [Release notes](https://github.com/googleapis/api-linter/releases) - [Changelog](https://github.com/googleapis/api-linter/blob/main/CHANGELOG.md) - [Commits](googleapis/api-linter@v1.63.6...v1.64.0) --- updated-dependencies: - dependency-name: github.com/googleapis/api-linter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/golang/protobuf/releases) - [Commits](golang/protobuf@v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/golang/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

On Windows the files copied to the docker container's work environment must have lf line endings to be properly executed. Resolves sigstore#1605 Signed-off-by: Jordan Slater <[email protected]>

Bumps [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf) from 25.3 to 26.0. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v25.3...v26.0) --- updated-dependencies: - dependency-name: protocolbuffers/protobuf dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.5 to 1.15.6. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.15.5...kms/v1.15.6) --- updated-dependencies: - dependency-name: cloud.google.com/go/security dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) from 1.1.7 to 1.1.8. - [Release notes](https://github.com/google/certificate-transparency-go/releases) - [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md) - [Commits](google/certificate-transparency-go@v1.1.7...v1.1.8) --- updated-dependencies: - dependency-name: github.com/google/certificate-transparency-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.167.0 to 0.170.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.167.0...v0.170.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.50.0 to 0.51.1. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.50.0...v0.51.1) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.43.1 to 0.44.1. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.43.1...v0.44.1) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.170.0 to 0.171.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.170.0...v0.171.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.44.1 to 0.44.2. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.44.1...v0.44.2) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@54bcd87...c16abc2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf) from 26.0 to 26.1. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v26.0...v26.1) --- updated-dependencies: - dependency-name: protocolbuffers/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.171.0 to 0.172.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.171.0...v0.172.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

* Feat: Add Codefresh OIDC provider (#2) Signed-off-by: Ilia Medvedev <[email protected]> * linting and licensing fixes Signed-off-by: Ilia Medvedev <[email protected]> * fix linting warnings Signed-off-by: Ilia Medvedev <[email protected]> * fix last linting warnings Signed-off-by: Ilia Medvedev <[email protected]> * Change Run incovation URI extension to pipeline_id Signed-off-by: Ilia Medvedev <[email protected]> * add comment explaining the usage of worklow url as buildsigner Signed-off-by: Ilia Medvedev <[email protected]> * fix linting Signed-off-by: Ilia Medvedev <[email protected]> --------- Signed-off-by: Ilia Medvedev <[email protected]>

Signed-off-by: Hayden Blauzvern <[email protected]>

Bumps [github.com/spiffe/go-spiffe/v2](https://github.com/spiffe/go-spiffe) from 2.1.7 to 2.2.0. - [Release notes](https://github.com/spiffe/go-spiffe/releases) - [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md) - [Commits](spiffe/go-spiffe@v2.1.7...v2.2.0) --- updated-dependencies: - dependency-name: github.com/spiffe/go-spiffe/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: cpanato <[email protected]>

Bumps the all group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk) | `0.1.23` | `0.1.24` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.20.2` | `1.20.3` | | [github.com/rs/cors](https://github.com/rs/cors) | `1.11.0` | `1.11.1` | | [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` | | [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` | | [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` | | [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` | | [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` | Updates `chainguard.dev/sdk` from 0.1.23 to 0.1.24 - [Release notes](https://github.com/chainguard-dev/sdk/releases) - [Commits](chainguard-dev/sdk@v0.1.23...v0.1.24) Updates `github.com/prometheus/client_golang` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/v1.20.3/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.20.2...v1.20.3) Updates `github.com/rs/cors` from 1.11.0 to 1.11.1 - [Commits](rs/cors@v1.11.0...v1.11.1) Updates `github.com/sigstore/sigstore` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.8 to 1.8.9 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.8...v1.8.9) Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20240822170219-fc7c04adadcd - [Commits](https://github.com/googleapis/go-genproto/commits) Updates `google.golang.org/grpc` from 1.65.0 to 1.66.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.65.0...v1.66.0) --- updated-dependencies: - dependency-name: chainguard.dev/sdk dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/rs/cors dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/genproto/googleapis/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…e#1801) * Update Buildkite column in OIDC claim mapping table Signed-off-by: Richard Fan <[email protected]> * Remove CircleCI from OIDC claim mapping table Signed-off-by: Richard Fan <[email protected]> * Remove WIP remark from GitLab OIDC claim mapping tabl Signed-off-by: Richard Fan <[email protected]> * Update GitLab OIDC claims mapping table Signed-off-by: Richard Fan <[email protected]> * Add double quotes on literal string in OIDC claim mapping table Signed-off-by: Richard Fan <[email protected]> --------- Signed-off-by: Richard Fan <[email protected]>

One of the commit shas referenced a 2 year old commit, which caused CI to fail since it used a deprecated action. Signed-off-by: Hayden B <[email protected]>

Now hosted in another org as well. Signed-off-by: Hayden Blauzvern <[email protected]>

Bumps golang from `4a3c2bc` to `2fe82a3`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.51.1 to 0.52.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.51.1...v0.52.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.57.0 to 0.59.1. - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md) - [Commits](prometheus/common@v0.57.0...v0.59.1) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the all group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [chainguard.dev/go-grpc-kit](https://github.com/chainguard-dev/go-grpc-kit) | `0.17.5` | `0.17.6` | | [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk) | `0.1.24` | `0.1.25` | | [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) | `1.18.0` | `1.18.1` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.20.3` | `1.20.4` | | [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) | `0.8.4` | `0.8.5` | Updates `chainguard.dev/go-grpc-kit` from 0.17.5 to 0.17.6 - [Release notes](https://github.com/chainguard-dev/go-grpc-kit/releases) - [Commits](chainguard-dev/go-grpc-kit@v0.17.5...v0.17.6) Updates `chainguard.dev/sdk` from 0.1.24 to 0.1.25 - [Release notes](https://github.com/chainguard-dev/sdk/releases) - [Commits](chainguard-dev/sdk@v0.1.24...v0.1.25) Updates `cloud.google.com/go/security` from 1.18.0 to 1.18.1 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.18.0...dlp/v1.18.1) Updates `github.com/prometheus/client_golang` from 1.20.3 to 1.20.4 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.20.3...v1.20.4) Updates `google.golang.org/api` from 0.195.0 to 0.197.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.195.0...v0.197.0) Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240822170219-fc7c04adadcd to 0.0.0-20240903143218-8af14fe29dc1 - [Commits](https://github.com/googleapis/go-genproto/commits) Updates `sigs.k8s.io/release-utils` from 0.8.4 to 0.8.5 - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.8.4...v0.8.5) --- updated-dependencies: - dependency-name: chainguard.dev/go-grpc-kit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: chainguard.dev/sdk dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: cloud.google.com/go/security dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google.golang.org/genproto/googleapis/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the all group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf). Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...d632683) Updates `protocolbuffers/protobuf` from 28.0 to 28.2 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v28.0...v28.2) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: protocolbuffers/protobuf dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps golang from `2fe82a3` to `4f063a2`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…sigstore#1822) Bumps the all group in /hack/tools with 1 update: [github.com/googleapis/api-linter](https://github.com/googleapis/api-linter). Updates `github.com/googleapis/api-linter` from 1.67.2 to 1.67.3 - [Release notes](https://github.com/googleapis/api-linter/releases) - [Changelog](https://github.com/googleapis/api-linter/blob/main/CHANGELOG.md) - [Commits](googleapis/api-linter@v1.67.2...v1.67.3) --- updated-dependencies: - dependency-name: github.com/googleapis/api-linter dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.52.0 to 0.53.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.52.0...v0.53.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.197.0 to 0.199.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.197.0...v0.199.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…gstore#1824) Signed-off-by: Aditya Sirish A Yelgundhalli <[email protected]>

Signed-off-by: Bob Callaway <[email protected]>

Signed-off-by: Janine Olear <[email protected]>

Bumps the all group with 4 updates: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [google-github-actions/auth](https://github.com/google-github-actions/auth), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action). Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@4959ce0...dc72c7d) Updates `google-github-actions/auth` from 2.1.5 to 2.1.6 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@62cf5bd...8254fb7) Updates `codecov/codecov-action` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e28ff12...b9fd7d1) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@aaa42aa...971e284) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the all group with 1 update: golang. Updates `golang` from 1.23.1 to 1.23.2 --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.59.1 to 0.60.0. - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md) - [Commits](prometheus/common@v0.59.1...v0.60.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#1833) Bumps the all group with 1 update in the / directory: [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk). Updates `chainguard.dev/sdk` from 0.1.25 to 0.1.26 - [Release notes](https://github.com/chainguard-dev/sdk/releases) - [Commits](chainguard-dev/sdk@v0.1.25...v0.1.26) --- updated-dependencies: - dependency-name: chainguard.dev/sdk dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: cpanato <[email protected]>

Signed-off-by: Hayden Blauzvern <[email protected]>

v1.6.5

openshift-ci · 2024-11-28T14:22:10Z

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: JasonPowr

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

dependabot bot and others added 30 commits March 8, 2024 00:44

move to golang 1.21.8 and bump other deps

dda5aa4

Signed-off-by: Bob Callaway <[email protected]>

use -dev image

d62bdaa

Signed-off-by: Bob Callaway <[email protected]>

bump validate-release

00ef5a0

Signed-off-by: Bob Callaway <[email protected]>

Add space

fea894f

Signed-off-by: Bob Callaway <[email protected]>

Force sh scripts to checkout with lf line endings (sigstore#1606)

08141df

On Windows the files copied to the docker container's work environment must have lf line endings to be properly executed. Resolves sigstore#1605 Signed-off-by: Jordan Slater <[email protected]>

Add changelog for v1.4.5 (sigstore#1624)

0ac692c

Signed-off-by: Hayden Blauzvern <[email protected]>

cpanato and others added 26 commits September 4, 2024 21:44

add changelog for v1.6.4 (sigstore#1795)

5237979

Signed-off-by: cpanato <[email protected]>

upgrade to go1.23.1 (sigstore#1796)

ba53f27

Signed-off-by: cpanato <[email protected]>

Update chainguard-dev/actions to latest commit (sigstore#1814)

53912d4

One of the commit shas referenced a 2 year old commit, which caused CI to fail since it used a deprecated action. Signed-off-by: Hayden B <[email protected]>

Update Tink library to v2 (sigstore#1815)

a781da9

Now hosted in another org as well. Signed-off-by: Hayden Blauzvern <[email protected]>

Include IDP type and subject domain in configuration API response (si…

df65c59

…gstore#1824) Signed-off-by: Aditya Sirish A Yelgundhalli <[email protected]>

extend TLS cert used in tests to 100 year expiration (sigstore#1826)

c07462d

Signed-off-by: Bob Callaway <[email protected]>

fallback to json default cfg path if yaml does not exist (sigstore#1810)

a2cba3e

Signed-off-by: Janine Olear <[email protected]>

Bump github.com/spiffe/go-spiffe/v2 from 2.3.0 to 2.4.0 (sigstore#1831)

04f761b

use go1.23.2 (sigstore#1834)

ab24f1c

Signed-off-by: cpanato <[email protected]>

Add CHANGELOG for v1.6.5 (sigstore#1835)

7920be2

Signed-off-by: Hayden Blauzvern <[email protected]>

Merge tag 'v1.6.5'

ee4544e

v1.6.5

JasonPowr force-pushed the update-to-upstream branch from 88d36c4 to 930b453 Compare November 28, 2024 14:49

update base image and unit test image

9ed9474

JasonPowr force-pushed the update-to-upstream branch from 930b453 to 9ed9474 Compare November 28, 2024 16:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update to upstream - v1.6.5 #203

Update to upstream - v1.6.5 #203

JasonPowr commented Nov 28, 2024

openshift-ci bot commented Nov 28, 2024

Update to upstream - v1.6.5 #203

Are you sure you want to change the base?

Update to upstream - v1.6.5 #203

Conversation

JasonPowr commented Nov 28, 2024

openshift-ci bot commented Nov 28, 2024