Bump the all group across 1 directory with 14 updates #419

dependabot · 2024-07-08T20:31:34Z

Bumps the all group with 8 updates in the / directory:

Package	From	To
chainguard.dev/go-grpc-kit	`0.17.3`	`0.17.5`
github.com/sigstore/sigstore	`1.8.3`	`1.8.6`
github.com/sigstore/sigstore/pkg/signature/kms/aws	`1.8.3`	`1.8.6`
github.com/sigstore/sigstore/pkg/signature/kms/azure	`1.8.3`	`1.8.6`
github.com/sigstore/sigstore/pkg/signature/kms/gcp	`1.8.3`	`1.8.6`
github.com/sigstore/sigstore/pkg/signature/kms/hashivault	`1.8.3`	`1.8.6`
github.com/spf13/cobra	`1.8.0`	`1.8.1`
sigs.k8s.io/release-utils	`0.8.1`	`0.8.3`

Updates chainguard.dev/go-grpc-kit from 0.17.3 to 0.17.5

Release notes

Sourced from chainguard.dev/go-grpc-kit's releases.

v0.17.5

What's Changed

Interceptors to preserve & restore trace headers by @tcnghia in chainguard-dev/go-grpc-kit#268

Full Changelog: chainguard-dev/go-grpc-kit@v0.17.4...v0.17.5

v0.17.4

What's Changed

Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in chainguard-dev/go-grpc-kit#242

Bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in chainguard-dev/go-grpc-kit#243

Bump reviewdog/action-misspell from 1.16.0 to 1.17.0 by @dependabot in chainguard-dev/go-grpc-kit#244

Bump the golang-org-x group with 2 updates by @dependabot in chainguard-dev/go-grpc-kit#245

Bump google.golang.org/grpc from 1.62.1 to 1.63.2 by @dependabot in chainguard-dev/go-grpc-kit#248

Bump reviewdog/action-actionlint from 1.43.0 to 1.44.0 by @dependabot in chainguard-dev/go-grpc-kit#249

Bump the otel group with 4 updates by @dependabot in chainguard-dev/go-grpc-kit#246

Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in chainguard-dev/go-grpc-kit#250

Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in chainguard-dev/go-grpc-kit#251

Bump golangci/golangci-lint-action from 4.0.0 to 5.1.0 by @dependabot in chainguard-dev/go-grpc-kit#252

Bump the otel group with 4 updates by @dependabot in chainguard-dev/go-grpc-kit#253

Bump the golang-org-x group with 2 updates by @dependabot in chainguard-dev/go-grpc-kit#254

Bump reviewdog/action-actionlint from 1.44.0 to 1.45.0 by @dependabot in chainguard-dev/go-grpc-kit#256

Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in chainguard-dev/go-grpc-kit#257

Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in chainguard-dev/go-grpc-kit#258

Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in chainguard-dev/go-grpc-kit#259

Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 by @dependabot in chainguard-dev/go-grpc-kit#255

Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in chainguard-dev/go-grpc-kit#262

Bump reviewdog/action-actionlint from 1.45.0 to 1.46.0 by @dependabot in chainguard-dev/go-grpc-kit#261

Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 in the prom group by @dependabot in chainguard-dev/go-grpc-kit#260

Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in chainguard-dev/go-grpc-kit#263

bump grpc, update lint by @k4leung4 in chainguard-dev/go-grpc-kit#267

Bump the otel group with 4 updates by @dependabot in chainguard-dev/go-grpc-kit#266

Full Changelog: chainguard-dev/go-grpc-kit@v0.17.3...v0.17.4

Commits

3bf9bb5 Interceptors to preserve & restore trace headers (#268)
0314ac5 Bump the otel group with 4 updates (#266)
55cacbb bump grpc (#267)
dc98b9c --- (#263)
c72196f Bump github.com/prometheus/client_golang in the prom group (#260)
d86db68 Bump reviewdog/action-actionlint from 1.45.0 to 1.46.0 (#261)
b73300a Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (#262)
2541df6 Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#255)
8dc6d9a Bump actions/checkout from 4.1.4 to 4.1.5 (#259)
576b560 Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 (#258)
Additional commits viewable in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.19.1 to 2.20.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.20.0

What's Changed

api_visibility option now transitively hides request/response messages by @Place1 in grpc-ecosystem/grpc-gateway#3966

Marshal non proto fields with indents by @gknw in grpc-ecosystem/grpc-gateway#4027

chore: fix some comments by @avoidalone in grpc-ecosystem/grpc-gateway#4092

chore(examples): add one example to log request body when the status code is non 200 by @richzw in grpc-ecosystem/grpc-gateway#4108

feat(bazel): surface --disable_default_responses in rule def by @rajukrishnamurthy in grpc-ecosystem/grpc-gateway#4126

integration: fix wrapping of response writer causing endless test loop by @johanbrandhorst in grpc-ecosystem/grpc-gateway#4131

Omit enum field when value is empty by @jeromefroe in grpc-ecosystem/grpc-gateway#4180

docs/mapping/examples.md: update CoreOS example GitHub branch to master branch by @mohamedawnallah in grpc-ecosystem/grpc-gateway#4198

chore: remove repetitive word by @mountcount in grpc-ecosystem/grpc-gateway#4183

Fix Typo in examples.md by @umakantv in grpc-ecosystem/grpc-gateway#4212

Write Content-Length header if doForwardTrailers is not set by @joshgarnett in grpc-ecosystem/grpc-gateway#4259

Fixing TestOutgoingTrailerMatcher, which was non-deterministic by @joshgarnett in grpc-ecosystem/grpc-gateway#4265

Update README.md by @MakDon in grpc-ecosystem/grpc-gateway#4322

fix(4245): setting appropriate log level for error logs by @rajeshkarnena in grpc-ecosystem/grpc-gateway#4327

fix: handle X-Forwarded-* headers correctly by @haines in grpc-ecosystem/grpc-gateway#4334

New Contributors

@Place1 made their first contribution in grpc-ecosystem/grpc-gateway#3966

@avoidalone made their first contribution in grpc-ecosystem/grpc-gateway#4092

@richzw made their first contribution in grpc-ecosystem/grpc-gateway#4108

@rajukrishnamurthy made their first contribution in grpc-ecosystem/grpc-gateway#4126

@jeromefroe made their first contribution in grpc-ecosystem/grpc-gateway#4180

@mohamedawnallah made their first contribution in grpc-ecosystem/grpc-gateway#4198

@mountcount made their first contribution in grpc-ecosystem/grpc-gateway#4183

@umakantv made their first contribution in grpc-ecosystem/grpc-gateway#4212

@joshgarnett made their first contribution in grpc-ecosystem/grpc-gateway#4259

@rajeshkarnena made their first contribution in grpc-ecosystem/grpc-gateway#4327

Full Changelog: grpc-ecosystem/grpc-gateway@v2.19.1...v2.20.0

Commits

2da4beb fix: handle X-Forwarded-* headers correctly (#4334)
9660e4a chore(deps): update googleapis digest to 61a066c
d031ccd chore(deps): update googleapis digest to ca6e6eb
377fdbf fix(deps): update module google.golang.org/grpc to v1.64.0
01ea057 chore(deps): update googleapis digest to 584e0de
c298362 fix(4245): setting appropriate log level for error logs (#4327)
33ca56e chore(deps): update googleapis digest to e3a34df
db700b4 Update README.md
f917396 chore(deps): update googleapis digest to 7e73d48
4bba94f fix(deps): update module google.golang.org/genproto/googleapis/rpc to v0.0.0-...
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

@lukasauk made their first contribution in prometheus/client_golang#1494

Full Changelog: prometheus/client_golang@v1.19.0...v1.19.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

Commits

6e3f4b1 Cut 1.19.1 (#1494)
cad1bfa Merge pull request #1454 from prometheus/small-nits
0aa8c9f Rephrase incompatibility with common v0.48.0
See full diff in compare view

Updates github.com/sigstore/sigstore from 1.8.3 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.6

What's Changed

Bump goodkey, fix breakage by @jonjohnsonjr in sigstore/sigstore#1761

New Contributors

@jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @dependabot in sigstore/sigstore#1741

build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @dependabot in sigstore/sigstore#1743

build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1742

build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740

build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 in the all group by @dependabot in sigstore/sigstore#1746

build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates by @dependabot in sigstore/sigstore#1744

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1745

build(deps): Bump dexidp/dex from v2.39.1 to v2.40.0 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1748

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1749

Update to latest letsencrypt/boulder. by @kommendorkapten in sigstore/sigstore#1753

build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 in the all group by @dependabot in sigstore/sigstore#1760

build(deps): Bump the all group in /pkg/signature/kms/aws with 2 updates by @dependabot in sigstore/sigstore#1759

build(deps): Bump the all group in /test/e2e with 2 updates by @dependabot in sigstore/sigstore#1758

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1756

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755

build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1765

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1764

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762

build(deps): Bump the all group across 1 directory with 6 updates by @dependabot in sigstore/sigstore#1763

Full Changelog: sigstore/sigstore@v1.8.4...v1.8.5

v1.8.4

What's Changed

finish move of reusable-release to sigstore/community by @bobcallaway in sigstore/sigstore#1699

update Makefile so CodeQL covers all go files by @bobcallaway in sigstore/sigstore#1700

bump go to 1.21 by @bobcallaway in sigstore/sigstore#1701

pin container images to quiet scorecard alert by @bobcallaway in sigstore/sigstore#1709

set gh action perms by @bobcallaway in sigstore/sigstore#1710

tuf: Remove debug metadata downloads by @jku in sigstore/sigstore#1717

Fix Hashicorp Vault KMS to use PKCS1 v1.5 by @berkitamas in sigstore/sigstore#1736

New Contributors

@jku made their first contribution in sigstore/sigstore#1717

... (truncated)

Commits

5d4e11e Bump goodkey, fix breakage (#1761)
63cab17 sync go mod
115c2b2 build(deps): Bump the all group across 1 directory with 6 updates
8503e22 build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
39973a8 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
58a8301 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
71ace11 build(deps): Bump github.com/hashicorp/go-retryablehttp
b777e4b build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
5ea648c build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
a3666d9 build(deps): Bump the all group in /test/e2e with 2 updates
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.3 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.

v1.8.6

What's Changed

Bump goodkey, fix breakage by @jonjohnsonjr in sigstore/sigstore#1761

New Contributors

@jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @dependabot in sigstore/sigstore#1741

build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @dependabot in sigstore/sigstore#1743

build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1742

build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740

build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 in the all group by @dependabot in sigstore/sigstore#1746

build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates by @dependabot in sigstore/sigstore#1744

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1745

build(deps): Bump dexidp/dex from v2.39.1 to v2.40.0 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1748

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1749

Update to latest letsencrypt/boulder. by @kommendorkapten in sigstore/sigstore#1753

build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 in the all group by @dependabot in sigstore/sigstore#1760

build(deps): Bump the all group in /pkg/signature/kms/aws with 2 updates by @dependabot in sigstore/sigstore#1759

build(deps): Bump the all group in /test/e2e with 2 updates by @dependabot in sigstore/sigstore#1758

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1756

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755

build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1765

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1764

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762

build(deps): Bump the all group across 1 directory with 6 updates by @dependabot in sigstore/sigstore#1763

Full Changelog: sigstore/sigstore@v1.8.4...v1.8.5

v1.8.4

What's Changed

finish move of reusable-release to sigstore/community by @bobcallaway in sigstore/sigstore#1699

update Makefile so CodeQL covers all go files by @bobcallaway in sigstore/sigstore#1700

bump go to 1.21 by @bobcallaway in sigstore/sigstore#1701

pin container images to quiet scorecard alert by @bobcallaway in sigstore/sigstore#1709

set gh action perms by @bobcallaway in sigstore/sigstore#1710

tuf: Remove debug metadata downloads by @jku in sigstore/sigstore#1717

Fix Hashicorp Vault KMS to use PKCS1 v1.5 by @berkitamas in sigstore/sigstore#1736

New Contributors

@jku made their first contribution in sigstore/sigstore#1717

... (truncated)

Commits

5d4e11e Bump goodkey, fix breakage (#1761)
63cab17 sync go mod
115c2b2 build(deps): Bump the all group across 1 directory with 6 updates
8503e22 build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
39973a8 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
58a8301 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
71ace11 build(deps): Bump github.com/hashicorp/go-retryablehttp
b777e4b build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
5ea648c build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
a3666d9 build(deps): Bump the all group in /test/e2e with 2 updates
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.3 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.

v1.8.6

What's Changed

Bump goodkey, fix breakage by @jonjohnsonjr in sigstore/sigstore#1761

New Contributors

@jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @dependabot in sigstore/sigstore#1741

build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @dependabot in sigstore/sigstore#1743

build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1742

build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740

build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 in the all group by @dependabot in sigstore/sigstore#1746

build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates by @dependabot in sigstore/sigstore#1744

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1745

build(deps): Bump dexidp/dex from v2.39.1 to v2.40.0 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1748

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1749

Update to latest letsencrypt/boulder. by @kommendorkapten in sigstore/sigstore#1753

build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 in the all group by @dependabot in sigstore/sigstore#1760

build(deps): Bump the all group in /pkg/signature/kms/aws with 2 updates by @dependabot in sigstore/sigstore#1759

build(deps): Bump the all group in /test/e2e with 2 updates by @dependabot in sigstore/sigstore#1758

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1756

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755

build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1765

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1764

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762

build(deps): Bump the all group across 1 directory with 6 updates by @dependabot in sigstore/sigstore#1763

Full Changelog: sigstore/sigstore@v1.8.4...v1.8.5

v1.8.4

What's Changed

finish move of reusable-release to sigstore/community by @bobcallaway in sigstore/sigstore#1699

update Makefile so CodeQL covers all go files by @bobcallaway in sigstore/sigstore#1700

bump go to 1.21 by @bobcallaway in sigstore/sigstore#1701

pin container images to quiet scorecard alert by @bobcallaway in sigstore/sigstore#1709

set gh action perms by @bobcallaway in sigstore/sigstore#1710

tuf: Remove debug metadata downloads by @jku in sigstore/sigstore#1717

Fix Hashicorp Vault KMS to use PKCS1 v1.5 by @berkitamas in sigstore/sigstore#1736

New Contributors

@jku made their first contribution in sigstore/sigstore#1717

... (truncated)

Commits

5d4e11e Bump goodkey, fix breakage (#1761)
63cab17 sync go mod
115c2b2 build(deps): Bump the all group across 1 directory with 6 updates
8503e22 build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
39973a8 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
58a8301 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
71ace11 build(deps): Bump github.com/hashicorp/go-retryablehttp
b777e4b build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
5ea648c build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
a3666d9 build(deps): Bump the all group in /test/e2e with 2 updates
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.3 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.

v1.8.6

What's Changed

Bump goodkey, fix breakage by @jonjohnsonjr in sigstore/sigstore#1761

New Contributors

@jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @dependabot in sigstore/sigstore#1741

build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @dependabot in sigstore/sigstore#1743

build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1742

build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740

build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 in the all group by @dependabot in sigstore/sigstore#1746

build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates by @dependabot in sigstore/sigstore#1744

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1745

build(deps): Bump dexidp/dex from v2.39.1 to v2.40.0 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1748

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1749

Update to latest letsencrypt/boulder. by @kommendorkapten in sigstore/sigstore#1753

build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 in the all group by @dependabot in sigstore/sigstore#1760

build(deps): Bump the all group in /pkg/signature/kms/aws with 2 updates by @dependabot in sigstore/sigstore#1759

build(deps): Bump the all group in /test/e2e with 2 updates by @dependabot in sigstore/sigstore#1758

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1756

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755

build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766

build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @dependabot in sigstore/sigstore#1765

build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @dependabot in sigstore/sigstore#1764

build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762

build(deps): Bump the all group across 1 directory with 6 updates by @dependabot in sigstore/sigstore#1763

Full Changelog: sigstore/sigstore@v1.8.4...v1.8.5

v1.8.4

What's Changed

finish move of reusable-release to sigstore/community by @bobcallaway in sigstore/sigstore#1699

update Makefile so CodeQL covers all go files by @bobcallaway in sigstore/sigstore#1700

bump go to 1.21 by @bobcallaway in sigstore/sigstore#1701

pin container images to quiet scorecard alert by @bobcallaway in sigstore/sigstore#1709

set gh action perms by @bobcallaway in sigstore/sigstore#1710

tuf: Remove debug metadata downloads by @jku in sigstore/sigstore#1717

Fix Hashicorp Vault KMS to use PKCS1 v1.5 by @berkitamas in sigstore/sigstore#1736

New Contributors

@jku made their first contribution in sigstore/sigstore#1717

... (truncated)

Commits

5d4e11e Bump goodkey, fix breakage (#1761)
63cab17 sync go mod
115c2b2 build(deps): Bump the all group across 1 directory with 6 updates
8503e22 build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
39973a8 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
58a8301 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
71ace11 build(deps): Bump github.com/hashicorp/go-retryablehttp
b777e4b build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
5ea648c build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
a3666d9 build(deps): Bump the all group in /test/e2e with 2 updates
Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.3 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.

v1.8.6

What's Changed

Bump goodkey, fix breakage by @jonjohnsonjr in sigstore/sigstore#1761

New Contributors

@jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @dependabot in sigstore/sigstore#1741

build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @dependabot in sigstore/sigstore#1743

build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @dependabot in sigstore/sigstore#1742

build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740

build(deps): Bump actions/dependency-review-action from 4.3.2 to 4...
Description has been truncated

Bumps the all group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [chainguard.dev/go-grpc-kit](https://github.com/chainguard-dev/go-grpc-kit) | `0.17.3` | `0.17.5` | | [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.3` | `1.8.6` | | [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.8.3` | `1.8.6` | | [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.8.3` | `1.8.6` | | [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.8.3` | `1.8.6` | | [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.8.3` | `1.8.6` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.8.0` | `1.8.1` | | [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils) | `0.8.1` | `0.8.3` | Updates `chainguard.dev/go-grpc-kit` from 0.17.3 to 0.17.5 - [Release notes](https://github.com/chainguard-dev/go-grpc-kit/releases) - [Commits](chainguard-dev/go-grpc-kit@v0.17.3...v0.17.5) Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.19.1 to 2.20.0 - [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases) - [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml) - [Commits](grpc-ecosystem/grpc-gateway@v2.19.1...v2.20.0) Updates `github.com/prometheus/client_golang` from 1.19.0 to 1.19.1 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.19.0...v1.19.1) Updates `github.com/sigstore/sigstore` from 1.8.3 to 1.8.6 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.3...v1.8.6) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.3 to 1.8.6 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.3...v1.8.6) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.3 to 1.8.6 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.3...v1.8.6) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.3 to 1.8.6 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.3...v1.8.6) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.3 to 1.8.6 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.8.3...v1.8.6) Updates `github.com/spf13/cobra` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.0...v1.8.1) Updates `google.golang.org/api` from 0.172.0 to 0.185.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.172.0...v0.185.0) Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240311132316-a219d84964c2 to 0.0.0-20240610135401-a8a62080eff3 - [Commits](https://github.com/googleapis/go-genproto/commits) Updates `google.golang.org/grpc` from 1.63.2 to 1.64.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.63.2...v1.64.0) Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.2 Updates `sigs.k8s.io/release-utils` from 0.8.1 to 0.8.3 - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.8.1...v0.8.3) --- updated-dependencies: - dependency-name: chainguard.dev/go-grpc-kit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google.golang.org/genproto/googleapis/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: sigs.k8s.io/release-utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 8, 2024

dependabot bot mentioned this pull request Jul 8, 2024

Bump the all group across 1 directory with 14 updates #416

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all group across 1 directory with 14 updates #419

Bump the all group across 1 directory with 14 updates #419

dependabot bot commented on behalf of github Jul 8, 2024

Bump the all group across 1 directory with 14 updates #419

Are you sure you want to change the base?

Bump the all group across 1 directory with 14 updates #419

Conversation

dependabot bot commented on behalf of github Jul 8, 2024

v0.17.5

What's Changed

v0.17.4

What's Changed

v2.20.0

What's Changed

New Contributors

v1.19.1

What's Changed

New Contributors

Unreleased

v1.8.6

What's Changed

New Contributors

v1.8.5

What's Changed

v1.8.4

What's Changed

New Contributors

v1.8.6

What's Changed

New Contributors

v1.8.5

What's Changed

v1.8.4

What's Changed

New Contributors

v1.8.6

What's Changed

New Contributors

v1.8.5

What's Changed

v1.8.4

What's Changed

New Contributors

v1.8.6

What's Changed

New Contributors

v1.8.5

What's Changed

v1.8.4

What's Changed

New Contributors

v1.8.6

What's Changed

New Contributors

v1.8.5

What's Changed