Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: sigstore/sigstore
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.8.11
Choose a base ref
...
head repository: sigstore/sigstore
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.8.12
Choose a head ref
  • 15 commits
  • 21 files changed
  • 2 contributors

Commits on Dec 17, 2024

  1. build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1912 

    )
    @dependabot
    dependabot[bot] authored Dec 17, 2024
    Configuration menu
    Copy the full SHA
    f0ef376 View commit details
    Browse the repository at this point in the history

  2. build(deps): Bump google.golang.org/protobuf in /pkg/signature/kms/gcp ( 

    #1911)
    @dependabot
    dependabot[bot] authored Dec 17, 2024
    Configuration menu
    Copy the full SHA
    69c7f9f View commit details
    Browse the repository at this point in the history

  3. build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all gro… 

    …up (#1909)
    @dependabot
    dependabot[bot] authored Dec 17, 2024
    Configuration menu
    Copy the full SHA
    b0d276f View commit details
    Browse the repository at this point in the history

Commits on Dec 23, 2024

  1. build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1917 

    )
    @dependabot
    dependabot[bot] authored Dec 23, 2024
    Configuration menu
    Copy the full SHA
    2716181 View commit details
    Browse the repository at this point in the history

  2. build(deps): Bump hashicorp/vault in /test/e2e in the all group (#1915)

    @dependabot
    dependabot[bot] authored Dec 23, 2024
    Configuration menu
    Copy the full SHA
    5d0b87d View commit details
    Browse the repository at this point in the history

Commits on Dec 25, 2024

  1. build(deps): Bump the gomod group across 2 directories with 5 updates ( 

    …#1916)

Bumps the gomod group with 3 updates in the /pkg/signature/kms/aws directory: [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2).
Bumps the gomod group with 2 updates in the /pkg/signature/kms/gcp directory: [cloud.google.com/go/kms](https://github.com/googleapis/google-cloud-go) and google.golang.org/protobuf.


Updates `github.com/aws/aws-sdk-go-v2` from 1.32.6 to 1.32.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.32.6...v1.32.7)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.28.6 to 1.28.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.28.6...config/v1.28.7)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.37.7 to 1.37.8
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/kms/v1.37.7...service/kms/v1.37.8)

Updates `cloud.google.com/go/kms` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.20.2...kms/v1.20.3)

Updates `google.golang.org/protobuf` from 1.36.0 to 1.36.1

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: cloud.google.com/go/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 25, 2024
    Configuration menu
    Copy the full SHA
    1f3a09e View commit details
    Browse the repository at this point in the history

Commits on Jan 7, 2025

  1. build(deps): Bump cloud.google.com/go/kms (#1920) 

    Bumps the gomod group with 1 update in the /pkg/signature/kms/gcp directory: [cloud.google.com/go/kms](https://github.com/googleapis/google-cloud-go).


Updates `cloud.google.com/go/kms` from 1.20.3 to 1.20.4
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.20.3...kms/v1.20.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    7b4f423 View commit details
    Browse the repository at this point in the history

  2. build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#… 

    …1924)

Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.11.0...v3.12.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    47e3edd View commit details
    Browse the repository at this point in the history

  3. build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921) 

    * build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.24.0 to 0.25.0.
- [Commits](golang/oauth2@v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod sync

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>
    @dependabot @cpanato
    dependabot[bot] and cpanato authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    cc55882 View commit details
    Browse the repository at this point in the history

  4. build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922) 

    * build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0

Bumps [golang.org/x/term](https://github.com/golang/term) from 0.27.0 to 0.28.0.
- [Commits](golang/term@v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod sync

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>
    @dependabot @cpanato
    dependabot[bot] and cpanato authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    73220ab View commit details
    Browse the repository at this point in the history

  5. build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923) 

    * build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.31.0 to 0.32.0.
- [Commits](golang/crypto@v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod sync

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>
    @dependabot @cpanato
    dependabot[bot] and cpanato authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    125d1dc View commit details
    Browse the repository at this point in the history

  6. build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908) 

    Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.28.0 to 0.31.0.
- [Commits](golang/crypto@v0.28.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    99a57f3 View commit details
    Browse the repository at this point in the history

  7. build(deps): Bump github.com/secure-systems-lab/go-securesystemslib f… 

    …rom 0.8.0 to 0.9.0 (#1910)

* build(deps): Bump github.com/secure-systems-lab/go-securesystemslib

Bumps [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases)
- [Commits](secure-systems-lab/go-securesystemslib@v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: github.com/secure-systems-lab/go-securesystemslib
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* go mod sync

Signed-off-by: cpanato <ctadeu@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: cpanato <ctadeu@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>
    @dependabot @cpanato
    dependabot[bot] and cpanato authored Jan 7, 2025
    Configuration menu
    Copy the full SHA
    57944ce View commit details
    Browse the repository at this point in the history

Commits on Jan 8, 2025

  1. build(deps): Bump the tools group across 1 directory with 2 updates (#… 

    …1913)

Bumps the tools group with 2 updates in the /test/fuzz directory: [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) and [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore).


Updates `github.com/secure-systems-lab/go-securesystemslib` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases)
- [Commits](secure-systems-lab/go-securesystemslib@v0.8.0...v0.9.0)

Updates `github.com/sigstore/sigstore` from 1.8.10 to 1.8.11
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](v1.8.10...v1.8.11)

---
updated-dependencies:
- dependency-name: github.com/secure-systems-lab/go-securesystemslib
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tools
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 8, 2025
    Configuration menu
    Copy the full SHA
    8041221 View commit details
    Browse the repository at this point in the history

  2. cleanup ci (#1927) 

    Signed-off-by: cpanato <ctadeu@gmail.com>
    @cpanato
    cpanato authored Jan 8, 2025
    Configuration menu
    Copy the full SHA
    e28cdf3 View commit details
    Browse the repository at this point in the history
Loading