Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: sigstore/sigstore
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.9.0
Choose a base ref
...
head repository: sigstore/sigstore
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.9.1
Choose a head ref
  • 7 commits
  • 16 files changed
  • 2 contributors

Commits on Mar 10, 2025

  1. Implement default signing algorithms based on the key type (#2014) 

    * pkg/signature: add API to load a default Signer/Verifier for a key

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>

* pkg/signature: allow defaults to handle ambiguities

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>

* pkg/signature: add options to Load*From*Key functions as well

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>

* pkg/signature: switch to names with Default for clarity

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>

---------

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>
    @ret2libc
    ret2libc authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    f577ba0 View commit details
    Browse the repository at this point in the history

  2. build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2022 

    )

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.223.0 to 0.224.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.223.0...v0.224.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    3a14cfc View commit details
    Browse the repository at this point in the history

  3. build(deps): Bump the gomod group across 1 directory with 2 updates (#… 

    …2018)

Bumps the gomod group with 2 updates in the /pkg/signature/kms/aws directory: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/aws/aws-sdk-go-v2/config` from 1.29.8 to 1.29.9
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@config/v1.29.8...config/v1.29.9)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.38.0 to 1.38.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.38.1/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.38.0...service/s3/v1.38.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    0a8c5d7 View commit details
    Browse the repository at this point in the history

  4. build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2020 

    )

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.35.0 to 0.36.0.
- [Commits](golang/crypto@v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    9193344 View commit details
    Browse the repository at this point in the history

  5. build(deps): Bump the gomod group across 1 directory with 2 updates (#… 

    …2018)

Bumps the gomod group with 2 updates in the /pkg/signature/kms/aws directory: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/aws/aws-sdk-go-v2/config` from 1.29.8 to 1.29.9
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@config/v1.29.8...config/v1.29.9)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.38.0 to 1.38.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.38.1/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.38.0...service/s3/v1.38.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    3e1a5a1 View commit details
    Browse the repository at this point in the history

  6. build(deps): Bump github.com/sigstore/sigstore (#2016) 

    Bumps the tools group with 1 update in the /test/fuzz directory: [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore).


Updates `github.com/sigstore/sigstore` from 1.8.15 to 1.9.0
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](v1.8.15...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    263d8ec View commit details
    Browse the repository at this point in the history

  7. build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp (#2021) 

    Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.27.0 to 0.28.0.
- [Commits](golang/oauth2@v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 10, 2025
    Configuration menu
    Copy the full SHA
    760d02f View commit details
    Browse the repository at this point in the history
Loading