Comparing changes

)

…2050)

)

…2055) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.13.0 to 3.14.1. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.13.0...v3.14.1) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

….0 (#2053) Bumps [github.com/tink-crypto/tink-go/v2](https://github.com/tink-crypto/tink-go) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/tink-crypto/tink-go/releases) - [Commits](tink-crypto/tink-go@v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: github.com/tink-crypto/tink-go/v2 dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.28.0 to 0.29.0. - [Commits](golang/oauth2@v0.28.0...v0.29.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.29.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…2057) Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.8.2 to 1.9.0. - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](Azure/azure-sdk-for-go@sdk/azidentity/v1.8.2...sdk/azcore/v1.9.0) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…2064)

We now point to the algorithm registry as the source of truth for supported algorithms. This also updates the names of the NIST-standardized algorithms. I've left the thoughts on PQC algs in the policy still, though we may move it out to the alg registry spec. Signed-off-by: Hayden B <haydentherapper@users.noreply.github.com>

This PR is related to sigstore/cosign#4098 - in order to fix that issue, the cosign code has to access the target name to see if it's one of the "fallbacks" or not (and treat it accordingly as explained in the linked issue). I really wanted to keep this change contained to cosign codebase itself, but I just couldn't find a way to do this; I think adding this small PR here shouldn't hurt, as it is fully backwards compatible. Signed-off-by: Slavek Kabrda <bkabrda@redhat.com>

* Update to use Tink v2.3.0 API From sigstore/fulcio#2024. Will update Fulcio and other Sigstore repos to use this shared implementation. Signed-off-by: Hayden B <8418760+haydentherapper@users.noreply.github.com> * Fix linting errors Signed-off-by: Hayden B <8418760+haydentherapper@users.noreply.github.com> --------- Signed-off-by: Hayden B <8418760+haydentherapper@users.noreply.github.com> Co-authored-by: Hayden B <8418760+haydentherapper@users.noreply.github.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Comparing changes

Open a pull request

Commits on Apr 14, 2025

Commits on Apr 15, 2025

Commits on Apr 17, 2025

Commits on Apr 22, 2025

Commits on Apr 24, 2025

This comparison is taking too long to generate.

Uh oh!