Skip to content

Bump the all group across 1 directory with 26 updates#1347

Merged
PuneetPunamiya merged 1 commit intomainfrom
dependabot/go_modules/all-e6c4cb7914
May 5, 2025
Merged

Bump the all group across 1 directory with 26 updates#1347
PuneetPunamiya merged 1 commit intomainfrom
dependabot/go_modules/all-e6c4cb7914

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2025
edited
Loading

Bumps the all group with 10 updates in the / directory:

Package From To
cloud.google.com/go/storage 1.50.0 1.52.0
github.com/fsnotify/fsnotify 1.8.0 1.9.0
github.com/golangci/golangci-lint 1.63.4 1.64.8
github.com/in-toto/archivista 0.9.0 0.9.1
github.com/sigstore/cosign/v2 2.4.2 2.5.0
github.com/sigstore/rekor 1.3.9 1.3.10
github.com/tektoncd/pipeline 0.68.0 1.0.0
gocloud.dev 0.40.0 0.41.0
gocloud.dev/docstore/mongodocstore 0.40.0 0.41.0
gocloud.dev/pubsub/kafkapubsub 0.40.0 0.41.0

Updates cloud.google.com/go/storage from 1.50.0 to 1.52.0

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.52.0

1.52.0 (2025-04-22)

Features

  • storage/control: Add Anywhere cache control APIs (#11807) (12bfa98)
  • storage: Add CurrentState function to determine state of stream in MRD (#11688) (14e8e13)
  • storage: Add OwnerEntity to bucketAttrs (#11857) (4cd4a0c)
  • storage: Takeover appendable object (#11977) (513b937)
  • storage: Unfinalized appendable objects. (#11647) (52c0218)

Bug Fixes

  • storage: Fix Attrs for append takeover (#11989) (6db35b1)
  • storage: Fix panic when Flush called early (#11934) (7d0b8a7)
  • storage: Fix unfinalized write size (#12016) (6217f8f)
  • storage: Force first message on next sendBuffer when nothing sent on current (#11871) (a1a2292)
  • storage: Populate Writer.Attrs after Flush() (#12021) (8e56f74)
  • storage: Remove check for FinalizeOnClose (#11992) (2664b8c)
  • storage: Wrap read response parsing errors (#11951) (d2e6583)
Commits
  • 2d16516 chore(main): release spanner 1.52.0 (#8919)
  • ca2493f fix(storage): do not inhibit the dead code elimination. (#8543)
  • 19414ae docs(datastore): replace deprecated func in docs (#8989)
  • aa385f9 fix(logging): added marshalling methods for proto fields in structuredLogEntr...
  • 9af7e85 chore(changefinder): support nested commit format (#8998)
  • 7a46b54 feat(internal/trace): add OpenTelemetry support (#8655)
  • 8b71c23 chore: release main (#8973)
  • e3a209d chore(main): release storage 1.35.1 (#8997)
  • 8e63c70 feat(edgenetwork): new client(s) (#8996)
  • ba23673 chore(redis/cluster): Configure clients for google-cloud-redis-cluster (#8980)
  • Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.9.0

Changes and fixes

  • all: make BufferedWatcher buffered again (#657)

  • inotify: fix race when adding/removing watches while a watched path is being deleted (#678, #686)

  • inotify: don't send empty event if a watched path is unmounted (#655)

  • inotify: don't register duplicate watches when watching both a symlink and its target; previously that would get "half-added" and removing the second would panic (#679)

  • kqueue: fix watching relative symlinks (#681)

  • kqueue: correctly mark pre-existing entries when watching a link to a dir on kqueue (#682)

  • illumos: don't send error if changed file is deleted while processing the event (#678)

#657: fsnotify/fsnotify#657 #678: fsnotify/fsnotify#678 #686: fsnotify/fsnotify#686 #655: fsnotify/fsnotify#655 #681: fsnotify/fsnotify#681 #679: fsnotify/fsnotify#679 #682: fsnotify/fsnotify#682

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.9.0 2024-04-04

Changes and fixes

  • all: make BufferedWatcher buffered again (#657)

  • inotify: fix race when adding/removing watches while a watched path is being deleted (#678, #686)

  • inotify: don't send empty event if a watched path is unmounted (#655)

  • inotify: don't register duplicate watches when watching both a symlink and its target; previously that would get "half-added" and removing the second would panic (#679)

  • kqueue: fix watching relative symlinks (#681)

  • kqueue: correctly mark pre-existing entries when watching a link to a dir on kqueue (#682)

  • illumos: don't send error if changed file is deleted while processing the event (#678)

#657: fsnotify/fsnotify#657 #678: fsnotify/fsnotify#678 #686: fsnotify/fsnotify#686 #655: fsnotify/fsnotify#655 #681: fsnotify/fsnotify#681 #679: fsnotify/fsnotify#679 #682: fsnotify/fsnotify#682

Commits
  • ae0e792 Release 1.9.0
  • 644fbb6 Add test to ensure Add()/Remove() works when not reading events
  • e7ec5f7 Fix staticcheck in CI
  • d321760 Update changelog
  • dbe0717 Remove AIX/AHFS from README
  • 2d897ca Simplify inotify backend locking
  • 868a000 Test gccgo in CI
  • 8f6d48b Move some shared code to a shared struct
  • e48b91a Add timeout-minutes in GitHub actions
  • c9507a5 Correctly mark pre-existing entries when watching a link to a dir on kqueue
  • Additional commits viewable in compare view

Updates github.com/golangci/golangci-lint from 1.63.4 to 1.64.8

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.64.8

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 8b37f14162043f908949f1b363d061dc9ba713c0 fix: check version of the configuration (#5564)

v1.64.7

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 94946f3c52a89774b2c7d255311c34f17f8fac7a build(deps): bump github.com/OpenPeeDeeP/depguard/v2 from 2.2.0 to 2.2.1 (#5509)
  • 132365e252c985a191c6eaea3f0cc01ca9120ccc build(deps): bump github.com/golangci/dupl from 3e9179ac440a to f665c8d69b32 (#5512)
  • bddd1bcedbc2f3d767e2362be91ff9eb481493cd build(deps): bump github.com/securego/gosec/v2 from 2.22.1 to 2.22.2 (#5515)
  • 624fb4e717dc89f1b55d6a84a69355fe64d60036 build(deps): bump golang.org/x/mod from 0.23.0 to 0.24.0 (#5507)
  • 8cffdb7d21e5b2b89f163f70c60ac9686c9d6180 build(deps): bump golang.org/x/oauth2 from 0.27.0 to 0.28.0 in /scripts/gen_github_action_config in the scripts group (#5521)
  • 7a3f3d7c941475ee01edca221c44ea5ba59290a3 build(deps): bump golang.org/x/tools from 0.30.0 to 0.31.0 (#5508)
  • c13fd5b7627c436246f36044a575990b5ec75c7d build(deps): bump honnef.co/go/tools from 0.6.0 to 0.6.1 (#5510)

v1.64.6

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 3d28c57b576da4671faa9ec73890a6dd63f021ef Require type for oneOf mutual exclusion (#5426)
  • 84ab7530439226915db56606ca08cadaa05d2dae build(deps): bump 4d63.com/gocheckcompilerdirectives from 1.2.1 to 1.3.0 (#5485)
  • 9fddfc4769d6300e7c29ca3e5c2c8ffbe8caa9f8 build(deps): bump github.com/4meepo/tagalign from 1.4.1 to 1.4.2 (#5430)
  • 404916a76cdfb5741677e9bdfd2e2cee8595d65c build(deps): bump github.com/GaijinEntertainment/go-exhaustruct/v3 from 3.3.0 to 3.3.1 (#5467)
  • 3b6b9da36740ba61c3b0878a96b2fdc1a40eeb29 build(deps): bump github.com/catenacyber/perfsprint from 0.8.1 to 0.8.2 (#5441)
  • 336b21bb5c21d6538d6b1d8aa1fc3c778a8d0212 build(deps): bump github.com/kisielk/errcheck from 1.8.0 to 1.9.0 (#5447)
  • baad5bb7bd258e693266831b4a2b3dbf330405b6 build(deps): bump github.com/kkHAIKE/contextcheck from 1.1.5 to 1.1.6 (#5482)
  • 9e832c95a4156a00d3a899ec567eba071fe50507 build(deps): bump github.com/ldez/exptostd from 0.4.1 to 0.4.2 (#5456)
  • f2c630353beae8e62bbd71821de0ec56161fd567 build(deps): bump github.com/mgechev/revive from 1.6.1 to 1.7.0 (#5422)
  • 9a2423aa4bbbb26b3b8954a208abadc053c6e9c8 build(deps): bump github.com/nunnatsa/ginkgolinter from 0.19.0 to 0.19.1 (#5435)

... (truncated)

Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.64.8

  • Detects use of configuration files from golangci-lint v2

v1.64.7

  1. Linters bug fixes
    • depguard: from 2.2.0 to 2.2.1
    • dupl: from 3e9179ac440a to f665c8d69b32
    • gosec: from 2.22.1 to 2.22.2
    • staticcheck: from 0.6.0 to 0.6.1
  2. Documentation
    • Add GitLab documentation

v1.64.6

  1. Linters bug fixes
    • asciicheck: from 0.4.0 to 0.4.1
    • contextcheck: from 1.1.5 to 1.1.6
    • errcheck: from 1.8.0 to 1.9.0
    • exptostd: from 0.4.1 to 0.4.2
    • ginkgolinter: from 0.19.0 to 0.19.1
    • go-exhaustruct: from 3.3.0 to 3.3.1
    • gocheckcompilerdirectives: from 1.2.1 to 1.3.0
    • godot: from 1.4.20 to 1.5.0
    • perfsprint: from 0.8.1 to 0.8.2
    • revive: from 1.6.1 to 1.7.0
    • tagalign: from 1.4.1 to 1.4.2

v1.64.5

  1. Bug fixes
    • Add missing flag new-from-merge-base-flag
  2. Linters bug fixes
    • asciicheck: from 0.3.0 to 0.4.0
    • forcetypeassert: from 0.1.0 to 0.2.0
    • gosec: from 2.22.0 to 2.22.1

v1.64.4

  1. Linters bug fixes
    • gci: fix standard packages list for go1.24

v1.64.3

  1. Linters bug fixes
    • ginkgolinter: from 0.18.4 to 0.19.0
    • go-critic: from 0.11.5 to 0.12.0
    • revive: from 1.6.0 to 1.6.1
    • gci: fix standard packages list for go1.24

... (truncated)

Commits
  • 8b37f14 fix: check version of the configuration (#5564)
  • 7bcf51e docs: update documentation assets (#5527)
  • 2e83e32 docs: update GitHub Action assets (#5528)
  • 8cffdb7 build(deps): bump golang.org/x/oauth2 from 0.27.0 to 0.28.0 in /scripts/gen_g...
  • bddd1bc build(deps): bump github.com/securego/gosec/v2 from 2.22.1 to 2.22.2 (#5515)
  • 132365e build(deps): bump github.com/golangci/dupl from 3e9179ac440a to f665c8d69b32 ...
  • c13fd5b build(deps): bump honnef.co/go/tools from 0.6.0 to 0.6.1 (#5510)
  • 94946f3 build(deps): bump github.com/OpenPeeDeeP/depguard/v2 from 2.2.0 to 2.2.1 (#5509)
  • 7a3f3d7 build(deps): bump golang.org/x/tools from 0.30.0 to 0.31.0 (#5508)
  • 624fb4e build(deps): bump golang.org/x/mod from 0.23.0 to 0.24.0 (#5507)
  • Additional commits viewable in compare view

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

  • (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

  • (#370) Detect proto.Message types when failing to export a field
Commits

Updates github.com/in-toto/archivista from 0.9.0 to 0.9.1

Release notes

Sourced from github.com/in-toto/archivista's releases.

v0.9.1

Changelog

Commits
  • 244f9b8 fix: use created listener when serving tls (#530)
  • 7d3f227 chore: bump github.com/99designs/gqlgen from 0.17.68 to 0.17.70 (#528)
  • 76e5637 chore: bump github.com/minio/minio-go/v7 from 7.0.88 to 7.0.89 (#527)
  • 99e5f84 chore: bump the github-actions group with 3 updates (#525)
  • 9100769 build: Update pre-commit hooks (#514)
  • 0ec9841 chore: bump entgo.io/ent from 0.14.3 to 0.14.4 (#519)
  • e799d2d chore: bump github.com/go-sql-driver/mysql from 1.9.0 to 1.9.1 (#518)
  • 5636995 chore: bump github.com/99designs/gqlgen from 0.17.66 to 0.17.68 (#517)
  • 2265a02 chore: group dependabot gha (#516)
  • a720fe8 chore: bump actions/setup-go from 5.3.0 to 5.4.0 (#521)
  • Additional commits viewable in compare view

Updates github.com/in-toto/go-witness from 0.7.0 to 0.8.1

Release notes

Sourced from github.com/in-toto/go-witness's releases.

v0.8.1

What's Changed

New Contributors

Full Changelog: in-toto/go-witness@v0.8.0...v0.8.1

v0.8.0

What's Changed

Full Changelog: in-toto/go-witness@v0.7.0...v0.8.0

Commits
  • 57257a2 chore: bump actions/download-artifact from 4.1.8 to 4.1.9 (#444)
  • 30c8360 fix: --dirhash-glob fails with symlinked directories (#442) (#445)
  • 4bc803b chore: bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 in the go_modul...
  • ad1aefe chore: bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 in the go_modul...
  • da87dc1 chore: bump actions/upload-artifact from 4.6.0 to 4.6.1 (#439)
  • a29387d chore: bump github/codeql-action from 3.28.9 to 3.28.10 (#438)
  • f9c44b6 chore: bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#437)
  • 9986dee chore: bump google.golang.org/protobuf from 1.36.4 to 1.36.5 (#436)
  • e1de655 chore: bump github.com/sigstore/sigstore from 1.8.14 to 1.8.15 (#435)
  • 9026745 chore: bump golangci/golangci-lint-action from 6.3.2 to 6.5.0 (#434)
  • Additional commits viewable in compare view

Updates github.com/sigstore/cosign/v2 from 2.4.2 to 2.5.0

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.5.0 includes an implementation of the new bundle specification, attesting and verifying OCI image attestations uploaded as OCI artifacts. This feature is currently gated behind the --new-bundle-format flag when running cosign attest.

Features

  • Add support for new bundle specification for attesting/verifying OCI image attestations (#3889)
  • Feat/non filename completions (#4115)
  • Add TSA certificate related flags and fields for cosign attest (#4079)

Fixes

  • cmd/cosign/cli: fix typo in ignoreTLogMessage (#4111)
  • Fix replace with compliant image mediatype (#4077)

v2.4.3

Features

  • Bump sigstore/sigstore to support KMS plugins (#4073)
  • Enable fetching signatures without remote get. (#4047)
  • Feat/file flag completion improvements (#4028)
  • Update builder to use go1.23.6 (#4052)

Bug Fixes

  • fix parsing error in --only for cosign copy (#4049)

Cleanup

  • Refactor verifyNewBundle into library function (#4013)
  • fix comment typo and imports order (#4061)
  • sync comment with parameter name in function signature (#4063)
  • sort properly Go imports (#4071)

Contributors

  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Cody Soyland
  • Dmitry Savintsev
  • Hayden B
  • Tomasz Janiszewski
  • Ville Skyttä
Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.5.0

v2.5.0 includes an implementation of the new bundle specification, attesting and verifying OCI image attestations uploaded as OCI artifacts. This feature is currently gated behind the --new-bundle-format flag when running cosign attest.

Features

  • Add support for new bundle specification for attesting/verifying OCI image attestations (#3889)
  • Feat/non filename completions (#4115)
  • Add TSA certificate related flags and fields for cosign attest (#4079)

Fixes

  • cmd/cosign/cli: fix typo in ignoreTLogMessage (#4111)
  • Fix replace with compliant image mediatype (#4077)

Contributors

  • Bob Callaway
  • Carlos Tadeu Panato Junior
  • Cody Soyland
  • Dmitry Savintsev
  • Hayden B
  • Ramon Petgrave
  • Riccardo Schirone
  • Stef Graces
  • Ville Skyttä

v2.4.3

Features

  • Bump sigstore/sigstore to support KMS plugins (#4073)
  • Enable fetching signatures without remote get. (#4047)
  • Feat/file flag completion improvements (#4028)
  • Update builder to use go1.23.6 (#4052)

Bug Fixes

  • fix parsing error in --only for cosign copy (#4049)

Cleanup

  • Refactor verifyNewBundle into library function (#4013)
  • fix comment typo and imports order (#4061)
  • sync comment with parameter name in function signature (#4063)
  • sort properly Go imports (#4071)

... (truncated)

Commits
  • 38bb986 chore(deps): bump cuelang.org/go in the gomod group across 1 directory (#4154)
  • 076da85 chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4149)
  • e7099da chore(deps): bump github.com/buildkite/agent/v3 from 3.93.1 to 3.95.1 (#4139)
  • c351ca8 chore(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 (#4147)
  • 76d23ba Update sigstore-go to pick up bug fixes (#4150)
  • c6c96ea chore(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0 (#4148)
  • 6e7a9f9 Update golangci-lint to v2, update golangci-lint-action (#4143)
  • 37bae90 Feat/non filename completions (#4115)
  • 4c32996 chore(deps): bump the gomod group with 5 updates (#4129)
  • 11b12fa chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#4125)
  • Additional commits viewable in compare view

Updates github.com/sigstore/rekor from 1.3.9 to 1.3.10

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.10

Note that Rekor v1 is in maintenance mode as we are actively developing its successor, Rekor v2, designed to be easy to maintain and cheaper to operate. See the README for more information.

Features

  • Added --client-signing-algorithms flag (#1974)

Fixes / Misc

  • emit unpopulated values when marshalling (#2438)
  • pkg/api: better logs when algorithm registry rejects a key (#2429)
  • chore: improve mysql readiness checks (#2397)

Thanks for all contributors!

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.10

Note that Rekor v1 is in maintenance mode as we are actively developing its successor, Rekor v2, designed to be easy to maintain and cheaper to operate.. See the README for more information.

Features

  • Added --client-signing-algorithms flag (#1974)

Fixes / Misc

  • emit unpopulated values when marshalling (#2438)
  • pkg/api: better logs when algorithm registry rejects a key (#2429)
  • chore: improve mysql readiness checks (#2397)

Contributors

  • Bob Callaway
  • cangqiaoyuzhuo
  • Carlos Tadeu Panato Junior
  • cpanato
  • Hayden B
  • Praful Khanduri
  • Ramon Petgrave
  • Riccardo Schirone
  • rubyisrust
  • Sascha Grunert
Commits
  • 4118a64 emit unpopulated values when marshalling (#2438)
  • 7de4a80 build(deps): Bump github/codeql-action in the all group (#2430)
  • 8f8fb19 Bump all deps (#2435)
  • 7b74193 pkg/api: better logs when algorithm registry rejects a key (#2429)
  • 5bda6f9 build(deps): Bump golang from 1.24.1 to 1.24.2 in the all group (#2432)
  • 43c9d2b build(deps): Bump google.com/cloudsdktool/google-cloud-cli (#2433)
  • 30c2d4e increase timeouts for docker compose script (#2428)
  • 2674953 build(deps): Bump golang from fa145a3 to 52ff1b3 (#2419)
  • be62621 build(deps): Bump the all group with 3 updates (#2424)
  • 6b2458f build(deps): Bump github/codeql-action in the all group (#2422)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore from 1.8.15 to 1.9.1

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.9.1

What's Changed

Full Changelog: sigstore/sigstore@v1.9.0...v1.9.1

v1.9.0

What's Changed

Full Changelog: sigstore/sigstore@v1.8.15...v1.9.0

Commits
  • 760d02f build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp (#2021)
  • 263d8ec build(deps): Bump github.com/sigstore/sigstore (#2016)
  • 3e1a5a1 build(deps): Bump the gomod group across 1 directory with 2 updates (#2018)
  • 9193344 build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2020)
  • 0a8c5d7 build(deps): Bump the gomod group across 1 directory with 2 updates (#2018)
  • 3a14cfc build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2022)
  • f577ba0 Implement default signing algorithms based on the key type (#2014)
  • a304698 pkg/signature: expose Algorithm Details information (#2001)
  • bf09332 build(deps): Bump actions/cache from 4.2.1 to 4.2.2 in the all group (#2013)
  • 47d4326 build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#2011)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.12 to 1.9.1

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.

v1.9.1

What's Changed

Full Changelog: sigstore/sigstore@v1.9.0...v1.9.1

v1.9.0

What's Changed

Full Changelog: sigstore/sigstore@v1.8.15...v1.9.0

v1.8.15

What's Changed

Full Changelog: sigstore/sigstore@v1.8.14...v1.8.15

v1.8.14

What's Changed

This is the same content as v1.8.13, with a CI/CD fix.

v1.8.13

What's Changed

... (truncated)

Commits
  • 760d02f build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp (#2021)
  • 263d8ec build(deps): Bump github.com/sigstore/sigstore (#2016)
  • 3e1a5a1 build(deps): Bump the gomod group across 1 directory with 2 updates (#2018)
  • 9193344 build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2020)
  • 0a8c5d7 build(deps): Bump the gomod group across 1 directory with 2 updates (#2018)
  • 3a14cfc build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2022)
  • f577ba0 Implement default signing algorithms based on the key type (#2014)
  • a304698 pkg/signature: expose Algorithm Details information (#2001)
  • bf09332 build(deps): Bump actions/cache from 4.2.1 to 4.2.2 in the all group (#2013)
  • 47d4326 build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#2011)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.12 to 1.9.1

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.

v1.9.1

What's Changed

Full Changelog: sigstore/sigstore@v1.9.0...v1.9.1

v1.9.0

What's Changed

Full Changelog: sigstore/sigstore@v1.8.15...v1.9.0

v1.8.15

What's Changed

Full Changelog: sigstore/sigstore@v1.8.14...v1.8.15

v1.8.14

What's Changed

This is the same content as v1.8.13, with a CI/CD fix.

@dependabot
Bump the all group across 1 directory with 26 updates
fed0803 
Bumps the all group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.50.0` | `1.52.0` |
| [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) | `1.8.0` | `1.9.0` |
| [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) | `1.63.4` | `1.64.8` |
| [github.com/in-toto/archivista](https://github.com/in-toto/archivista) | `0.9.0` | `0.9.1` |
| [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.4.2` | `2.5.0` |
| [github.com/sigstore/rekor](https://github.com/sigstore/rekor) | `1.3.9` | `1.3.10` |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.68.0` | `1.0.0` |
| [gocloud.dev](https://github.com/google/go-cloud) | `0.40.0` | `0.41.0` |
| [gocloud.dev/docstore/mongodocstore](https://github.com/google/go-cloud) | `0.40.0` | `0.41.0` |
| [gocloud.dev/pubsub/kafkapubsub](https://github.com/google/go-cloud) | `0.40.0` | `0.41.0` |



Updates `cloud.google.com/go/storage` from 1.50.0 to 1.52.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@spanner/v1.50.0...spanner/v1.52.0)

Updates `github.com/fsnotify/fsnotify` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md)
- [Commits](fsnotify/fsnotify@v1.8.0...v1.9.0)

Updates `github.com/golangci/golangci-lint` from 1.63.4 to 1.64.8
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.63.4...v1.64.8)

Updates `github.com/google/go-cmp` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.6.0...v0.7.0)

Updates `github.com/in-toto/archivista` from 0.9.0 to 0.9.1
- [Release notes](https://github.com/in-toto/archivista/releases)
- [Changelog](https://github.com/in-toto/archivista/blob/main/.goreleaser.yaml)
- [Commits](in-toto/archivista@v0.9.0...v0.9.1)

Updates `github.com/in-toto/go-witness` from 0.7.0 to 0.8.1
- [Release notes](https://github.com/in-toto/go-witness/releases)
- [Changelog](https://github.com/in-toto/go-witness/blob/main/.goreleaser.yaml)
- [Commits](in-toto/go-witness@v0.7.0...v0.8.1)

Updates `github.com/sigstore/cosign/v2` from 2.4.2 to 2.5.0
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v2.4.2...v2.5.0)

Updates `github.com/sigstore/rekor` from 1.3.9 to 1.3.10
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](sigstore/rekor@v1.3.9...v1.3.10)

Updates `github.com/sigstore/sigstore` from 1.8.15 to 1.9.1
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.15...v1.9.1)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.12 to 1.9.1
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.12...v1.9.1)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.12 to 1.9.1
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.12...v1.9.1)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.12 to 1.9.1
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.12...v1.9.1)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.12 to 1.9.1
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.12...v1.9.1)

Updates `github.com/tektoncd/pipeline` from 0.68.0 to 1.0.0
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v0.68.0...v1.0.0)

Updates `gocloud.dev` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](google/go-cloud@v0.40.0...v0.41.0)

Updates `gocloud.dev/docstore/mongodocstore` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](google/go-cloud@v0.40.0...v0.41.0)

Updates `gocloud.dev/pubsub/kafkapubsub` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](google/go-cloud@v0.40.0...v0.41.0)

Updates `golang.org/x/crypto` from 0.33.0 to 0.37.0
- [Commits](golang/crypto@v0.33.0...v0.37.0)

Updates `golang.org/x/exp` from 0.0.0-20241108190413-2d47ceb2692f to 0.0.0-20250210185358-939b2ce775ac
- [Commits](https://github.com/golang/exp/commits)

Updates `google.golang.org/grpc` from 1.70.0 to 1.71.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.70.0...v1.71.1)

Updates `google.golang.org/protobuf` from 1.36.4 to 1.36.6

Updates `k8s.io/api` from 0.32.1 to 0.32.2
- [Commits](kubernetes/api@v0.32.1...v0.32.2)

Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.4
- [Commits](kubernetes/apimachinery@v0.32.1...v0.32.4)

Updates `k8s.io/client-go` from 0.32.1 to 0.32.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.32.1...v0.32.2)

Updates `k8s.io/code-generator` from 0.32.1 to 0.32.2
- [Commits](kubernetes/code-generator@v0.32.1...v0.32.2)

Updates `knative.dev/pkg` from 0.0.0-20240416145024-0f34a8815650 to 0.0.0-20250415155312-ed3e2158b883
- [Commits](https://github.com/knative/pkg/commits)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-version: 1.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/fsnotify/fsnotify
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/golangci/golangci-lint
  dependency-version: 1.64.8
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/google/go-cmp
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/in-toto/archivista
  dependency-version: 0.9.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/in-toto/go-witness
  dependency-version: 0.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/cosign/v2
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/rekor
  dependency-version: 1.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-version: 1.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-version: 1.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-version: 1.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-version: 1.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
  dependency-version: 1.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/tektoncd/pipeline
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: gocloud.dev
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gocloud.dev/docstore/mongodocstore
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gocloud.dev/pubsub/kafkapubsub
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/crypto
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/exp
  dependency-version: 0.0.0-20250210185358-939b2ce775ac
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-version: 1.71.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-version: 0.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.32.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-version: 0.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/code-generator
  dependency-version: 0.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: knative.dev/pkg
  dependency-version: 0.0.0-20250415155312-ed3e2158b883
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels May 1, 2025
@tekton-robot
Copy link

tekton-robot commented May 1, 2025

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label May 1, 2025
@PuneetPunamiya
Copy link
Member

PuneetPunamiya commented May 4, 2025

/approve
/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label May 4, 2025
@tekton-robot
Copy link

tekton-robot commented May 4, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: PuneetPunamiya

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 4, 2025
@PuneetPunamiya PuneetPunamiya merged commit 164a1b2 into main May 5, 2025
15 of 16 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/all-e6c4cb7914 branch May 5, 2025 18:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chitrangpatel chitrangpatel Awaiting requested review from chitrangpatel

@PuneetPunamiya PuneetPunamiya Awaiting requested review from PuneetPunamiya

Assignees

@PuneetPunamiya PuneetPunamiya

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tekton-robot @PuneetPunamiya