chore: Bump distroless/static from d71f4b2 to 6cd937e in /httpserver#1960
Merged
akashsinghal merged 2 commits intodevfrom Dec 3, 2024
Merged
Conversation
Bumps distroless/static from `d71f4b2` to `6cd937e`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
requested review from
jimmyraywv,
luisdlp,
susanshi and
toddysm
as code owners
Codecov ReportAll modified and coverable lines are covered by tests ✅ |
akashsinghal
approved these changes
Dec 3, 2024
dependabot
bot
deleted the
dependabot/docker/httpserver/distroless/static-6cd937e
branch
junczhu
pushed a commit
to junczhu/ratify
that referenced
this pull request
Dec 10, 2024
…ver (notaryproject#1960) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
junczhu
pushed a commit
to junczhu/ratify
that referenced
this pull request
Dec 10, 2024
…project#1876) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 (notaryproject#1877) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump vscode/devcontainers/go from `bdecb4c` to `46f85d1` in /.devcontainer (notaryproject#1879) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> feat: crl cache Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl cache 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl provider Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: added interfaces Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl refactor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl refactor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl refactor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl refactor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: integrate crl to verifier Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmp revocationfactory refactor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: bump up go version to 1.22.8 (notaryproject#1880) Signed-off-by: Binbin Li <libinbin@microsoft.com> Signed-off-by: Binbin Li <libinbin050215@gmail.com> chore: Bump github.com/sigstore/sigstore from 1.8.9 to 1.8.10 (notaryproject#1878) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> docs: design proposal for tag and digest co-existing [ISSUE 1657] (notaryproject#1793) docs: add CRL Design (notaryproject#1789) Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> docs: Create proposal for verifying 'last-n' artifacts only. (notaryproject#1797) Signed-off-by: Susan Shi <huish@microsoft.com> docs: nVersionCount support for KMP design doc (notaryproject#1831) Signed-off-by: Joshua Duffney <jduffney@microsoft.com> ci: retry trivy db update upon failure (notaryproject#1881) Signed-off-by: Binbin Li <libinbin@microsoft.com> chore: Bump anchore/sbom-action from 0.17.4 to 0.17.5 (notaryproject#1882) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ci: fix tagging in publish-ghcr workflow (notaryproject#1884) Signed-off-by: Binbin Li <libinbin@microsoft.com> ci: retry trivy download-db on failure (notaryproject#1883) Signed-off-by: Binbin Li <libinbin@microsoft.com> chore: migrate azure-sdk-for-go/containerregistry to the latest release (notaryproject#1829) Signed-off-by: Shahram Kalantari <shahramk@gmail.com> chore: Bump github/codeql-action from 3.26.13 to 3.27.0 (notaryproject#1887) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> feat: crl fetcher Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl fetcher Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update bytesFetcher Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: crl provider Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: refactor the interface Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: integrate crl to verifier 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: integrate crl to verifier 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: update charts (notaryproject#1892) Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump actions/checkout from 4.2.1 to 4.2.2 (notaryproject#1893) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump actions/setup-go from 5.0.2 to 5.1.0 (notaryproject#1894) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump k8s.io/apimachinery from 0.28.14 to 0.28.15 (notaryproject#1896) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump distroless/static from `26f9b99` to `3a03fc0` in /httpserver (notaryproject#1899) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump k8s.io/client-go from 0.28.14 to 0.28.15 (notaryproject#1897) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump anchore/sbom-action from 0.17.5 to 0.17.6 (notaryproject#1903) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> feat: allow service account annotations (notaryproject#1907) Signed-off-by: Maneesh Singh <mann.biher@yahoo.co.in> feat: add interface for testing Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: implemented interface Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: implemented interface Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> test: working on test cases Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> test: working on test cases 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> test: working on test cases 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> refactor: add cache constructor into fetcher constructor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> refactor: add cache constructor into fetcher constructor 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> refactor: add cache constructor into fetcher constructor 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> test: add cache constructor into fetcher constructor Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> test: add cache constructor into fetcher constructor 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl 1 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github.com/aws/aws-sdk-go-v2 from 1.32.2 to 1.32.3 (notaryproject#1912) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.41 to 1.17.42 (notaryproject#1911) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/AzureAD/microsoft-authentication-library-for-go from 1.2.2 to 1.2.3 (notaryproject#1910) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump anchore/sbom-action from 0.17.6 to 0.17.7 (notaryproject#1915) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (notaryproject#1916) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> feat: support enabled status for kmp keys/certs (notaryproject#1874) Signed-off-by: Joshua Duffney <jduffney@microsoft.com> ci: add cron job to cache trivy db (notaryproject#1918) Signed-off-by: Binbin Li <libinbin@microsoft.com> fix: fix the conditional check on update-trivy-cache job (notaryproject#1919) Signed-off-by: Binbin Li <libinbin@microsoft.com> feat: add support for crl basic functionality with built-in cache (notaryproject#1890) Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> Co-authored-by: Binbin Li <libinbin@microsoft.com> chore: Bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (notaryproject#1920) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.0 to 3.27.1 (notaryproject#1922) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.42 to 1.17.44 (notaryproject#1923) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump golang from `0ca97f4` to `4cfe4a9` in /httpserver (notaryproject#1925) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.1 to 3.27.3 (notaryproject#1926) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> feat: support alibaba cloud rrsa store auth provider (notaryproject#1909) Signed-off-by: dahu.kdh <dahu.kdh@alibaba-inc.com> feat: kmprevocationfactory impl 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl 4 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: kmprevocationfactory impl 5 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: kmprevocationfactory reform Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 4 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 5 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 6 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 7 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update implementations 8 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github/codeql-action from 3.27.3 to 3.27.4 (notaryproject#1929) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump alpine from `beefdbd` to `1e42bbe` (notaryproject#1937) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump golang from `4cfe4a9` to `147f428` in /httpserver (notaryproject#1936) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump distroless/static from `3a03fc0` to `d71f4b2` in /httpserver (notaryproject#1935) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aliyun/credentials-go from 1.3.10 to 1.3.11 (notaryproject#1934) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.44 to 1.17.45 (notaryproject#1933) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 4.6.0 to 5.0.2 (notaryproject#1932) Signed-off-by: dependabot[bot] <support@github.com> chore: Replace deprecated autorest SDK with azidentity (notaryproject#1904) Signed-off-by: Shahram Kalantari <shahramk@gmail.com> chore: Bump step-security/harden-runner from 2.10.1 to 2.10.2 (notaryproject#1938) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 5.0.2 to 5.0.4 (notaryproject#1939) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 5.0.4 to 5.0.7 (notaryproject#1946) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.4 to 3.27.5 (notaryproject#1945) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump anchore/sbom-action from 0.17.7 to 0.17.8 (notaryproject#1948) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.45 to 1.17.46 (notaryproject#1953) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> fix: add missing pod annotations and labels to deployment spec (notaryproject#1949) Signed-off-by: akashsinghal <akashsinghal@microsoft.com> chore: revert changes in AKV KMP provider Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: add more comments Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: add more comments and fix Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: update logging Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: update test Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: update test 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: limited changes 3 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: more changes applied Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github.com/sigstore/rekor from 1.3.6 to 1.3.7 (notaryproject#1952) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Susan Shi <huish@microsoft.com> Signed-off-by: Binbin Li <libinbin@microsoft.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: bump up golangci-lint version (notaryproject#1961) Signed-off-by: Binbin Li <libinbin050215@gmail.com> fix(tls): allowing TLS when crd-manager disabled (notaryproject#1954) Signed-off-by: Jordan Langue <jordan.langue@doctolib.com> chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.28.3 to 1.28.6 (notaryproject#1957) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump distroless/static from `d71f4b2` to `6cd937e` in /httpserver (notaryproject#1960) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: fix go-lint Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: improve codecov Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix golint Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: remove the CRL Cache in truststore Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: renaming func Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix 1 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix 2 Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github/codeql-action from 3.27.5 to 3.27.6 (notaryproject#1963) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: add more test case Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix golint Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix codecov Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix context reference Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: fix golint Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> build: add image signing for all release images (notaryproject#1947) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com> chore: Bump golang from `73f06be` to `574185e` in /httpserver (notaryproject#1973) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
junczhu
added a commit
to junczhu/ratify
that referenced
this pull request
Dec 18, 2024
Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: update config Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> feat: update crl config Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github/codeql-action from 3.27.3 to 3.27.4 (notaryproject#1929) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump alpine from `beefdbd` to `1e42bbe` (notaryproject#1937) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump golang from `4cfe4a9` to `147f428` in /httpserver (notaryproject#1936) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump distroless/static from `3a03fc0` to `d71f4b2` in /httpserver (notaryproject#1935) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aliyun/credentials-go from 1.3.10 to 1.3.11 (notaryproject#1934) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.44 to 1.17.45 (notaryproject#1933) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 4.6.0 to 5.0.2 (notaryproject#1932) Signed-off-by: dependabot[bot] <support@github.com> chore: Replace deprecated autorest SDK with azidentity (notaryproject#1904) Signed-off-by: Shahram Kalantari <shahramk@gmail.com> chore: Bump step-security/harden-runner from 2.10.1 to 2.10.2 (notaryproject#1938) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 5.0.2 to 5.0.4 (notaryproject#1939) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 5.0.4 to 5.0.7 (notaryproject#1946) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.4 to 3.27.5 (notaryproject#1945) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump anchore/sbom-action from 0.17.7 to 0.17.8 (notaryproject#1948) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.45 to 1.17.46 (notaryproject#1953) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> fix: add missing pod annotations and labels to deployment spec (notaryproject#1949) Signed-off-by: akashsinghal <akashsinghal@microsoft.com> chore: Bump github.com/sigstore/rekor from 1.3.6 to 1.3.7 (notaryproject#1952) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Susan Shi <huish@microsoft.com> Signed-off-by: Binbin Li <libinbin@microsoft.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: bump up golangci-lint version (notaryproject#1961) Signed-off-by: Binbin Li <libinbin050215@gmail.com> fix(tls): allowing TLS when crd-manager disabled (notaryproject#1954) Signed-off-by: Jordan Langue <jordan.langue@doctolib.com> chore: Bump github.com/aws/aws-sdk-go-v2/config from 1.28.3 to 1.28.6 (notaryproject#1957) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump distroless/static from `d71f4b2` to `6cd937e` in /httpserver (notaryproject#1960) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.5 to 3.27.6 (notaryproject#1963) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> build: add image signing for all release images (notaryproject#1947) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com> chore: Bump golang from `73f06be` to `574185e` in /httpserver (notaryproject#1973) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> docs: update dev image release guidance (notaryproject#1974) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com> feat: Implementation of KMP CRL revocation factory with cache (notaryproject#1900) Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> Co-authored-by: Binbin Li <libinbin@microsoft.com> Co-authored-by: Susan Shi <huish@microsoft.com> chore: Bump alpine from `1e42bbe` to `21dc606` (notaryproject#1972) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump google.golang.org/grpc from 1.68.0 to 1.68.1 (notaryproject#1971) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump actions/cache from 4.1.2 to 4.2.0 (notaryproject#1967) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump codecov/codecov-action from 5.0.7 to 5.1.1 (notaryproject#1966) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/notaryproject/notation-core-go from 1.2.0-rc.1 to 1.2.0-rc.2 (notaryproject#1970) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump actions/setup-go from 5.1.0 to 5.2.0 (notaryproject#1979) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github/codeql-action from 3.27.6 to 3.27.7 (notaryproject#1978) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: bump K8s versions (notaryproject#1975) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com> chore: bump makefile tool dependency version (notaryproject#1976) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com> chore: bump up golang.org/x/crypto pkg to fix vuln (notaryproject#1981) Signed-off-by: Juncheng Zhu <junczhu@microsoft.com> chore: Bump github/codeql-action from 3.27.7 to 3.27.9 (notaryproject#1983) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump anchore/sbom-action from 0.17.8 to 0.17.9 (notaryproject#1988) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/sigstore/sigstore from 1.8.10 to 1.8.11 (notaryproject#1986) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: Bump github.com/notaryproject/notation-go from 1.3.0-rc.1 to 1.3.0-rc.2 (notaryproject#1987) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> chore: bump GK support to 3.18 (notaryproject#1980) Signed-off-by: Akash Singhal <akashsinghal@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps distroless/static from
d71f4b2to6cd937e.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)