Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/sigstore/cosign from 1.13.0 to 1.13.1 #180

Merged
merged 1 commit into from
Oct 24, 2022
Merged

Bump github.com/sigstore/cosign from 1.13.0 to 1.13.1 #180

merged 1 commit into from
Oct 24, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 24, 2022
edited
Loading

Bumps github.com/sigstore/cosign from 1.13.0 to 1.13.1.

Release notes

Sourced from github.com/sigstore/cosign's releases.

v1.13.1

What's Changed

New Contributors

Full Changelog: sigstore/cosign@v1.13.0...v1.13.1

Changelog

Sourced from github.com/sigstore/cosign's changelog.

v1.13.1

Enhancements

  • verify-blob-attestation: allow multiple subjects in in_toto attestation (#2341)
  • Add verify-blob-attestation command and tests (#2337)
  • Add --output-attestation flag to attest-blob and remove experimental signing (#2332)
  • Add attest-blob command (#2286)
  • Add '--cert-identity' flag to support subject alternate names for ver… (#2278)
  • Update Dockerfile section of README (#2323)

Bug Fixes

  • Update warning when users sign images by tag. (#2313)

Others

  • Remove experimental flags from attest-blob and refactor (#2338)

Contributors

  • Alex Cameron
  • Ville Aikas
  • Zack Newman
  • asraa
  • kpk47
  • priyawadhwa
Commits
  • d1c6336 Add CHANGELOG for v1.13.1 (#2349)
  • e79cb5c chore(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 (#2326)
  • eba132f chore(deps): bump github.com/go-openapi/runtime from 0.24.1 to 0.24.2 (#2347)
  • 2860144 chore(deps): bump google.golang.org/api from 0.98.0 to 0.99.0 (#2348)
  • ef9cf9d chore(deps): bump google-github-actions/setup-gcloud from 0.6.1 to 0.6.2 (#2344)
  • fc83e43 chore(deps): bump google-github-actions/auth from 0.8.2 to 0.8.3 (#2343)
  • e652561 chore(deps): bump google-github-actions/setup-gcloud from 0.6.0 to 0.6.1 (#2340)
  • d637a3b verify-blob-attestation: allow multiple subjects in in_toto attestation (#2341)
  • a7ad7e7 Nits for #2337 (#2342)
  • 797033c Add verify-blob-attestation command and tests (#2337)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 24, 2022
cpanato
cpanato previously approved these changes Oct 24, 2022
View reviewed changes
@cpanato
Copy link
Member

cpanato commented Oct 24, 2022

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/cosign-1.13.1 branch 2 times, most recently from cee5352 to 4f632f8 Compare October 24, 2022 13:06
@dependabot
Bump github.com/sigstore/cosign from 1.13.0 to 1.13.1
cb3ffbd 
Bumps [github.com/sigstore/cosign](https://github.com/sigstore/cosign) from 1.13.0 to 1.13.1.
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v1.13.0...v1.13.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/cosign
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/sigstore/cosign-1.13.1 branch from 4f632f8 to cb3ffbd Compare October 24, 2022 13:58
@cpanato cpanato merged commit b68b10a into main Oct 24, 2022
@cpanato cpanato deleted the dependabot/go_modules/github.com/sigstore/cosign-1.13.1 branch October 24, 2022 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpanato cpanato cpanato approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@cpanato