Bump github.com/sigstore/rekor from 0.12.2 to 1.0.0

[dependabot]

Bumps github.com/sigstore/rekor from 0.12.2 to 1.0.0.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.0.0

What's Changed

• add changelog for 0.12.0 and 0.12.1 by @​cpanato in sigstore/rekor#1064
• add description on /api/v1/index/retrieve endpoint by @​bobcallaway in sigstore/rekor#1073
• Adding e2e test coverage by @​cdris in sigstore/rekor#1071
• export rekor build/version information by @​cpanato in sigstore/rekor#1074
• Use POST instead of GET for /api/log/entries/retrieve metrics. by @​var-sdk in sigstore/rekor#1083
• Search through all shards when searching by hash by @​priyawadhwa in sigstore/rekor#1082
• Update CHANGELOG.md for 0.12.2 release by @​priyawadhwa in sigstore/rekor#1085
• verify: verify checkpoint's STH against the inclusion proof root hash by @​asraa in sigstore/rekor#1092
• add ability to enable/disable specific rekor API endpoints by @​bobcallaway in sigstore/rekor#1080
• enable configurable client retries with backoff in RekorClient by @​bobcallaway in sigstore/rekor#1096
• remove dead code around api-key and timestamp references by @​bobcallaway in sigstore/rekor#1098
• update swagger API version to 1.0.0 by @​bobcallaway in sigstore/rekor#1102
• remove unused RekorVersion API definition by @​bobcallaway in sigstore/rekor#1101
• install gocovmerge in hack/tools by @​bobcallaway in sigstore/rekor#1103
• Cut 1.0 prerelease by @​priyawadhwa in sigstore/rekor#1105
• add retry command line flag on rekor-cli by @​bobcallaway in sigstore/rekor#1097
• Add some info and debug logging to commonly used funcs by @​priyawadhwa in sigstore/rekor#1106
• Add CHANGELOG.md for v1.0.0-rc.1 by @​priyawadhwa in sigstore/rekor#1110
• update builder images and cosign by @​cpanato in sigstore/rekor#1114
• Add Rekor 1.0 CHANGELOG by @​priyawadhwa in sigstore/rekor#1122

Full Changelog: sigstore/rekor@v0.12.1...v1.0.0

v1.0.0-rc.1

What's Changed

• add retry command line flag on rekor-cli by @​bobcallaway in sigstore/rekor#1097
• Add some info and debug logging to commonly used funcs by @​priyawadhwa in sigstore/rekor#1106
• Add CHANGELOG.md for v1.0.0-rc.1 by @​priyawadhwa in sigstore/rekor#1110

Full Changelog: sigstore/rekor@v1.0-rc...v1.0.0-rc.1

v1.0-rc

What's Changed

• add changelog for 0.12.0 and 0.12.1 by @​cpanato in sigstore/rekor#1064
• add description on /api/v1/index/retrieve endpoint by @​bobcallaway in sigstore/rekor#1073
• Adding e2e test coverage by @​cdris in sigstore/rekor#1071
• export rekor build/version information by @​cpanato in sigstore/rekor#1074
• Use POST instead of GET for /api/log/entries/retrieve metrics. by @​var-sdk in sigstore/rekor#1083
• Search through all shards when searching by hash by @​priyawadhwa in sigstore/rekor#1082
• Update CHANGELOG.md for 0.12.2 release by @​priyawadhwa in sigstore/rekor#1085
• verify: verify checkpoint's STH against the inclusion proof root hash by @​asraa in sigstore/rekor#1092
• add ability to enable/disable specific rekor API endpoints by @​bobcallaway in sigstore/rekor#1080
• enable configurable client retries with backoff in RekorClient by @​bobcallaway in sigstore/rekor#1096
• remove dead code around api-key and timestamp references by @​bobcallaway in sigstore/rekor#1098
• update swagger API version to 1.0.0 by @​bobcallaway in sigstore/rekor#1102
• remove unused RekorVersion API definition by @​bobcallaway in sigstore/rekor#1101

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.0.0

Rekor is 1.0! No changes, as this is tagged at the same commit as v1.0.0-rc.1.

Thank you to all of the contributors to Rekor in the past couple years who helped make Rekor 1.0 possible!

Contributors

• Aastha Bist
• Aditya Sirish
• Ahmet Alp Balkan
• Andrew Block
• Appu
• Asra Ali
• axel simon
• Azeem Shaikh
• Batuhan Apaydın
• Bob Callaway
• Carlos Tadeu Panato Junior
• Ceridwen Driskill
• Christian Rebischke
• Dan Lorenc
• Dan Luhring
• Eddie Zaneski
• Efe Barlas
• Fredrik Skogman
• Harry Fallows
• Hayden B
• Hector Fernandez
• Jake Sanders
• Jason Hall
• Jehan Shah
• John Speed Meyers
• Kenny Leung
• Koichi Shiraishi
• Lily Sturmann
• Luke Hinds
• Mikhail Swift
• Morten Linderud
• Nathan Smith
• Naveen
• Olivier Cedric Barbier
• Parth Patel
• Priya Wadhwa
• Robert James Hernandez
• Romain Aviolat
• Samsondeen
• Sascha Grunert
• Scott Nichols
• Shiwei Zhang

... (truncated)

Commits

• 7215f5c Add Rekor 1.0 CHANGELOG (#1122)
• e766c3a Bump google-github-actions/auth from 0.8.2 to 0.8.3 (#1127)
• d1c3151 Bump actions/github-script from 6.3.2 to 6.3.3 (#1123)
• 4a3c9e5 Bump actions/dependency-review-action from 2.4.1 to 2.5.0 (#1124)
• ec650a5 Bump golang from b850621 to 25de7b6 (#1120)
• 21422e5 Bump google-github-actions/auth from 0.8.1 to 0.8.2 (#1121)
• aab26ce Bump actions/github-script from 6.3.1 to 6.3.2 (#1118)
• 0a612d5 Bump github.com/spf13/cobra from 1.5.0 to 1.6.0 (#1119)
• 1876d1a Bump actions/dependency-review-action from 2.4.0 to 2.4.1 (#1117)
• 4b1fa66 Bump github.com/sigstore/sigstore from 1.4.3 to 1.4.4 (#1116)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)