chore(deps): bump the gomod group across 1 directory with 15 updates #54

dependabot · 2025-09-08T21:51:42Z

Bumps the gomod group with 3 updates in the / directory: github.com/secure-systems-lab/go-securesystemslib, github.com/sigstore/rekor-tiles and github.com/sigstore/timestamp-authority.

Updates github.com/secure-systems-lab/go-securesystemslib from 0.9.0 to 0.9.1

Commits

a1a33cd Merge pull request #120 from secure-systems-lab/dependabot/github_actions/dom...
4f201c1 Merge pull request #122 from rosstimothy/tross/remove_testing
5d1cc26 Move hexDecode test helper into a test file
ebae973 Merge pull request #121 from secure-systems-lab/dependabot/go_modules/golang....
551dff1 chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
50ac487 chore(deps): bump dominikh/staticcheck-action from 1.3.1 to 1.4.0
9d9f015 Merge pull request #117 from secure-systems-lab/dependabot/go_modules/golang....
9aa50ea chore(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
3e526e2 Merge pull request #115 from secure-systems-lab/dependabot/go_modules/golang....
a1093e6 Merge pull request #116 from secure-systems-lab/dependabot/github_actions/act...
Additional commits viewable in compare view

Updates github.com/sigstore/rekor-tiles from 0.1.7-0.20250624231741-98cd4a77300f to 0.1.11

Release notes

Sourced from github.com/sigstore/rekor-tiles's releases.

v0.1.11

What's Changed

Make verifier pkg public in sigstore/rekor-tiles#479

Rename metrics by in sigstore/rekor-tiles#481

Bump Tessera library to latest release in sigstore/rekor-tiles#494

Full Changelog: sigstore/rekor-tiles@v0.1.10...v0.1.11

v0.1.10

Changelog

c0c5fc73260c54ef36ae77f942dd39afb9556194 Bump Tessera to latest release (#471)

Full Changelog: sigstore/rekor-tiles@v0.1.9...v0.1.10

v0.1.9

Changelog

fdc24378451350cadb26466e050b7e5b4b425105 Add sleep binary to released image (#451)

v0.1.8

What's Changed

Fix release container build, bump image deps in sigstore/rekor-tiles#446

Full Changelog: sigstore/rekor-tiles@v0.1.7...v0.1.8

v0.1.7

What's Changed

Move internal packages to internal/ in sigstore/rekor-tiles#390

Use protobuf-specs container for building in sigstore/rekor-tiles#391

Retract accidental tag in sigstore/rekor-tiles#392

Enable persistent antispam option in sigstore/rekor-tiles#405

Create initial sharding playbook in sigstore/rekor-tiles#254

Add end-to-end tests for sharding workflow in sigstore/rekor-tiles#400

Update clients doc for DSSE verification in sigstore/rekor-tiles#409

Update sharding for metrics and tinkey in sigstore/rekor-tiles#416

minor nits regarding slog usage in sigstore/rekor-tiles#427

Export Tessera Open Telemetry metrics in sigstore/rekor-tiles#426

Update sharding documentation for monitoring in sigstore/rekor-tiles#429

Sharding procedure updates based on feedback in sigstore/rekor-tiles#433

Catch pushback error in sigstore/rekor-tiles#442

Remove TSA from e2e test in sigstore/rekor-tiles#443

Add sleep binary to image in sigstore/rekor-tiles#444

Require deployment review for creating releases in sigstore/rekor-tiles#431

Add better shutdown handling for tessera in sigstore/rekor-tiles#432

Full Changelog: sigstore/rekor-tiles@v0.1.6...v0.1.7

Commits

See full diff in compare view

Updates github.com/sigstore/sigstore from 1.9.5 to 1.9.6-0.20250729224751-181c5d3339b3

Commits

See full diff in compare view

Updates github.com/sigstore/sigstore-go from 1.1.0 to 1.1.2-0.20250811211025-bac873564adb

Release notes

Sourced from github.com/sigstore/sigstore-go's releases.

v1.1.1

What's Changed

Make conformance compatible with rekor v2 in sigstore/sigstore-go#505

Update GetSigningConfig to use signing_config.v0.2.json in sigstore/sigstore-go#506

Refactor SelectService to return Service rather than URL, add supported API versions in sigstore/sigstore-go#503

Remove noisy log message in sigstore/sigstore-go#507

Full Changelog: sigstore/sigstore-go@v1.1.0...v1.1.1

Commits

See full diff in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.9.5 to 1.9.6-0.20250729224751-181c5d3339b3

Commits

See full diff in compare view

Updates github.com/sigstore/timestamp-authority from 1.2.8 to 1.2.9

Release notes

Sourced from github.com/sigstore/timestamp-authority's releases.

v1.2.9

What's Changed

fix panic in cosign verify-attestation in sigstore/timestamp-authority#1099

add documentation for AWS KMS example in sigstore/timestamp-authority#1094

add feature to disable intermediate cert EKU enforcement in sigstore/timestamp-authority#1146

logging: Don't use Error when logging 4xx responses in sigstore/timestamp-authority#1159

Full Changelog: sigstore/timestamp-authority@v1.2.8...v1.2.9

Commits

6a9f9e6 logging: Don't use Error when logging 4xx responses (#1159)
48065b9 chore(deps): bump golang from 1.25.0 to 1.25.1 in the docker group (#1160)
ead25fd chore(deps): bump github/codeql-action in the actions group (#1161)
f4dcc5d chore(deps): bump github.com/prometheus/client_golang in the gomod group (#1162)
4dce52c chore(deps): bump the gomod group with 2 updates (#1157)
0760214 chore(deps): bump codecov/codecov-action in the actions group (#1158)
b0a7e83 chore(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (#1156)
9f85393 chore(deps): bump github.com/spf13/pflag in the gomod group (#1155)
ecc1d67 chore(deps): bump github.com/go-openapi/swag from 0.23.1 to 0.24.1 (#1150)
f35ae49 chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1154)
Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.9.1 to 1.10.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

chore: upgrade pflags v1.0.9 by @jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

Bump pflag to 1.0.8 by @tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`

or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: spf13/cobra#2303

✨ Features

Flow context to command in SetHelpFunc by @Frassle in spf13/cobra#2241

The default ShellCompDirective can be customized for a command and its subcommands by @albers in spf13/cobra#2238

🐛 Fix

Upgrade golangci-lint to v2, address findings by @scop in spf13/cobra#2279

🪠 Testing

Test with Go 1.24 by @harryzcy in spf13/cobra#2236

chore: Rm GitHub Action PR size labeler by @jpmcb in spf13/cobra#2256

📝 Docs

Remove traling curlybrace by @yedayak in spf13/cobra#2237

Update command.go by @styee in spf13/cobra#2248

feat: Add security policy by @jpmcb in spf13/cobra#2253

Update Readme (Warp) by @ericdachen in spf13/cobra#2267

Add Periscope to the list of projects using Cobra by @anishathalye in spf13/cobra#2299

New Contributors

@harryzcy made their first contribution in spf13/cobra#2236

@yedayak made their first contribution in spf13/cobra#2237

@Frassle made their first contribution in spf13/cobra#2241

... (truncated)

Commits

7da941c chore: Bump pflag to v1.0.9 (#2305)
51d6751 Bump pflag to 1.0.8 (#2303)
3f3b818 Update README.md with new logo
dcaf42e Add Periscope to the list of projects using Cobra (#2299)
6dec1ae The default ShellCompDirective can be customized for a command and its subcom...
c8289c1 chore(golangci-lint): add some exclusion presets
4af7b64 refactor: apply golangci-lint autofixes, work around false positives
75790e4 chore(golangci-lint): upgrade to v2
db3ddb5 Adding sponsorship to README.md
67171d6 putting sponsorship below header
Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.7 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

fix deprecation comment for (FlagSet.)ParseErrorsWhitelist by @thaJeztah in spf13/pflag#447

remove uses of errors.Is, which requires go1.13, move go1.16/go1.21 tests to separate file by @thaJeztah in spf13/pflag#448

New Contributors

@thaJeztah made their first contribution in spf13/pflag#447

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

v1.0.9

What's Changed

fix: Restore ParseErrorsWhitelist name for now by @tomasaschan in spf13/pflag#446

Full Changelog: spf13/pflag@v1.0.8...v1.0.9

v1.0.8

⚠️ Breaking Change

This version, while only a patch bump, includes a (very minor) breaking change: the flag.ParseErrorsWhitelist struct and corresponding FlagSet.parseErrorsWhitelist field have been renamed to ParseErrorsAllowlist.

This should result in compilation errors in any code that uses these fields, which can be fixed by adjusting the names at call sites. There is no change in semantics or behavior of the struct or field referred to by these names. If your code compiles without errors after bumping to/past v1.0.8, you are not affected by this change.

The breaking change was reverted in v1.0.9, by means of re-introducing the old names with deprecation warnings. The plan is still to remove them in a future release, so if your code does depend on the old names, please change them to use the new names at your earliest convenience.

What's Changed

Remove Redundant "Unknown-Flag" Error by @vaguecoder in spf13/pflag#364

Switching from whitelist to Allowlist terminology by @dubrie in spf13/pflag#261

Omit zero time.Time default from usage line by @mologie in spf13/pflag#438

implement CopyToGoFlagSet by @pohly in spf13/pflag#330

flag: Emulate stdlib behavior and do not print ErrHelp by @tmc in spf13/pflag#407

Print Default Values of String-to-String in Sorted Order by @vaguecoder in spf13/pflag#365

fix: Don't print ErrHelp in ParseAll by @tomasaschan in spf13/pflag#443

Reset args on re-parse even if empty by @tomasaschan in spf13/pflag#444

New Contributors

@vaguecoder made their first contribution in spf13/pflag#364

@dubrie made their first contribution in spf13/pflag#261

@mologie made their first contribution in spf13/pflag#438

@pohly made their first contribution in spf13/pflag#330

@tmc made their first contribution in spf13/pflag#407

@tomasaschan made their first contribution in spf13/pflag#443

Full Changelog: spf13/pflag@v1.0.7...v1.0.8

Commits

0491e57 Merge pull request #448 from thaJeztah/fix_go_version
72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
7e4dfb1 Test on Go 1.12
18a9d17 move Func, BoolFunc, tests as they require go1.21
c5b9e98 remove uses of errors.Is, which requires go1.13
45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
1043857 Merge pull request #446 from spf13/fix-backwards-compat
7412009 fix: Restore ParseErrorsWhitelist name for now
b9c16fa Merge pull request #444 from spf13/reset-args-even-if-empty
40abc49 Merge pull request #443 from spf13/silence-errhelp
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Backport #1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @brackendawson in stretchr/testify#1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Call stack perf change for CallerInfo by @mikeauclair in stretchr/testify#1614

Lazily render mock diff output on successful match by @mikeauclair in stretchr/testify#1615

assert: check early in Eventually, EventuallyWithT, and Never by @cszczepaniak in stretchr/testify#1427

assert: add IsNotType by @bartventer in stretchr/testify#1730

assert.JSONEq: shortcut if same strings by @dolmen in stretchr/testify#1754

assert.YAMLEq: shortcut if same strings by @dolmen in stretchr/testify#1755

assert: faster and simpler isEmpty using reflect.Value.IsZero by @dolmen in stretchr/testify#1761

suite: faster methods filtering (internal refactor) by @dolmen in stretchr/testify#1758

Fixes

assert.ErrorAs: log target type by @craig65535 in stretchr/testify#1345

Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062

Improve ErrorIs message when error is nil but an error was expected by @tsioftas in stretchr/testify#1681

fix Subset/NotSubset when calling with mixed input types by @siliconbrain in stretchr/testify#1729

Improve ErrorAs failure message when error is nil by @ccoVeille in stretchr/testify#1734

mock.AssertNumberOfCalls: improve error msg by @3scalation in stretchr/testify#1743

Documentation, Build & CI

docs: Fix typo in README by @alexandear in stretchr/testify#1688

Replace deprecated io/ioutil with io and os by @alexandear in stretchr/testify#1684

Document consequences of calling t.FailNow() by @greg0ire in stretchr/testify#1710

chore: update docs for Unset #1621 by @techfg in stretchr/testify#1709

README: apply gofmt to examples by @alexandear in stretchr/testify#1687

refactor: use %q and %T to simplify fmt.Sprintf by @alexandear in stretchr/testify#1674

Propose Christophe Colombier (ccoVeille) as approver by @brackendawson in stretchr/testify#1716

Update documentation for the Error function in assert or require package by @architagr in stretchr/testify#1675

assert: remove deprecated build constraints by @alexandear in stretchr/testify#1671

assert: apply gofumpt to internal test suite by @ccoVeille in stretchr/testify#1739

CI: fix shebang in .ci.*.sh scripts by @dolmen in stretchr/testify#1746

assert,require: enable parallel testing on (almost) all top tests by @dolmen in stretchr/testify#1747

suite.Passed: add one more status test report by @Ararsa-Derese in stretchr/testify#1706

Add Helper() method in internal mocks and assert.CollectT by @dolmen in stretchr/testify#1423

assert.Same/NotSame: improve usage of Sprintf by @ccoVeille in stretchr/testify#1742

mock: enable parallel testing on internal testsuite by @dolmen in stretchr/testify#1756

suite: cleanup use of 'testing' internals at runtime by @dolmen in stretchr/testify#1751

assert: check test failure message for Empty and NotEmpty by @ccoVeille in stretchr/testify#1745

... (truncated)

Commits

2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
af8c912 Backport #1786 to release/1.11
b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
69831f3 build(deps): bump actions/checkout from 4 to 5
a53be35 Improve captureTestingT helper
aafb604 mock: improve formatting of error message
7218e03 improve error msg
929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
bc7459e suite: faster filtering of methods (-testify.m)
7d37b5c suite: refactor methodFilter
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.40.0 to 0.41.0

Commits

ef5341b go.mod: update golang.org/x dependencies
b999374 acme: fix pebble subprocess output data race
c247dea x509roots/fallback: store bundle certs directly in DER
1fda731 acme: increase pebble test waitForServer attempts
1b4c3d2 x509roots/fallback: update bundle
b903b53 acme: capture pebble test subprocess stdout/stderr
See full diff in compare view

Updates golang.org/x/sync from 0.16.0 to 0.17.0

Commits

04914c2 all: upgrade go directive to at least 1.24.0 [generated]
See full diff in compare view

Updates golang.org/x/term from 0.33.0 to 0.34.0

Commits

a35244d go.mod: update golang.org/x dependencies
4f53e0c term: allow multi-line bracketed paste to not create single line with verbati...
27f29d8 term: remove duplicate flag and add comment on windows
See full diff in compare view

Updates google.golang.org/api from 0.243.0 to 0.248.0

Release notes

Sourced from google.golang.org/api's releases.

v0.248.0

0.248.0 (2025-08-19)

Features

all: Auto-regenerate discovery clients (#3272) (8f03c8e)

all: Auto-regenerate discovery clients (#3274) (2900298)

all: Auto-regenerate discovery clients (#3275) (4c66642)

all: Auto-regenerate discovery clients (#3276) (2692170)

all: Auto-regenerate discovery clients (#3277) (23daa11)

all: Auto-regenerate discovery clients (#3279) (71f2c5f)

all: Auto-regenerate discovery clients (#3280) (59f18fd)

v0.247.0

0.247.0 (2025-08-11)

Features

all: Auto-regenerate discovery clients (#3264) (82513ca)

all: Auto-regenerate discovery clients (#3266) (e57e8b1)

all: Auto-regenerate discovery clients (#3267) (10c5490)

all: Auto-regenerate discovery clients (#3268) (2dbf1ac)

all: Auto-regenerate discovery clients (#3270) (23a4031)

v0.246.0

0.246.0 (2025-08-06)

Features

all: Auto-regenerate discovery clients (#3261) (b792200)

Bug Fixes

idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

v0.245.0

0.245.0 (2025-08-05)

Features

all: Auto-regenerate discovery clients (#3252) (0716728)

all: Auto-regenerate discovery clients (#3254) (702998a)

all: Auto-regenerate discovery clients (#3255) (0f10366)

all: Auto-regenerate discovery clients (#3256) (83176a9)

all: Auto-regenerate discovery clients (#3257) (efc3371)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.248.0 (2025-08-19)

Features

all: Auto-regenerate discovery clients (#3272) (8f03c8e)

all: Auto-regenerate discovery clients (#3274) (2900298)

all: Auto-regenerate discovery clients (#3275) (4c66642)

all: Auto-regenerate discovery clients (#3276) (2692170)

all: Auto-regenerate discovery clients (#3277) (23daa11)

all: Auto-regenerate discovery clients (#3279) (71f2c5f)

all: Auto-regenerate discovery clients (#3280) (59f18fd)

0.247.0 (2025-08-11)

Features

all: Auto-regenerate discovery clients (#3264) (82513ca)

all: Auto-regenerate discovery clients (#3266) (e57e8b1)

all: Auto-regenerate discovery clients (#3267) (10c5490)

all: Auto-regenerate discovery clients (#3268) (2dbf1ac)

all: Auto-regenerate discovery clients (#3270) (23a4031)

0.246.0 (2025-08-06)

Features

all: Auto-regenerate discovery clients (#3261) (b792200)

Bug Fixes

idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

0.245.0 (2025-08-05)

Features

all: Auto-regenerate discovery clients (#3252) (0716728)

all: Auto-regenerate discovery clients (#3254) (702998a)

all: Auto-regenerate discovery clients (#3255) (0f10366)

all: Auto-regenerate discovery clients (#3256) (83176a9)

all: Auto-regenerate discovery clients (#3257) (efc3371)

all: Auto-regenerate discovery clients (#3259) (bf38d3a)

Bug Fixes

... (truncated)

Commits

79bed22 chore(main): release 0.248.0 (#3273)
07ab1f3 chore(all): update all (#3278)
59f18fd feat(all): auto-regenerate discovery clients (#3280)
71f2c5f feat(all): auto-regenerate discovery clients (#3279)
23daa11 feat(all): auto-regenerate discovery clients (#3277)
2692170 feat(all): auto-regenerate discovery clients (#3276)
4c66642 feat(all): auto-regenerate discovery clients (#3275)
2900298 feat(all): auto-regenerate discovery clients (#3274)
8f03c8e feat(all): auto-regenerate discovery clients (#3272)
56a3682 chore(main): release 0.247.0 (#3265)
Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.6 to 1.36.8

Updates sigs.k8s.io/release-utils from 0.12.0 to 0.12.1

Release notes

Sourced from sigs.k8s.io/release-utils's releases.

v0.12.1

No release notes provided.

Commits

bb0eb13 Merge pull request #140 from kubernetes-sigs/dependabot/go_modules/all-6cd1ce...
46f34f1 build(deps): bump github.com/olekukonko/tablewriter in the all group
40e56cf Merge pull request #139 from cpanato/improve-tablewriter
dde8abd rename pkg util to helpers
9eb8ae7 add more wrapper fiunc for tablewriter
7ff2414 Merge pull request #138 from cpanato/updates
06ebfc2 fix lints
94773fe bump cosign and golangci-lint versions
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 3 updates in the / directory: [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib), [github.com/sigstore/rekor-tiles](https://github.com/sigstore/rekor-tiles) and [github.com/sigstore/timestamp-authority](https://github.com/sigstore/timestamp-authority). Updates `github.com/secure-systems-lab/go-securesystemslib` from 0.9.0 to 0.9.1 - [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases) - [Commits](secure-systems-lab/go-securesystemslib@v0.9.0...v0.9.1) Updates `github.com/sigstore/rekor-tiles` from 0.1.7-0.20250624231741-98cd4a77300f to 0.1.11 - [Release notes](https://github.com/sigstore/rekor-tiles/releases) - [Changelog](https://github.com/sigstore/rekor-tiles/blob/main/Dockerfile.release) - [Commits](https://github.com/sigstore/rekor-tiles/commits/v0.1.11) Updates `github.com/sigstore/sigstore` from 1.9.5 to 1.9.6-0.20250729224751-181c5d3339b3 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/commits) Updates `github.com/sigstore/sigstore-go` from 1.1.0 to 1.1.2-0.20250811211025-bac873564adb - [Release notes](https://github.com/sigstore/sigstore-go/releases) - [Commits](https://github.com/sigstore/sigstore-go/commits) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.9.5 to 1.9.6-0.20250729224751-181c5d3339b3 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](https://github.com/sigstore/sigstore/commits) Updates `github.com/sigstore/timestamp-authority` from 1.2.8 to 1.2.9 - [Release notes](https://github.com/sigstore/timestamp-authority/releases) - [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md) - [Commits](sigstore/timestamp-authority@v1.2.8...v1.2.9) Updates `github.com/spf13/cobra` from 1.9.1 to 1.10.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.9.1...v1.10.1) Updates `github.com/spf13/pflag` from 1.0.7 to 1.0.10 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.7...v1.0.10) Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.10.0...v1.11.1) Updates `golang.org/x/crypto` from 0.40.0 to 0.41.0 - [Commits](golang/crypto@v0.40.0...v0.41.0) Updates `golang.org/x/sync` from 0.16.0 to 0.17.0 - [Commits](golang/sync@v0.16.0...v0.17.0) Updates `golang.org/x/term` from 0.33.0 to 0.34.0 - [Commits](golang/term@v0.33.0...v0.34.0) Updates `google.golang.org/api` from 0.243.0 to 0.248.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.243.0...v0.248.0) Updates `google.golang.org/protobuf` from 1.36.6 to 1.36.8 Updates `sigs.k8s.io/release-utils` from 0.12.0 to 0.12.1 - [Release notes](https://github.com/kubernetes-sigs/release-utils/releases) - [Commits](kubernetes-sigs/release-utils@v0.12.0...v0.12.1) --- updated-dependencies: - dependency-name: github.com/secure-systems-lab/go-securesystemslib dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/rekor-tiles dependency-version: 0.1.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore dependency-version: 1.9.6-0.20250729224751-181c5d3339b3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore-go dependency-version: 1.1.2-0.20250811211025-bac873564adb dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-version: 1.9.6-0.20250729224751-181c5d3339b3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/timestamp-authority dependency-version: 1.2.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/spf13/cobra dependency-version: 1.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/spf13/pflag dependency-version: 1.0.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/stretchr/testify dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/crypto dependency-version: 0.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/sync dependency-version: 0.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/term dependency-version: 0.34.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/api dependency-version: 0.248.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/protobuf dependency-version: 1.36.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: sigs.k8s.io/release-utils dependency-version: 0.12.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-09-15T21:37:40Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Sep 8, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the gomod group across 1 directory with 15 updates #54

chore(deps): bump the gomod group across 1 directory with 15 updates #54

Uh oh!

dependabot bot commented on behalf of github Sep 8, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

chore(deps): bump the gomod group across 1 directory with 15 updates #54

Are you sure you want to change the base?

chore(deps): bump the gomod group across 1 directory with 15 updates #54

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.1.11

What's Changed

v0.1.10

Changelog

v0.1.9

Changelog

v0.1.8

What's Changed

v0.1.7

What's Changed

v1.1.1

What's Changed

v1.2.9

What's Changed

v1.10.1

🐛 Fix

v1.10.0

What's Changed

🚨 Attention!

✨ Features

🐛 Fix

🪠 Testing

📝 Docs

New Contributors

v1.0.10

What's Changed

New Contributors

v1.0.9

What's Changed

v1.0.8

⚠️ Breaking Change

What's Changed

New Contributors

v1.11.1

What's Changed

v1.11.0

What's Changed

Functional Changes

Fixes

Documentation, Build & CI

v0.248.0

0.248.0 (2025-08-19)

Features

v0.247.0

0.247.0 (2025-08-11)

Features

v0.246.0

0.246.0 (2025-08-06)

Features

Bug Fixes

v0.245.0

0.245.0 (2025-08-05)

Features

0.248.0 (2025-08-19)

Features

0.247.0 (2025-08-11)

Features

0.246.0 (2025-08-06)

Features

Bug Fixes

0.245.0 (2025-08-05)

Features

Bug Fixes

v0.12.1

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

dependabot bot commented on behalf of github Sep 8, 2025 •

edited

Loading