search

9elements / converged-security-suite

Converged Security Suite for Intel & AMD platform security features
https://www.9esec.io
BSD 3-Clause "New" or "Revised" License
56 stars 15 forks source link

Bump github.com/google/go-attestation from 0.2.2 to 0.4.0 #317

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github.com/google/go-attestation from 0.2.2 to 0.4.0.

Release notes

Sourced from github.com/google/go-attestation's releases.

v0.3.2

  • Parse TCG_PCClientPCREvent structures with an eventSize of 0 (#212)

v0.3.1

  • win_events: Determine if the WBCL was for a cold boot (as opposed to a resume from hibernation) (#209)
  • bugfix(eventlog): Assume TPM1.2 events if NO_ACTION is too short (#208)
  • Fix integer overflow in digest parsing (#211)

v0.3.0

  • attest: add bounds checks for slice indexes (#197)
  • attestPCRs(): make sure that the return values are consistent (#199)
  • Support for application signing keys (#201)
  • Bump github.com/google/go-cmp from 0.5.4 to 0.5.5 (#203)
  • Verify(): ensure that the hash function is available (#204)
  • Bump Go version to 1.16, update dependencies (#205)
  • testKeySign: small fix (#206)
  • Minor fixes and additions (#207)
Commits
  • 82f2c9c Merge pull request from GHSA-99cg-575x-774p
  • 21f642c Copybara import of the project:
  • d114f39 Copybara import of the project:
  • b92e274 Bump github.com/google/go-tpm-tools from 0.2.1 to 0.3.1 (#250)
  • 2f8dbfc Restore changes accidentally reverted during reconciliation (#256)
  • f1f1b84 Revert "Internal change"
  • 57a6cb5 Internal change
  • 0393b91 Implement CombineEventlogs().
  • be496f1 Internal change
  • a35bd36 attest: fix test build for MacOS (#241)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/9elements/converged-security-suite/network/alerts).