Closed dependabot[bot] closed 3 months ago
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: cpanato, dependabot[bot]
The full list of commands accepted by this bot can be found here.
The pull request process is described here
LGTM label has been added.
Bumps the actions group with 1 update: slsa-framework/slsa-verifier.
Updates
slsa-framework/slsa-verifier
from 2.4.1 to 2.5.1Release notes
Sourced from slsa-framework/slsa-verifier's releases.
Commits
eb70070
feat: Update verifier version in GHA installer (#747)594b179
chore(deps): update github-actions (#741)dc7173b
feat: Regression tests for builder v1.10.0 (#745)52c099b
feat: Add support for DSSE Rekor type (#742)bb41cb6
fix(deps): update go (#498)74119b2
fix(deps): update go to 1.21 (#738)9b2467f
feat: fixes #724: add input for --provenance-repository while image verificat...ceaebee
fix: #642: don't use go-cmp for outputting diff (#737)b804933
chore: Remove ianlewis from CODEOWNERS (#732)f09d99f
feat: Add cosign registry opts for provenance registry (#729)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show