dependabot: bump ccf from 5.0.6 to 5.0.8

Bumps ccf from 5.0.6 to 5.0.8.

Release notes

5.0.8

Added

Added a ccf::any_cert_auth_policy (C++), or any_cert (JS/TS), implementing TLS client certificate authentication, but without checking for the presence of the certificate in the governance user or member tables. This enables applications wanting to do so to perform user management in application space, using application tables (#6608).

Set VMPL value when creating SNP attestations, and check VMPL value is in guest range when verifiying attestation, since recent updates allow host-initiated attestations (#6583).

5.0.7

Ignore time when resolving did:x509 against x5chain, resolution establishes a point-in-time endorsement, not ongoing validity (#6575).

Changelog

Sourced from ccf's changelog.

5.0.8

Added

Added a ccf::any_cert_auth_policy (C++), or any_cert (JS/TS), implementing TLS client certificate authentication, but without checking for the presence of the certificate in the governance user or member tables. This enables applications wanting to do so to perform user management in application space, using application tables (#6608).

Set VMPL value when creating SNP attestations, and check VMPL value is in guest range when verifiying attestation, since recent updates allow host-initiated attestations (#6583).

5.0.7

Ignore time when resolving did:x509 against x5chain, resolution establishes a point-in-time endorsement, not ongoing validity (#6575).

Commits

0cb409d [release/5.x] Cherry pick: Any cert authn policy (#6608) (#6615)
ea9f1a1 [release/5.x] Cherry pick: OpenSSL 3.3: proper public key loading for EC keys...
916b0ee [release/5.x] Cherry pick: Fix accessing invalid iterator in historical state...
af83844 [release/5.x] Cherry pick: Set and enforce VMPL in SNP attestation (#6583) (#...
6e42877 [release/5.x] Cherry pick: Add test to confirm service certificate refreshes ...
4bece67 [release/5.x] Cherry pick: Ignore time in did:x509 resolve (#6576) (#6577)
ed595d5 Install cddl gem globally (#6538)
6580601 Install CDDL checker (#6532)
8a5321c Add rubygems to 5.x build images (#6527)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

microsoft / azure-privacy-sandbox-kms

dependabot: bump ccf from 5.0.6 to 5.0.8 #197

5.0.8

Added

5.0.7

5.0.8

Added

5.0.7