Closed dependabot[bot] closed 1 month ago
VIOLATION DESCRIPTION | NUMBER OF VIOLATIONS |
---|---|
HIGH/CRITICAL SECURITY VULNERABILITIES | 0 |
MAJOR UPDATES AVAILABLE | 0 |
LICENSE REQUIRES REVIEW | 4 |
HIGH RISK LICENSES | 9 |
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY | 0 |
Integration Tests for 862458c1dc8b515770b0ca6004fcff94bee93322 run with result: Success ✅!
Bumps the go group with 1 update: github.com/sigstore/sigstore.
Updates
github.com/sigstore/sigstore
from 1.8.3 to 1.8.4Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
5cd937f
build(deps): Bump github.com/hashicorp/vault/api96fc144
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates2b99005
build(deps): Bump the all group in /pkg/signature/kms/aws with 3 updatesfa5d64b
sync go mod186a1e5
build(deps): Bump the all group across 1 directory with 4 updates1ba2030
Fix Hashicorp Vault KMS to use PKCS1 v1.5ec88c0b
---bbe51a7
---1d8a874
---acb4db4
build(deps): Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show