Bump github.com/sigstore/rekor from 1.3.3 to 1.3.4

[dependabot[bot]]

Bumps github.com/sigstore/rekor from 1.3.3 to 1.3.4.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.4

Changelog

• 5072901 changelog for v1.3.4 (#1868)
• 9e37c19 fix: Do not check for pubsub.topics.get on initialization (#1853)
• fb05e16 Update ranges.go (#1852)
• a7501a6 update indexstorage interface to reduce roundtrips (#1838)
• 212ebff add functional options for mysql implementation
• a9de214 s/uuids/uuid
• 014cfb1 add mysql indexstorage backend
• 0394bf7 add s3 storage for attestations
• 29220fb update builder image to use go1.21.4 and bump golangci-lint to v1.55.x (#1851)
• ff9c3b9 fix optional field in cose schema
• c3ffda6 use a single validator library in rekor-cli (#1818)
• b681a14 Remove go-playground/validator dependency from pkg/pki (#1817)

Thanks for all contributors!

What's Changed

• build(deps): Bump github.com/google/trillian from 1.5.2 to 1.5.3 in /hack/tools by @​dependabot in sigstore/rekor#1807
• build(deps): Bump golang.org/x/mod from 0.13.0 to 0.14.0 by @​dependabot in sigstore/rekor#1811
• build(deps): Bump github.com/go-playground/validator/v10 from 10.15.5 to 10.16.0 by @​dependabot in sigstore/rekor#1808
• build(deps): Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @​dependabot in sigstore/rekor#1810
• build(deps): Bump golang.org/x/sync from 0.4.0 to 0.5.0 by @​dependabot in sigstore/rekor#1809
• build(deps): Bump google.golang.org/api from 0.149.0 to 0.150.0 by @​dependabot in sigstore/rekor#1813
• build(deps): Bump golang from 1.21.3 to 1.21.4 by @​dependabot in sigstore/rekor#1815
• build(deps): Bump google/cloud-sdk from 453.0.0 to 454.0.0 by @​dependabot in sigstore/rekor#1816
• build(deps): Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 by @​dependabot in sigstore/rekor#1814
• Remove go-playground/validator dependency from pkg/pki by @​steiza in sigstore/rekor#1817
• use a single validator library in rekor-cli by @​bobcallaway in sigstore/rekor#1818
• build(deps): Bump google/cloud-sdk from f30a4ef to d59988d by @​dependabot in sigstore/rekor#1822
• build(deps): Bump golang.org/x/net from 0.17.0 to 0.18.0 by @​dependabot in sigstore/rekor#1821
• build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.5 by @​dependabot in sigstore/rekor#1819
• build(deps): Bump google/cloud-sdk from d59988d to 54cedd6 by @​dependabot in sigstore/rekor#1823
• build(deps): Bump google/cloud-sdk from 54cedd6 to 6abd82e by @​dependabot in sigstore/rekor#1824
• build(deps): Bump actions/github-script from 6.4.1 to 7.0.0 by @​dependabot in sigstore/rekor#1826
• build(deps): Bump google/cloud-sdk from 6abd82e to 7a8e5c3 by @​dependabot in sigstore/rekor#1827
• build(deps): Bump google/cloud-sdk from 454.0.0 to 455.0.0 by @​dependabot in sigstore/rekor#1830
• build(deps): Bump sigs.k8s.io/release-utils from 0.7.6 to 0.7.7 by @​dependabot in sigstore/rekor#1829
• build(deps): Bump golang from 81cd210 to 57bf74a by @​dependabot in sigstore/rekor#1831
• build(deps): Bump google/cloud-sdk from a120bc0 to 269ad72 by @​dependabot in sigstore/rekor#1832
• build(deps): Bump google/cloud-sdk from 269ad72 to 059f611 by @​dependabot in sigstore/rekor#1833
• build(deps): Bump google.golang.org/api from 0.150.0 to 0.151.0 by @​dependabot in sigstore/rekor#1834
• build(deps): Bump actions/github-script from 7.0.0 to 7.0.1 by @​dependabot in sigstore/rekor#1835
• build(deps): Bump google/cloud-sdk from 059f611 to 25ed873 by @​dependabot in sigstore/rekor#1836
• build(deps): Bump go.step.sm/crypto from 0.36.1 to 0.37.0 by @​dependabot in sigstore/rekor#1837
• build(deps): Bump google/cloud-sdk from 25ed873 to 14c88c2 by @​dependabot in sigstore/rekor#1841
• build(deps): Bump google-github-actions/auth from 1.1.1 to 1.2.0 by @​dependabot in sigstore/rekor#1842
• build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @​dependabot in sigstore/rekor#1845
• build(deps): Bump google/cloud-sdk from 14c88c2 to 57f5a6d by @​dependabot in sigstore/rekor#1847
• build(deps): Bump golang from 57bf74a to daa9d10 by @​dependabot in sigstore/rekor#1846

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.4

New Features

• add mysql indexstorage backend
• add s3 storage for attestations

Bug Fixes

• fix: Do not check for pubsub.topics.get on initialization (#1853)
• fix optional field in cose schema

Quality Enhancements

• Update ranges.go (#1852)
• update indexstorage interface to reduce roundtrips (#1838)
• use a single validator library in rekor-cli (#1818)
• Remove go-playground/validator dependency from pkg/pki (#1817)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Hayden B
• James Alseth
• Kenny Leung
• Noah Kreiger
• Zach Steindler

Commits

• 5072901 changelog for v1.3.4 (#1868)
• 9e37c19 fix: Do not check for pubsub.topics.get on initialization (#1853)
• 1ffdfd8 build(deps): Bump github.com/go-openapi/validate from 0.22.2 to 0.22.3 (#1867)
• ffb14b5 build(deps): Bump github.com/go-openapi/spec from 0.20.9 to 0.20.11 (#1866)
• 36bf57b build(deps): Bump google/cloud-sdk from d87dbc0 to 824ae11 (#1865)
• 6faec1c build(deps): Bump google/cloud-sdk from d91626c to d87dbc0
• d946bc4 build(deps): Bump google/cloud-sdk from 026a0bd to d91626c
• c2a67f4 build(deps): Bump github.com/theupdateframework/go-tuf
• fdf809c build(deps): Bump go.step.sm/crypto from 0.37.0 to 0.38.0
• 7a44a11 build(deps): Bump google-github-actions/auth from 1.2.0 to 2.0.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cpanato]

@dependabot rebase