sigstore / gitsign

Keyless Git signing using Sigstore
Other
950 stars 63 forks source link

Bump github.com/sigstore/rekor from 1.3.5 to 1.3.6 #487

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 7 months ago

Bumps github.com/sigstore/rekor from 1.3.5 to 1.3.6.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.6

New Features

  • Add support for IEEE P1363 encoded ECDSA signatures
  • Add index performance script (#2042)
  • Add support for ed25519ph user keys in hashedrekord (#1945)
  • Add metrics for index insertion (#2015)
  • Add TLS support for Redis Client implementation (#1998)

Bug Fixes

  • fix typo in remoteIp and set full name for trace field

Full Changelog: https://github.com/sigstore/rekor/compare/v1.3.5...v1.3.6

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.6

New Features

  • Add support for IEEE P1363 encoded ECDSA signatures
  • Add index performance script (#2042)
  • Add support for ed25519ph user keys in hashedrekord (#1945)
  • Add metrics for index insertion (#2015)
  • Add TLS support for Redis Client implementation (#1998)

Bug Fixes

  • fix typo in remoteIp and set full name for trace field

Contributors

  • Bob Callaway
  • Colleen Murphy
  • cpanato
  • Hayden B
  • Mihkel Pärna
  • Riccardo Schirone
Commits
  • a678856 Add 1.3.6 changelog, test IEEE P1363 sigs in DSSE (#2063)
  • c0668d1 build(deps): Bump google/cloud-sdk from 469.0.0 to 470.0.0
  • 6e94a72 build(deps): Bump google.golang.org/api from 0.171.0 to 0.172.0
  • 55bd48a build(deps): Bump the all group with 7 updates
  • 52e87d5 build(deps): Bump google.golang.org/api from 0.170.0 to 0.171.0
  • a613ad3 build(deps): Bump golang.org/x/mod from 0.15.0 to 0.16.0
  • e767e92 build(deps): Bump go.step.sm/crypto from 0.43.1 to 0.44.1
  • 1571edc build(deps): Bump gocloud.dev from 0.36.0 to 0.37.0
  • 64546c8 build(deps): Bump cloud.google.com/go/pubsub from 1.36.2 to 1.37.0
  • 3ba13dd build(deps): Bump google/cloud-sdk from 468.0.0 to 469.0.0 (#2061)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)