Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
Other
123
stars
55
forks
source link
chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.8 to 1.8.9 #1611
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.8 to 1.8.9.
Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.
Commits
4c750b7oauthflow: Add SubjectFromUnverifiedToken (#1826)b27128fbuild(deps): Bump the all group in /test/e2e with 2 updates (#1824)65aaa14build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)21ad778build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)ebbebbfbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)615304fbuild(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)6fb1d8bbuild(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)075e85cbuild(deps): Bump actions/upload-artifact in the all group (#1825)0ca1da6build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)26aae9dbuild(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show