Fork of mercari/tfnotify. tfcmt enhances tfnotify in many ways, including Terraform >= v0.15 support and advanced formatting options
404
stars
45
forks
source link
chore(deps): update dependency sigstore/cosign to v2.3.0 #1347
Closed
renovate[bot] closed 1 month ago
This PR contains the following updates:
v2.2.4->v2.3.0Release Notes
sigstore/cosign (sigstore/cosign)
### [`v2.3.0`](https://togithub.com/sigstore/cosign/blob/HEAD/CHANGELOG.md#v230) [Compare Source](https://togithub.com/sigstore/cosign/compare/v2.2.4...v2.3.0) #### Features - Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface ([#3693](https://togithub.com/sigstore/cosign/issues/3693)) - add registry options to cosign save ([#3645](https://togithub.com/sigstore/cosign/issues/3645)) - Add debug providers command. ([#3728](https://togithub.com/sigstore/cosign/issues/3728)) - Make config layers in ociremote mountable ([#3741](https://togithub.com/sigstore/cosign/issues/3741)) - upgrade to go1.22 ([#3739](https://togithub.com/sigstore/cosign/issues/3739)) - adds tsa cert chain check for env var or tuf targets. ([#3600](https://togithub.com/sigstore/cosign/issues/3600)) - add --ca-roots and --ca-intermediates flags to 'cosign verify' ([#3464](https://togithub.com/sigstore/cosign/issues/3464)) - add handling of keyless verification for all verify commands ([#3761](https://togithub.com/sigstore/cosign/issues/3761)) #### Bug Fixes - fix: close attestationFile ([#3679](https://togithub.com/sigstore/cosign/issues/3679)) - Set `bundleVerified` to true after Rekor verification (Resolves [#3740](https://togithub.com/sigstore/cosign/issues/3740)) ([#3745](https://togithub.com/sigstore/cosign/issues/3745)) #### Documentation - Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign ([#3776](https://togithub.com/sigstore/cosign/issues/3776)) #### Testing - Refactor KMS E2E tests ([#3684](https://togithub.com/sigstore/cosign/issues/3684)) - Remove sign_blob_test.sh test ([#3707](https://togithub.com/sigstore/cosign/issues/3707)) - Remove KMS E2E test script ([#3702](https://togithub.com/sigstore/cosign/issues/3702)) - Refactor insecure registry E2E tests ([#3701](https://togithub.com/sigstore/cosign/issues/3701)) #### Contributors - Billy Lynch - bminahan73 - Bob Callaway - Carlos Tadeu Panato Junior - Cody Soyland - Colleen Murphy - Dmitry Savintsev - guangwu - Hayden B - Hector Fernandez - ian hundere - Jason Power - Jon Johnson - Max Lambrecht - Meeki1lConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.