The v1.1.0 minor release generalizes the semantics of the DigestSet field type to support any type of immutable identifier. This change is backwards compatible because cryptographic digests are strongly recommended to achieve immutability, so any implementations that only support cryptographic DigestSet still meet the modified semantics. The _type of a Statement is still https://in-toto.io/Statement/v1
build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755
build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762
build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755
build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762
build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1755
build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @dependabot in sigstore/sigstore#1766
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @dependabot in sigstore/sigstore#1762
build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @dependabot in sigstore/sigstore#1740
This pull-request has been approved by:
To complete the pull request process, please assign lcarva after the PR has been reviewed.
You can assign the PR to them by writing /assign @lcarva in a comment when ready.
The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
- **[OWNERS](https://github.com/tektoncd/chains/blob/main/OWNERS)**
Approvers can indicate their approval by writing `/approve` in a comment
Approvers can cancel approval by writing `/approve cancel` in a comment
I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
Once the patch is verified, the new status will be reflected by the ok-to-test label.
Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
Bumps the all group with 12 updates in the / directory:
0.3.0
0.4.0
1.40.0
1.42.0
1.57.2
1.59.1
0.19.1
0.19.2
1.0.1
1.1.0
1.8.3
1.8.6
1.8.3
1.8.6
1.8.3
1.8.6
1.8.3
1.8.6
1.8.3
1.8.6
2.2.0
2.3.0
0.58.0
0.61.0
Updates
cloud.google.com/go/compute/metadata
from 0.3.0 to 0.4.0Release notes
Sourced from cloud.google.com/go/compute/metadata's releases.
Changelog
Sourced from cloud.google.com/go/compute/metadata's changelog.
... (truncated)
Commits
8c2dc61
logging: check for exact # of logs in tests4791784
logadmin: use generated iterators384ca55
storage: use pointer receiver for ObjectAttrsbd8a5e8
datastore: add new key functions09d95d9
bigtable/bttest: add emulator support for DeleteCellsInFamily7ee19e7
bigquery: restore semantics of ForceZeroQuotef7f94a2
bigquery: clean up implementation of LoadSourcef9c9ec4
storage: always send destination in compose request67f57c5
storage: readObject method for tests28994ff
bigtable: Use connection pool by default for data client.Updates
cloud.google.com/go/storage
from 1.40.0 to 1.42.0Commits
22e90d9
chore(main): release spanner 1.42.0 (#7130)2552e09
fix(spanner): fallback to check grpc error message if ResourceType is nil for...6bb95ef
feat(spanner): add database roles (#5701)f2b1f1b
chore(bigquery/storage/managedwriter): internal refactor (flow controller, id...bcc9fcd
test(bigtable): expand integration tests for read stats (#7143)ab332ce
fix(internal/gapicgen): disable rest for non-rest APIs (#7157)dc89409
chore(main): release pubsublite 1.6.0 (#7129)5fa8555
feat(pubsublite): create/update export subscriptions (#6885)176f533
feat(pubsublite): unload idle partition publishers (#7105)28f3572
feat(all): enable REGAPIC and REST numeric enums (#6999)Updates
github.com/golangci/golangci-lint
from 1.57.2 to 1.59.1Release notes
Sourced from github.com/golangci/golangci-lint's releases.
... (truncated)
Changelog
Sourced from github.com/golangci/golangci-lint's changelog.
... (truncated)
Commits
1a55854
build(deps): bump github.com/golangci/misspell from 0.5.1 to 0.6.0 (#4804)aaff918
build(deps): bump github.com/sashamelentyev/usestdlibvars from 1.25.0 to 1.26...327a78a
build(deps): bump golang.org/x/tools from 0.21.0 to 0.22.0 (#4802)02740ea
intrange: add style preset (#4797)4e53f51
docs: update revive configuration (#4790)839b9d7
chore: improve issue templatesa7817a1
chore: improve issue templatesd3a0412
dev: improve issue templates44b3cdd
build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0-alpha.1 to 2...615b873
unparam: bump to HEAD (#4786)Updates
github.com/google/go-containerregistry
from 0.19.1 to 0.19.2Release notes
Sourced from github.com/google/go-containerregistry's releases.
Commits
1b4e407
Add -O shorthand for --omit-digest-tags to crane. (#1958)3764db2
Fix windows race condition when writing image with duplicate layers (#1921)39d1148
Add Context support to auth methods (#1949)ff385a9
feat: mutate platform (#1919)98dd3e9
Support podman auth file REGISTRY_AUTH_FILE. (#1914)051d642
registry: Implement Range requests for blobs (#1917)0309184
Add JSON marshalling funcs for Digest. (#1915)Updates
github.com/in-toto/attestation
from 1.0.1 to 1.1.0Release notes
Sourced from github.com/in-toto/attestation's releases.
Commits
36c1129
Merge pull request #359 from marcelamelara/update-versioninga62b90a
Make linter happy4adf92e
Add examples of different tagged release scenariosc1af60d
Add tagged release process to specb382eb5
Update link in README to 1.1 (#357)bbbfea7
Merge pull request #358 from in-toto/actions-regenerate-attestation-libraries241d47f
Regenerate attestation librariesd6e910a
Merge pull request #356 from in-toto/dependabot/go_modules/google.golang.org/...a8fc604
Bump google.golang.org/protobuf from 1.34.0 to 1.34.106eafe3
Clarify that digests don't have to be cryptographic ones. (#338)Updates
github.com/sigstore/sigstore
from 1.8.3 to 1.8.6Release notes
Sourced from github.com/sigstore/sigstore's releases.
... (truncated)
Commits
5d4e11e
Bump goodkey, fix breakage (#1761)63cab17
sync go mod115c2b2
build(deps): Bump the all group across 1 directory with 6 updates8503e22
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity39973a8
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates58a8301
build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates71ace11
build(deps): Bump github.com/hashicorp/go-retryablehttpb777e4b
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity5ea648c
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updatesa3666d9
build(deps): Bump the all group in /test/e2e with 2 updatesUpdates
github.com/sigstore/sigstore/pkg/signature/kms/aws
from 1.8.3 to 1.8.6Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.
... (truncated)
Commits
5d4e11e
Bump goodkey, fix breakage (#1761)63cab17
sync go mod115c2b2
build(deps): Bump the all group across 1 directory with 6 updates8503e22
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity39973a8
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates58a8301
build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates71ace11
build(deps): Bump github.com/hashicorp/go-retryablehttpb777e4b
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity5ea648c
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updatesa3666d9
build(deps): Bump the all group in /test/e2e with 2 updatesUpdates
github.com/sigstore/sigstore/pkg/signature/kms/azure
from 1.8.3 to 1.8.6Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.
... (truncated)
Commits
5d4e11e
Bump goodkey, fix breakage (#1761)63cab17
sync go mod115c2b2
build(deps): Bump the all group across 1 directory with 6 updates8503e22
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity39973a8
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates58a8301
build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates71ace11
build(deps): Bump github.com/hashicorp/go-retryablehttpb777e4b
build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity5ea648c
build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updatesa3666d9
build(deps): Bump the all group in /test/e2e with 2 updatesUpdates
github.com/sigstore/sigstore/pkg/signature/kms/gcp
from 1.8.3 to 1.8.6Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.
Hi @dependabot[bot]. Thanks for your PR.
I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with
/ok-to-test
on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.Once the patch is verified, the new status will be reflected by the
ok-to-test
label.I understand the commands that are listed here.
Superseded by #1152.