search

theupdateframework / tuf-on-ci

A TUF repository and signing tool
Other
20 stars 11 forks source link

build(deps): bump sigstore-protobuf-specs from 0.3.1 to 0.3.2 in /repo #317

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps sigstore-protobuf-specs from 0.3.1 to 0.3.2.

Changelog

Sourced from sigstore-protobuf-specs's changelog.

Changelog

All notable changes to protobuf-specs will be documented in this file.

The format is based on Keep a Changelog.

All versions prior to 0.2.0 are untracked.

[Unreleased]

Added

  • Added TransparencyLogInstance.checkpoint_key_id as an optional key identifier for logs that generate checkpoints (#284)

Changed

  • Docs: Clarified DSSE envelope signature cardinality (#318)
  • Docs: Clarifier behavior of key identifiers (#284)
Commits
  • 38622d0 gen: bump JS patch version (#321)
  • fcbe715 gen: bump patch versions (#319)
  • b5b97ec Clairified that a DSSE envelope in a sigstore bundle MUST have exactly one si...
  • 0a028ad build(deps): bump softprops/action-gh-release from 2.0.4 to 2.0.5 (#317)
  • 82de901 build(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#315)
  • 1078af1 build(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 (#316)
  • 2bfc122 build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#310)
  • 133fc6c build(deps): bump ruby/setup-ruby from 1.175.0 to 1.175.1 (#309)
  • dfae94f build(deps): bump gradle/wrapper-validation-action from 3.3.1 to 3.3.2 (#308)
  • b195a55 build(deps): bump gradle/actions from 3.3.1 to 3.3.2 (#307)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 3 months ago

Superseded by #318.