Bump github.com/pivotal/kpack from 0.10.1 to 0.13.1

[dependabot[bot]]

Bumps github.com/pivotal/kpack from 0.10.1 to 0.13.1.

Release notes

Sourced from github.com/pivotal/kpack's releases.

kpack v0.13.1

This is the first release in the v0.13 minor, v0.13.0 is tagged but unreleased due to a problem in the release pipeline.

What's Changed

• A few updates to the getting started docs by @​natalieparellano in buildpacks-community/kpack#1330
• chore: remove refs to deprecated io/ioutil by @​testwill in buildpacks-community/kpack#1331
• Add support for signing Builders and ClusterBuilders by @​stormqueen1990 in buildpacks-community/kpack#1208
• Add support for cloning git submodules by @​tomkennedy513 in buildpacks-community/kpack#1355
• Improve submodule support by @​tomkennedy513 in buildpacks-community/kpack#1361
• Bump lifecycle to 0.17.2 by @​tomkennedy513 in buildpacks-community/kpack#1375
• Move config options into dedicated struct by @​chenbh in buildpacks-community/kpack#1379
• Replace github.com/ghodss/yaml with sigs.k8s.io/yaml by @​Juneezee in buildpacks-community/kpack#1432
• Added timestamp boolean for TailBuildName to be used in kpcli by @​pviraj59 in buildpacks-community/kpack#1458
• Added timestamp to ImageLogTailer by @​pviraj59 in buildpacks-community/kpack#1461
• Bumps the lifecycle version for the lifecycleImage by @​natalieparellano in buildpacks-community/kpack#1484
• Add in the initial configuration to add the image labels by @​alexbarbato in buildpacks-community/kpack#1448
• SLSA attestations for the Build resource (aka app image attestations) by @​chenbh in buildpacks-community/kpack#1449

Bug Fixes

• Fix typo in unit tests by @​tomkennedy513 in buildpacks-community/kpack#1341
• Fix cloning with Azure DevOps Git by @​tomkennedy513 in buildpacks-community/kpack#1337
• Add Builder UpToDate Condition by @​tomkennedy513 in buildpacks-community/kpack#1370
• Fix a minor typo ClusterBuilderpack... by @​usiegj00 in buildpacks-community/kpack#1469

Bumped Dependencies

• Bump github.com/buildpacks/lifecycle from 0.17.0 to 0.17.1 by @​dependabot in buildpacks-community/kpack#1329
• Bump go.uber.org/zap from 1.25.0 to 1.26.0 by @​dependabot in buildpacks-community/kpack#1327
• Bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 by @​dependabot in buildpacks-community/kpack#1325
• Bump carvel-dev/setup-action from 1 to 2 by @​dependabot in buildpacks-community/kpack#1335
• Bump golang.org/x/sync from 0.3.0 to 0.4.0 by @​dependabot in buildpacks-community/kpack#1348
• Bump golang.org/x/net from 0.15.0 to 0.16.0 by @​dependabot in buildpacks-community/kpack#1346
• Bump golang.org/x/net from 0.16.0 to 0.17.0 by @​dependabot in buildpacks-community/kpack#1352
• Bump github.com/buildpacks/lifecycle from 0.17.1 to 0.17.2 by @​dependabot in buildpacks-community/kpack#1360
• Bump github.com/docker/docker from 24.0.5+incompatible to 24.0.7+incompatible by @​dependabot in buildpacks-community/kpack#1364
• Bump google.golang.org/grpc from 1.57.0 to 1.57.1 by @​dependabot in buildpacks-community/kpack#1362
• Bump github.com/sigstore/cosign/v2 from 2.2.0 to 2.2.1 by @​dependabot in buildpacks-community/kpack#1369
• Run go mod tidy by @​tomkennedy513 in buildpacks-community/kpack#1371
• Bump golang.org/x/net from 0.17.0 to 0.18.0 by @​dependabot in buildpacks-community/kpack#1373
• Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @​dependabot in buildpacks-community/kpack#1382
• Bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 by @​dependabot in buildpacks-community/kpack#1363
• Bump golang.org/x/net from 0.18.0 to 0.19.0 by @​dependabot in buildpacks-community/kpack#1430
• Bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 by @​dependabot in buildpacks-community/kpack#1428
• Bump actions/setup-go from 4 to 5 by @​dependabot in buildpacks-community/kpack#1443
• Bump github.com/sigstore/cosign/v2 from 2.2.1 to 2.2.2 by @​dependabot in buildpacks-community/kpack#1445
• Bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 by @​dependabot in buildpacks-community/kpack#1444
• Bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @​dependabot in buildpacks-community/kpack#1459
• Bump actions/download-artifact from 3 to 4 by @​dependabot in buildpacks-community/kpack#1453
• Bump actions/upload-artifact from 3 to 4 by @​dependabot in buildpacks-community/kpack#1452
• Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 by @​dependabot in buildpacks-community/kpack#1472
• Bump golang.org/x/crypto from 0.17.0 to 0.18.0 by @​dependabot in buildpacks-community/kpack#1478

... (truncated)

Commits

• 843bfcd Merge pull request #1504 from buildpacks-community/fix-download-artifiacts
• be90c23 missed this in 2573f1
• 3cbb4ce Merge pull request #1502 from buildpacks-community/merge-main
• ae9fb34 Merge pull request #1499 from buildpacks-community/e2e-istio-slsa
• c32283a skip slsa e2e tests by default
• 82b764b Merge pull request #1498 from buildpacks-community/fix-slsa-e2e
• e6389ba Merge pull request #1482 from eirini-forks/bump-k8s-dependencies
• 6e2191d make source verification smarter
• 3344d70 Merge pull request #1449 from buildpacks-community/implement-slsa
• 2046f40 enable slsa attestations in gha e2e
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #105.