Update to upstream - v2.4.1 #285

JasonPowr · 2024-11-28T15:35:17Z

No description provided.

* fix 'go vet -tags e2e ./...' Signed-off-by: Dmitry S <[email protected]> * fix typo in 'concatenating' Signed-off-by: Dmitry S <[email protected]> --------- Signed-off-by: Dmitry S <[email protected]>

…igstore#3556) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.97.0 to 0.98.0. - [Changelog](https://github.com/xanzy/go-gitlab/blob/main/releases_test.go) - [Commits](xanzy/go-gitlab@v0.97.0...v0.98.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tore#3557) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.165.0 to 0.167.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.165.0...v0.167.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Dmitry S <[email protected]>

Signed-off-by: michaelvl <[email protected]>

…70b1e388c4b29476f495f1 to f6959cf94216d4be0182d7c78b39f14d0c8bb198 (sigstore#3554) * chore(deps): bump imranismail/setup-kustomize Bumps [imranismail/setup-kustomize](https://github.com/imranismail/setup-kustomize) from a76db1c6419124d51470b1e388c4b29476f495f1 to f6959cf94216d4be0182d7c78b39f14d0c8bb198. - [Release notes](https://github.com/imranismail/setup-kustomize/releases) - [Commits](imranismail/setup-kustomize@a76db1c...f6959cf) --- updated-dependencies: - dependency-name: imranismail/setup-kustomize dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update kind-e2e-insecure-registry.yaml Signed-off-by: Carlos Tadeu Panato Junior <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Carlos Tadeu Panato Junior <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Tadeu Panato Junior <[email protected]>

Bumps the actions group with 3 updates: [google-github-actions/auth](https://github.com/google-github-actions/auth), [mikefarah/yq](https://github.com/mikefarah/yq) and [codecov/codecov-action](https://github.com/codecov/codecov-action). Updates `google-github-actions/auth` from 2.1.1 to 2.1.2 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@a6e2e39...55bd3a7) Updates `mikefarah/yq` from 4.41.1 to 4.42.1 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@0476945...9adde1a) Updates `codecov/codecov-action` from 4.0.1 to 4.1.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e0b68c6...54bcd87) --- updated-dependencies: - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update cosign and builder image Signed-off-by: cpanato <[email protected]> * update golangci-lint to v1.56 Signed-off-by: cpanato <[email protected]> * update go.mod in fakeoidc Signed-off-by: cpanato <[email protected]> * fix lints Signed-off-by: cpanato <[email protected]> --------- Signed-off-by: cpanato <[email protected]>

Bumps the actions group with 1 update: [actions/cache](https://github.com/actions/cache). Updates `actions/cache` from 4.0.0 to 4.0.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@13aacd8...ab5e6d0) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…2.0 (sigstore#3575) Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.61.0 to 0.62.0. - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](open-policy-agent/opa@v0.61.0...v0.62.0) --- updated-dependencies: - dependency-name: github.com/open-policy-agent/opa dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the gomod group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) | `0.27.1` | `0.27.2` | | [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) | `0.22.0` | `0.22.2` | | [github.com/go-openapi/swag](https://github.com/go-openapi/swag) | `0.22.9` | `0.22.10` | | [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) | `1.4.3` | `1.4.4` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.4` | `1.9.0` | Updates `github.com/go-openapi/runtime` from 0.27.1 to 0.27.2 - [Release notes](https://github.com/go-openapi/runtime/releases) - [Commits](go-openapi/runtime@v0.27.1...v0.27.2) Updates `github.com/go-openapi/strfmt` from 0.22.0 to 0.22.2 - [Commits](go-openapi/strfmt@v0.22.0...v0.22.2) Updates `github.com/go-openapi/swag` from 0.22.9 to 0.22.10 - [Commits](go-openapi/swag@v0.22.9...v0.22.10) Updates `github.com/sigstore/fulcio` from 1.4.3 to 1.4.4 - [Release notes](https://github.com/sigstore/fulcio/releases) - [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md) - [Commits](sigstore/fulcio@v1.4.3...v1.4.4) Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/go-openapi/runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/go-openapi/strfmt dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/go-openapi/swag dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/sigstore/fulcio dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Bob Callaway <[email protected]>

* Honor creation timestamp for signatures again Signed-off-by: ttrabelsi <[email protected]> * setting creation timestamp behind a feature flag to preserve current behavior Signed-off-by: Tobias Trabelsi <[email protected]> * review feedback Signed-off-by: Tobias Trabelsi <[email protected]> * additional review feedback Signed-off-by: Tobias Trabelsi <[email protected]> --------- Signed-off-by: ttrabelsi <[email protected]> Signed-off-by: Tobias Trabelsi <[email protected]>

…igstore#3582) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.2...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…gstore#3581) Bumps gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3. --- updated-dependencies: - dependency-name: gopkg.in/go-jose/go-jose.v2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Remove deprecated markdown files with only links to docs.sigstore.dev, clean up outdated data in README, remove FEATURES which is outdated Signed-off-by: Hayden B <[email protected]>

…igstore#3590)

Encourage development on sigstore-go, which is the focus currently. Signed-off-by: Hayden B <[email protected]>

…sigstore#3595) Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.27.2 to 0.28.0. - [Release notes](https://github.com/go-openapi/runtime/releases) - [Commits](go-openapi/runtime@v0.27.2...v0.28.0) --- updated-dependencies: - dependency-name: github.com/go-openapi/runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#3591) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0. - [Commits](golang/oauth2@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tore#3594) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.167.0 to 0.169.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.167.0...v0.169.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…Flow Explicitly (sigstore#3578) * add fulcio oauth flow client credentials Signed-off-by: Noah Kreiger <[email protected]> * fix docgen Signed-off-by: Noah Kreiger <[email protected]> * add options Signed-off-by: Noah Kreiger <[email protected]> --------- Signed-off-by: Noah Kreiger <[email protected]>

The demo script for working with blobs was inaccurate in its current representation. I updated the commands such that they can be easily copied and pasted to get the shown output. Signed-off-by: arewm <[email protected]>

Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps cuelang.org/go from 0.7.1 to 0.8.0. --- updated-dependencies: - dependency-name: cuelang.org/go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tore#3605) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.169.0 to 0.170.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.169.0...v0.170.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…store#3839) Bumps [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) from 1.5.1 to 1.6.2. - [Release notes](https://github.com/sigstore/fulcio/releases) - [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md) - [Commits](sigstore/fulcio@v1.5.1...v1.6.2) --- updated-dependencies: - dependency-name: github.com/sigstore/fulcio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Adam Korczynski <[email protected]>

…tore#3848) Bumps the gomod group with 1 update: [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio). Updates `github.com/sigstore/fulcio` from 1.6.2 to 1.6.3 - [Release notes](https://github.com/sigstore/fulcio/releases) - [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md) - [Commits](sigstore/fulcio@v1.6.2...v1.6.3) --- updated-dependencies: - dependency-name: github.com/sigstore/fulcio dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ore#3856) Bumps the actions group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/upload-artifact` from 4.3.6 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...5076954) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the gomod group with 1 update: [go.step.sm/crypto](https://github.com/smallstep/crypto). Updates `go.step.sm/crypto` from 0.51.1 to 0.51.2 - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](smallstep/crypto@v0.51.1...v0.51.2) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…sigstore#3858) Bumps [github.com/buildkite/agent/v3](https://github.com/buildkite/agent) from 3.78.0 to 3.79.0. - [Release notes](https://github.com/buildkite/agent/releases) - [Changelog](https://github.com/buildkite/agent/blob/main/CHANGELOG.md) - [Commits](buildkite/agent@v3.78.0...v3.79.0) --- updated-dependencies: - dependency-name: github.com/buildkite/agent/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…igstore#3859) Bumps [github.com/mozillazg/docker-credential-acr-helper](https://github.com/mozillazg/docker-credential-acr-helper) from 0.3.0 to 0.4.0. - [Release notes](https://github.com/mozillazg/docker-credential-acr-helper/releases) - [Changelog](https://github.com/mozillazg/docker-credential-acr-helper/blob/master/.goreleaser.yml) - [Commits](mozillazg/docker-credential-acr-helper@v0.3.0...v0.4.0) --- updated-dependencies: - dependency-name: github.com/mozillazg/docker-credential-acr-helper dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tore#3860) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.194.0 to 0.195.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.194.0...v0.195.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…8.0 (sigstore#3861) Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.67.1 to 0.68.0. - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](open-policy-agent/opa@v0.67.1...v0.68.0) --- updated-dependencies: - dependency-name: github.com/open-policy-agent/opa dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: cpanato <[email protected]>

…sigstore#3863) Bumps [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) from 0.6.0 to 0.6.1. - [Release notes](https://github.com/sigstore/sigstore-go/releases) - [Commits](sigstore/sigstore-go@v0.6.0...v0.6.1) --- updated-dependencies: - dependency-name: github.com/sigstore/sigstore-go dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update to use go1.22.7 Signed-off-by: cpanato <[email protected]> * update golangci-lint to v1.60 Signed-off-by: cpanato <[email protected]> * fix lints Signed-off-by: cpanato <[email protected]> * update chainguard-dev/actions/kind-diag Signed-off-by: cpanato <[email protected]> --------- Signed-off-by: cpanato <[email protected]>

…sigstore#3874) Bumps [github.com/buildkite/agent/v3](https://github.com/buildkite/agent) from 3.79.0 to 3.81.0. - [Release notes](https://github.com/buildkite/agent/releases) - [Changelog](https://github.com/buildkite/agent/blob/main/CHANGELOG.md) - [Commits](buildkite/agent@v3.79.0...v3.81.0) --- updated-dependencies: - dependency-name: github.com/buildkite/agent/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…igstore#3867) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.108.0 to 0.109.0. - [Release notes](https://github.com/xanzy/go-gitlab/releases) - [Changelog](https://github.com/xanzy/go-gitlab/blob/main/releases_test.go) - [Commits](xanzy/go-gitlab@v0.108.0...v0.109.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: sota1235 <[email protected]>

…les (sigstore#3877) * Fix bug in sigstore#3752 When adding bundles support to `attest-blob`, we sent the wrong data to the timestamp authority to sign. Signed-off-by: Zach Steindler <[email protected]> * Only change timestamp authority signature behavior for new bundles Also add TODO when we get to updating `cosign attest` Signed-off-by: Zach Steindler <[email protected]> * Add happy path e2e test Signed-off-by: Zach Steindler <[email protected]> --------- Signed-off-by: Zach Steindler <[email protected]>

Signed-off-by: Hemil K <[email protected]>

) Bumps [github.com/theupdateframework/go-tuf/v2](https://github.com/theupdateframework/go-tuf) from 2.0.0 to 2.0.1. - [Release notes](https://github.com/theupdateframework/go-tuf/releases) - [Changelog](https://github.com/theupdateframework/go-tuf/blob/master/.goreleaser.yaml) - [Commits](theupdateframework/go-tuf@v2.0.0...v2.0.1) --- updated-dependencies: - dependency-name: github.com/theupdateframework/go-tuf/v2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...d632683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Bob Callaway <[email protected]>

v2.4.1

openshift-ci · 2024-11-28T15:35:24Z

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: JasonPowr

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

JasonPowr · 2024-11-28T16:15:41Z

EC can be ignored here, another case of snapshot deadlock

dmitris and others added 30 commits February 22, 2024 09:12

fix 'go vet -tags e2e ./...' (sigstore#3550)

d96e379

* fix 'go vet -tags e2e ./...' Signed-off-by: Dmitry S <[email protected]> * fix typo in 'concatenating' Signed-off-by: Dmitry S <[email protected]> --------- Signed-off-by: Dmitry S <[email protected]>

remove unused rootPool var (sigstore#3559)

5923d9b

Signed-off-by: Dmitry S <[email protected]>

Bump sigstore/sigstore to v1.8.2 (sigstore#3561)

86921c7

Correct help text of triangulate cmd (sigstore#3551)

40dd4c3

Signed-off-by: michaelvl <[email protected]>

free up disk space during e2e test runs (sigstore#3579)

fb488d7

Signed-off-by: Bob Callaway <[email protected]>

bump release to use go 1.21.8 (sigstore#3583)

16a3dda

Clean up READMEs (sigstore#3587)

8ba9a5e

Remove deprecated markdown files with only links to docs.sigstore.dev, clean up outdated data in README, remove FEATURES which is outdated Signed-off-by: Hayden B <[email protected]>

chore(deps): bump the actions group with 1 update (sigstore#3588)

0506a69

chore(deps): bump github.com/xanzy/go-gitlab from 0.98.0 to 0.100.0 (s…

cdbb891

…igstore#3590)

chore(deps): bump the gomod group with 4 updates (sigstore#3589)

693db70

Update README for contributions (sigstore#3596)

d8a6af9

Encourage development on sigstore-go, which is the focus currently. Signed-off-by: Hayden B <[email protected]>

Update the script for working with blobs (sigstore#3610)

3065e53

The demo script for working with blobs was inaccurate in its current representation. I updated the commands such that they can be easily copied and pasted to get the shown output. Signed-off-by: arewm <[email protected]>

dependabot bot and others added 27 commits August 19, 2024 20:34

add oss-fuzz build script, seeds and dictionaries (sigstore#3843)

d712844

Signed-off-by: Adam Korczynski <[email protected]>

chore(deps): bump github.com/buildkite/agent/v3 from 3.77.0 to 3.78.0 (…

198b8e4

…sigstore#3850)

chore(deps): bump the actions group across 1 directory with 3 updates (…

84e979d

…sigstore#3853)

chore(deps): bump github.com/xanzy/go-gitlab from 0.107.0 to 0.108.0 (s…

fe71244

…igstore#3851)

chore(deps): bump google.golang.org/api from 0.192.0 to 0.194.0 (sigs…

8defb0e

…tore#3852)

use go1.22.6 to build cosign (sigstore#3862)

081ad98

Signed-off-by: cpanato <[email protected]>

fix: documentation link for installation guide (sigstore#3884)

081dea1

Signed-off-by: sota1235 <[email protected]>

Update README.md (sigstore#3886)

77f71e0

Signed-off-by: Hemil K <[email protected]>

bump scaffolding release to v0.7.11 (sigstore#3887)

677a262

update changelog for v2.4.1 (sigstore#3896)

9a4cfe1

Signed-off-by: Bob Callaway <[email protected]>

Merge tag 'v2.4.1'

8281d89

v2.4.1

update dockerfile base images

7d5eb7a

JasonPowr changed the title ~~Update to upstream~~ Update to upstream - v2.4.1 Nov 28, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update to upstream - v2.4.1 #285

Update to upstream - v2.4.1 #285

JasonPowr commented Nov 28, 2024

openshift-ci bot commented Nov 28, 2024

JasonPowr commented Nov 28, 2024

Update to upstream - v2.4.1 #285

Are you sure you want to change the base?

Update to upstream - v2.4.1 #285

Conversation

JasonPowr commented Nov 28, 2024

openshift-ci bot commented Nov 28, 2024

JasonPowr commented Nov 28, 2024