Skip to content

build(deps): bump sigstore from 4.1.0 to 4.1.1#908

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/sigstore-4.1.1
Closed

build(deps): bump sigstore from 4.1.0 to 4.1.1#908
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/sigstore-4.1.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps sigstore from 4.1.0 to 4.1.1.

Release notes

Sourced from sigstore's releases.

sigstore@4.1.1

Patch Changes

  • 7845532: Verification of OID certificate extensions
  • f074710: Require inclusion promise in Rekor entry when used as timestamp source
  • Updated dependencies [b5aa4f1]
  • Updated dependencies [7845532]
  • Updated dependencies [f074710]
    • @​sigstore/core@​3.2.1
    • @​sigstore/verify@​3.1.1
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 2, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 2, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/sigstore-4.1.1 branch from 4c50ff7 to e6d0d64 Compare July 3, 2026 21:03
@dependabot dependabot Bot changed the title chore(deps): bump sigstore from 4.1.0 to 4.1.1 build(deps): bump sigstore from 4.1.0 to 4.1.1 Jul 3, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/sigstore-4.1.1 branch 2 times, most recently from 4130c50 to 20bccb8 Compare July 3, 2026 21:46
Bumps [sigstore](https://github.com/sigstore/sigstore-js) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@4.1.0...sigstore@4.1.1)

---
updated-dependencies:
- dependency-name: sigstore
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/sigstore-4.1.1 branch from 20bccb8 to e91beda Compare July 3, 2026 21:55
@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Looks like sigstore is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 3, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/sigstore-4.1.1 branch July 3, 2026 22:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants