Skip to content

⬆️ deps(gomod): update module github.com/sigstore/sigstore-go to v1.2.1#223

Open
Open-Source-Bot wants to merge 1 commit into
mainfrom
renovate/github.com-sigstore-sigstore-go-1.x
Open

⬆️ deps(gomod): update module github.com/sigstore/sigstore-go to v1.2.1#223
Open-Source-Bot wants to merge 1 commit into
mainfrom
renovate/github.com-sigstore-sigstore-go-1.x

Conversation

@Open-Source-Bot

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
github.com/sigstore/sigstore-go v1.1.4v1.2.1 age confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

sigstore/sigstore-go (github.com/sigstore/sigstore-go)

v1.2.1

Compare Source

What's Changed

v1.2.1 resolves GHSA-wqqc-jjcq-vfxm.

  • Check signature time against public key validity window in #​642

Full Changelog: sigstore/sigstore-go@v1.2.0...v1.2.1

v1.2.0

Compare Source

What's Changed

New Contributors

Full Changelog: sigstore/sigstore-go@v1.1.4...v1.2.0


Configuration

📅 Schedule: (in timezone Europe/Paris)

  • Branch creation
    • At 10:00 PM through 11:59 PM and 12:00 AM through 06:59 AM (* 22-23,0-6 * * *)
    • Only on Sunday and Saturday (* * * * 0,6)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@Open-Source-Bot Open-Source-Bot requested a review from a team June 17, 2026 21:26
@Open-Source-Bot Open-Source-Bot added the dependencies Dependency update label Jun 17, 2026
@Open-Source-Bot

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 63 additional dependencies were updated

Details:

Package Change
github.com/aws/aws-sdk-go-v2 v1.39.6 -> v1.41.7
github.com/aws/aws-sdk-go-v2/config v1.31.20 -> v1.32.17
github.com/aws/aws-sdk-go-v2/service/s3 v1.72.3 -> v1.101.0
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.7 -> v1.7.10
github.com/aws/aws-sdk-go-v2/credentials v1.18.24 -> v1.19.16
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 -> v1.18.23
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 -> v1.4.23
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 -> v2.7.23
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.27 -> v1.4.24
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 -> v1.13.9
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.8 -> v1.9.15
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 -> v1.13.23
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.8 -> v1.19.23
github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 -> v1.30.17
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 -> v1.35.21
github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 -> v1.42.1
github.com/go-openapi/analysis v0.24.1 -> v0.25.2
github.com/go-openapi/errors v0.22.4 -> v0.22.7
github.com/go-openapi/jsonpointer v0.22.1 -> v0.23.1
github.com/go-openapi/jsonreference v0.21.3 -> v0.21.6
github.com/go-openapi/loads v0.23.2 -> v0.23.3
github.com/go-openapi/runtime v0.29.2 -> v0.32.3
github.com/go-openapi/spec v0.22.1 -> v0.22.5
github.com/go-openapi/strfmt v0.25.0 -> v0.26.3
github.com/go-openapi/swag v0.25.4 -> v0.26.0
github.com/go-openapi/swag/cmdutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/conv v0.25.4 -> v0.26.0
github.com/go-openapi/swag/fileutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/jsonname v0.25.4 -> v0.26.0
github.com/go-openapi/swag/jsonutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/loading v0.25.4 -> v0.26.0
github.com/go-openapi/swag/mangling v0.25.4 -> v0.26.0
github.com/go-openapi/swag/netutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/stringutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/typeutils v0.25.4 -> v0.26.0
github.com/go-openapi/swag/yamlutils v0.25.4 -> v0.26.0
github.com/go-openapi/validate v0.25.1 -> v0.25.3
github.com/go-viper/mapstructure/v2 v2.4.0 -> v2.5.0
github.com/google/certificate-transparency-go v1.3.2 -> v1.3.3
github.com/google/go-containerregistry v0.20.7 -> v0.21.6
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 -> v2.29.0
github.com/in-toto/attestation v1.1.2 -> v1.2.0
github.com/in-toto/in-toto-golang v0.9.0 -> v0.11.0
github.com/secure-systems-lab/go-securesystemslib v0.9.1 -> v0.11.0
github.com/sigstore/protobuf-specs v0.5.0 -> v0.5.1
github.com/sigstore/rekor v1.4.3 -> v1.5.2
github.com/sigstore/rekor-tiles/v2 v2.0.1 -> v2.2.2-0.20260601073857-5d098a2b6443
github.com/sigstore/sigstore v1.10.0 -> v1.10.8
github.com/sigstore/timestamp-authority/v2 v2.0.3 -> v2.1.2
github.com/theupdateframework/go-tuf/v2 v2.3.0 -> v2.4.2-0.20260407074541-7e8f69f906ef
github.com/transparency-dev/formats v0.0.0-20251017110053-404c0d5b696c -> v0.1.1
go.opentelemetry.io/otel v1.38.0 -> v1.44.0
go.opentelemetry.io/otel/metric v1.38.0 -> v1.44.0
go.opentelemetry.io/otel/trace v1.38.0 -> v1.44.0
golang.org/x/crypto v0.51.0 -> v0.52.0
golang.org/x/net v0.54.0 -> v0.55.0
golang.org/x/oauth2 v0.33.0 -> v0.36.0
golang.org/x/sys v0.44.0 -> v0.45.0
golang.org/x/time v0.14.0 -> v0.15.0
google.golang.org/genproto/googleapis/api v0.0.0-20250929231259-57b25ae835d4 -> v0.0.0-20260526163538-3dc84a4a5aaa
google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 -> v0.0.0-20260523011958-0a33c5d7ca68
google.golang.org/grpc v1.76.0 -> v1.81.1
google.golang.org/protobuf v1.36.10 -> v1.36.11

@github-actions

Copy link
Copy Markdown

No diff in reference doc 😀

@github-actions

Copy link
Copy Markdown

Binary size: 81.7MB => 82.4MB (change +752KB, +0.8%) 😭

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency update

Development

Successfully merging this pull request may close these issues.

1 participant