Skip to content

chore(deps): bump github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0#267

Merged
matthiasbruns merged 1 commit into
mainfrom
dependabot/go_modules/github.com/sigstore/sigstore-go-1.2.0
Jul 13, 2026
Merged

chore(deps): bump github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0#267
matthiasbruns merged 1 commit into
mainfrom
dependabot/go_modules/github.com/sigstore/sigstore-go-1.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0.

Release notes

Sourced from github.com/sigstore/sigstore-go's releases.

v1.2.0

What's Changed

New Contributors

... (truncated)

Commits
  • 8ca80c4 Fix conformance test failures for managed-key verification (#561) (#638)
  • 40d743a Bump the minor-patch group across 2 directories with 10 updates (#637)
  • 7960906 Bump golangci/golangci-lint-action from 9.2.0 to 9.2.1 (#631)
  • ef6e924 Encode Rekor v2 DSSE envelopes as hashedrekord (#627)
  • 56c2528 Verify Rekor v2 inclusion using reconstructed leaf hash (#635)
  • dbb07e6 Prevent multi-log threshold bypasses via single compromised log (#633)
  • 7e8ee0f bundle: cap raw TlogEntries length before per-entry parse (#630)
  • 58c7950 Bump github.com/in-toto/in-toto-golang from 0.10.0 to 0.11.0 (#624)
  • 1ad51ea Bump github.com/in-toto/in-toto-golang (#623)
  • 566ec6c Bump sigstore/sigstore-conformance from 0.0.26 to 0.0.27 (#621)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Jul 10, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner July 10, 2026 21:12
@dependabot dependabot Bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Jul 10, 2026
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/github.com/sigstore/sigstore-go-1.2.0 branch from d1108fa to ea8d239 Compare July 13, 2026 05:19
Bumps [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/sigstore/sigstore-go/releases)
- [Commits](sigstore/sigstore-go@v1.1.4...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore-go
  dependency-version: 1.2.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/github.com/sigstore/sigstore-go-1.2.0 branch from ea8d239 to d63d097 Compare July 13, 2026 05:23
@matthiasbruns
matthiasbruns merged commit eac8ce5 into main Jul 13, 2026
5 checks passed
@dependabot
dependabot Bot deleted the dependabot/go_modules/github.com/sigstore/sigstore-go-1.2.0 branch July 13, 2026 05:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

kind/chore chore, maintenance, etc. kind/dependency dependency update, etc.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant