Bump the all group across 1 directory with 14 updates#1379
Bump the all group across 1 directory with 14 updates#1379dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the all group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.54.0` | `1.55.0` | | [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.20.4` | `0.20.6` | | [github.com/in-toto/attestation](https://github.com/in-toto/attestation) | `1.1.1` | `1.1.2` | | [github.com/in-toto/go-witness](https://github.com/in-toto/go-witness) | `0.8.4` | `0.8.6` | | [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.5.0` | `2.5.1` | | [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.9.4` | `1.9.5` | | [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.9.4` | `1.9.5` | | [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.9.4` | `1.9.5` | | [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.9.4` | `1.9.5` | | [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.9.4` | `1.9.5` | | [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `1.0.0` | `1.1.0` | Updates `cloud.google.com/go/storage` from 1.54.0 to 1.55.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.54.0...spanner/v1.55.0) Updates `github.com/google/go-containerregistry` from 0.20.4 to 0.20.6 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.20.4...v0.20.6) Updates `github.com/in-toto/attestation` from 1.1.1 to 1.1.2 - [Release notes](https://github.com/in-toto/attestation/releases) - [Commits](in-toto/attestation@v1.1.1...v1.1.2) Updates `github.com/in-toto/go-witness` from 0.8.4 to 0.8.6 - [Release notes](https://github.com/in-toto/go-witness/releases) - [Changelog](https://github.com/in-toto/go-witness/blob/main/.goreleaser.yaml) - [Commits](in-toto/go-witness@v0.8.4...v0.8.6) Updates `github.com/sigstore/cosign/v2` from 2.5.0 to 2.5.1 - [Release notes](https://github.com/sigstore/cosign/releases) - [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md) - [Commits](sigstore/cosign@v2.5.0...v2.5.1) Updates `github.com/sigstore/sigstore` from 1.9.4 to 1.9.5 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.9.4...v1.9.5) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.9.4 to 1.9.5 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.9.4...v1.9.5) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.9.4 to 1.9.5 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.9.4...v1.9.5) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.9.4 to 1.9.5 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.9.4...v1.9.5) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.9.4 to 1.9.5 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.9.4...v1.9.5) Updates `github.com/tektoncd/pipeline` from 1.0.0 to 1.1.0 - [Release notes](https://github.com/tektoncd/pipeline/releases) - [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md) - [Commits](tektoncd/pipeline@v1.0.0...v1.1.0) Updates `golang.org/x/crypto` from 0.38.0 to 0.39.0 - [Commits](golang/crypto@v0.38.0...v0.39.0) Updates `golang.org/x/exp` from 0.0.0-20250218142911-aa4b98e5adaa to 0.0.0-20250506013437-ce4c2cf36ca6 - [Commits](https://github.com/golang/exp/commits) Updates `google.golang.org/grpc` from 1.72.0 to 1.72.2 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.72.0...v1.72.2) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-version: 1.55.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/google/go-containerregistry dependency-version: 0.20.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/in-toto/attestation dependency-version: 1.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/in-toto/go-witness dependency-version: 0.8.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/cosign/v2 dependency-version: 2.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore dependency-version: 1.9.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-version: 1.9.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-version: 1.9.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-version: 1.9.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-version: 1.9.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/tektoncd/pipeline dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/crypto dependency-version: 0.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/exp dependency-version: 0.0.0-20250506013437-ce4c2cf36ca6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/grpc dependency-version: 1.72.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>
|
Hi @dependabot[bot]. Thanks for your PR. I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
Bumps the all group with 11 updates in the / directory:
1.54.01.55.00.20.40.20.61.1.11.1.20.8.40.8.62.5.02.5.11.9.41.9.51.9.41.9.51.9.41.9.51.9.41.9.51.9.41.9.51.0.01.1.0Updates
cloud.google.com/go/storagefrom 1.54.0 to 1.55.0Release notes
Sourced from cloud.google.com/go/storage's releases.
Changelog
Sourced from cloud.google.com/go/storage's changelog.
... (truncated)
Commits
70d74c0chore(main): release spanner 1.55.0 (#9231)9debdb6chore: release main (#9223)bd30055feat(deploy): Add stable cutback duration configuration to the k8s gateway se...ebbb610fix(storage): migrate deprecated proto dep (#9232)9a79290chore(all): update opentelemetry-go monorepo (#9230)c2969d3chore(all): update deps (#9229)a42604afeat(spanner): add directed reads feature (#7668)bbff8acfeat(bigquery): expose query id on row iterator if available (#9224)57e2d7bfeat(cloudquotas): new clients (#9222)82054d0docs(securitycentermanagement): updates on multiple comments, syncing termino...Updates
github.com/google/go-containerregistryfrom 0.20.4 to 0.20.6Release notes
Sourced from github.com/google/go-containerregistry's releases.
Commits
59a4b85Bump some deps (#2110)5b10395Ensure that tag name is not empty if name contains colon (#2094)Updates
github.com/in-toto/attestationfrom 1.1.1 to 1.1.2Release notes
Sourced from github.com/in-toto/attestation's releases.
Commits
98dd36dBump brace-expansion from 2.0.1 to 2.0.2 (#467)6d000a3Merge pull request #465 from marcelamelara/update-maintainers07dce2fmake linter happya086c30Add Trishank as attestation maintainer9d60fbefix typo in docstring (#443)306ddeeMerge pull request #455 from in-toto/actions-regenerate-attestation-librariese7fe5bcRegenerate attestation libraries112dbbaupdate workflow to use updated version of go (#454)9d96129update go mod to v1.22 to fix parsing issues (#453)cfb391eMerge pull request #446 from in-toto/dependabot/github_actions/peter-evans/cr...Updates
github.com/in-toto/go-witnessfrom 0.8.4 to 0.8.6Commits
0c8bb30fix: update gitleaks and fix config usage (#499)bd01443feat: add ability to pass headers to archivista client (#498)e0990edchore: bump github.com/open-policy-agent/opa from 1.4.0 to 1.4.2 (#495)d6d6d68chore: bump actions/setup-go from 5.4.0 to 5.5.0 (#496)15ff04achore: bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#497)a0ece0dchore: bump github.com/open-policy-agent/opa from 1.1.0 to 1.4.0 in the go_mo...a799b23chore: bump github/codeql-action from 3.28.16 to 3.28.17 (#492)cc3c452chore: bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 (#491)fe21e80chore: bump github.com/aws/aws-sdk-go from 1.55.6 to 1.55.7 (#489)3e1d242Update release workflow triggers for efficeincy and witness version (#494)Updates
github.com/sigstore/cosign/v2from 2.5.0 to 2.5.1Release notes
Sourced from github.com/sigstore/cosign/v2's releases.
Changelog
Sourced from github.com/sigstore/cosign/v2's changelog.
Commits
a7345fbAdd Rekor v2 support for trusted-root create (#4242)3df894eAdd baseUrl and Uri to trusted-root create commandfb26ffdupdate builder to use go1.24.4 (#4241)5b82c30Bump to sigstore-go v1.0, fix lint errors (#4240)a8fb9eechore(deps): bump github.com/open-policy-agent/opa from 1.4.2 to 1.5.1 (#4233)8bbd493chore(deps): bump k8s.io/client-go from 0.28.3 to 0.33.1 (#4235)32a2d62Upgrade to TUF v2 client with trusted root95bec1aRun reusable dependency review workflow from main (#4239)9b508f5chore(deps): bump google.golang.org/api from 0.234.0 to 0.236.0 (#4236)08c0240chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4231)Updates
github.com/sigstore/sigstorefrom 1.9.4 to 1.9.5Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
75efc00build(deps): Bump localstack/localstack in /test/e2e in the all group (#2092)32d462fbuild(deps): Bump the all group in /test/e2e with 3 updates (#2091)007cd79build(deps): Bump the all group in /test/e2e with 3 updates (#2074)bbd546bbuild(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#2087)540126bbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2088)0996ba4build(deps): Bump actions/dependency-review-action in the all group (#2085)7eafe24build(deps): Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#2081)d771343build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2082)1b0bd69build(deps): Bump the all group with 2 updates (#2078)e2f3b71build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2084)Updates
github.com/sigstore/sigstore/pkg/signature/kms/awsfrom 1.9.4 to 1.9.5Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.
Commits
75efc00build(deps): Bump localstack/localstack in /test/e2e in the all group (#2092)32d462fbuild(deps): Bump the all group in /test/e2e with 3 updates (#2091)007cd79build(deps): Bump the all group in /test/e2e with 3 updates (#2074)bbd546bbuild(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#2087)540126bbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2088)0996ba4build(deps): Bump actions/dependency-review-action in the all group (#2085)7eafe24build(deps): Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#2081)d771343build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2082)1b0bd69build(deps): Bump the all group with 2 updates (#2078)e2f3b71build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2084)Updates
github.com/sigstore/sigstore/pkg/signature/kms/azurefrom 1.9.4 to 1.9.5Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.
Commits
75efc00build(deps): Bump localstack/localstack in /test/e2e in the all group (#2092)32d462fbuild(deps): Bump the all group in /test/e2e with 3 updates (#2091)007cd79build(deps): Bump the all group in /test/e2e with 3 updates (#2074)bbd546bbuild(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#2087)540126bbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2088)0996ba4build(deps): Bump actions/dependency-review-action in the all group (#2085)7eafe24build(deps): Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#2081)d771343build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2082)1b0bd69build(deps): Bump the all group with 2 updates (#2078)e2f3b71build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2084)Updates
github.com/sigstore/sigstore/pkg/signature/kms/gcpfrom 1.9.4 to 1.9.5Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.
Commits
75efc00build(deps): Bump localstack/localstack in /test/e2e in the all group (#2092)32d462fbuild(deps): Bump the all group in /test/e2e with 3 updates (#2091)007cd79build(deps): Bump the all group in /test/e2e with 3 updates (#2074)bbd546bbuild(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#2087)540126bbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2088)0996ba4build(deps): Bump actions/dependency-review-action in the all group (#2085)7eafe24build(deps): Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#2081)d771343build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2082)1b0bd69build(deps): Bump the all group with 2 updates (#2078)e2f3b71build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2084)Updates
github.com/sigstore/sigstore/pkg/signature/kms/hashivaultfrom 1.9.4 to 1.9.5Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.
Commits
75efc00build(deps): Bump localstack/localstack in /test/e2e in the all group (#2092)32d462fbuild(deps): Bump the all group in /test/e2e with 3 updates (#2091)007cd79build(deps): Bump the all group in /test/e2e with 3 updates (#2074)bbd546bbuild(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (#2087)540126bbuild(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2088)0996ba4build(deps): Bump actions/dependency-review-action in the all group (#2085)7eafe24build(deps): Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (#2081)d771343build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2082)1b0bd69build(deps): Bump the all group with 2 updates (#2078)e2f3b71build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#2084)Updates
github.com/tektoncd/pipelinefrom 1.0.0 to 1.1.0Release notes
Sourced from github.com/tektoncd/pipeline's releases.
... (truncated)
Changelog
Sourced from github.com/tektoncd/pipeline's changelog.
... (truncated)
Commits
43c0bb9refactor: use os.UserHomeDir instead of go-homedir40fd892build(deps): bump google.golang.org/grpc from 1.72.1 to 1.72.2c3f2096build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...86a738bbuild(deps): bump go.opentelemetry.io/otel/sdk from 1.35.0 to 1.36.05e8a54cbuild(deps): bump tj-actions/changed-files4a3c113build(deps): bump go.opentelemetry.io/otel/trace from 1.35.0 to 1.36.06284f84build(deps): bump the all group in /tekton with 4 updates9580713build(deps): bump github.com/google/go-containerregistrye97fed6Fix subpath capitalisation9197361build(deps): bump k8s.io/apiextensions-apiserver from 0.32.4 to 0.32.5Updates
golang.org/x/cryptofrom 0.38.0 to 0.39.0Commits
3bf9d2assh/test: skip KEX test if unsupported by system SSH client9bab967go.mod: update golang.org/x dependencies4f9f0cax509roots/fallback: add init time benchmarkeac7cf0x509roots/fallback: move parsing code to a non-generated file18228cdacme: return err from deprecated TLS-SNI-[01|02] functions73f6362acme: remove dead codeebc8e46ssh: add server side support for Diffie Hellman Group Exchangee944286ssh: expose negotiated algorithms78a1fd7ssh: automatically add curve25519-sha256@libssh.org KEX aliasac58737ssh: export supported algorithmsUpdates
golang.org/x/expfrom 0.0.0-20250218142911-aa4b98e5adaa to 0.0.0-20250506013437-ce4c2cf36ca6Commits
Updates
google.golang.org/grpcfrom 1.72.0 to 1.72.2Release notes
Sourced from google.golang.org/grpc's releases.
Commits
6135a73Change version to v1.72.2 (#8357)eef8c9cdelegatingresolver: avoid proxy for resolved addresses in NO_PROXY env (#8329...3b5fa74balancer/least_request : Fix panic while handling resolver errors (#8333) (#8...edf643fChange version to v1.72.2-dev (#8326)4cf3cf7Change version to 1.72.1 (#8319)537fe8dtransport: Propagate status code on receiving RST_STREAM during message read ...f32eab3cherry-pick #8302 and #8304 to v1.72.x branch (#8303)7fcfc87internal/delegatingresolver: avoid proxy if networktype of target address is ...ad1e120Change version to 1.72.1-dev (#8219)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions