Skip to content

Bump github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0 in /system-tests/tests#23075

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/go_modules/system-tests/tests/github.com/sigstore/sigstore-go-1.2.0
Open

Bump github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0 in /system-tests/tests#23075
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/go_modules/system-tests/tests/github.com/sigstore/sigstore-go-1.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/sigstore/sigstore-go from 1.1.4 to 1.2.0.

Release notes

Sourced from github.com/sigstore/sigstore-go's releases.

v1.2.0

What's Changed

New Contributors

... (truncated)

Commits
  • 8ca80c4 Fix conformance test failures for managed-key verification (#561) (#638)
  • 40d743a Bump the minor-patch group across 2 directories with 10 updates (#637)
  • 7960906 Bump golangci/golangci-lint-action from 9.2.0 to 9.2.1 (#631)
  • ef6e924 Encode Rekor v2 DSSE envelopes as hashedrekord (#627)
  • 56c2528 Verify Rekor v2 inclusion using reconstructed leaf hash (#635)
  • dbb07e6 Prevent multi-log threshold bypasses via single compromised log (#633)
  • 7e8ee0f bundle: cap raw TlogEntries length before per-entry parse (#630)
  • 58c7950 Bump github.com/in-toto/in-toto-golang from 0.10.0 to 0.11.0 (#624)
  • 1ad51ea Bump github.com/in-toto/in-toto-golang (#623)
  • 566ec6c Bump sigstore/sigstore-conformance from 0.0.26 to 0.0.27 (#621)
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: tests. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 10, 2026
@dependabot dependabot Bot requested review from a team as code owners July 10, 2026 14:47
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 10, 2026
@github-actions

Copy link
Copy Markdown
Contributor

✅ No conflicts with other open PRs targeting develop

Bumps [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/sigstore/sigstore-go/releases)
- [Commits](sigstore/sigstore-go@v1.1.4...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore-go
  dependency-version: 1.2.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/system-tests/tests/github.com/sigstore/sigstore-go-1.2.0 branch from b0b94dc to 71e53b7 Compare July 10, 2026 16:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants