Skip to content

Commit 0796cad

Browse files
renovate[bot]renovate[bot]
authored
Update module github.com/sigstore/rekor to v1.5.0 [SECURITY]
1 parent 5d7a5ca commit 0796cad

2 files changed

Lines changed: 204 additions & 55 deletions

File tree

acceptance/go.mod

Lines changed: 71 additions & 55 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/enterprise-contract/ec-cli/acceptance
22

3-
go 1.24.6
3+
go 1.25.0
44

55
require (
66
cuelang.org/go v0.11.1
@@ -12,18 +12,18 @@ require (
1212
github.com/gkampitakis/go-snaps v0.5.7
1313
github.com/go-git/go-billy/v5 v5.6.2
1414
github.com/go-git/go-git/v5 v5.16.5
15-
github.com/go-openapi/strfmt v0.23.0
16-
github.com/google/go-containerregistry v0.20.2
15+
github.com/go-openapi/strfmt v0.25.0
16+
github.com/google/go-containerregistry v0.20.7
1717
github.com/in-toto/in-toto-golang v0.9.1-0.20240317085821-8e2966059a09
1818
github.com/konflux-ci/application-api v0.0.0-20240812090716-e7eb2ecfb409
1919
github.com/otiai10/copy v1.14.0
2020
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5
2121
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e
2222
github.com/pkg/errors v0.9.1
23-
github.com/secure-systems-lab/go-securesystemslib v0.9.0
23+
github.com/secure-systems-lab/go-securesystemslib v0.9.1
2424
github.com/sigstore/cosign/v2 v2.4.1
25-
github.com/sigstore/rekor v1.3.6
26-
github.com/sigstore/sigstore v1.8.15
25+
github.com/sigstore/rekor v1.5.0
26+
github.com/sigstore/sigstore v1.10.3
2727
github.com/stretchr/testify v1.11.1
2828
github.com/tektoncd/cli v0.38.0
2929
github.com/tektoncd/pipeline v0.70.0
@@ -64,9 +64,11 @@ require (
6464
github.com/cespare/xxhash/v2 v2.3.0 // indirect
6565
github.com/cloudflare/circl v1.6.1 // indirect
6666
github.com/cockroachdb/apd/v3 v3.2.1 // indirect
67+
github.com/containerd/errdefs v1.0.0 // indirect
68+
github.com/containerd/errdefs/pkg v0.3.0 // indirect
6769
github.com/containerd/log v0.1.0 // indirect
6870
github.com/containerd/platforms v1.0.0-rc.2 // indirect
69-
github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
71+
github.com/containerd/stargz-snapshotter/estargz v0.18.1 // indirect
7072
github.com/coreos/go-systemd/v22 v22.6.0 // indirect
7173
github.com/cpuguy83/dockercfg v0.3.2 // indirect
7274
github.com/cucumber/gherkin/go/v26 v26.2.0 // indirect
@@ -76,10 +78,10 @@ require (
7678
github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
7779
github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
7880
github.com/distribution/reference v0.6.0 // indirect
79-
github.com/docker/cli v27.2.0+incompatible // indirect
81+
github.com/docker/cli v29.0.3+incompatible // indirect
8082
github.com/docker/distribution v2.8.3+incompatible // indirect
81-
github.com/docker/docker v27.2.0+incompatible // indirect
82-
github.com/docker/docker-credential-helpers v0.8.2 // indirect
83+
github.com/docker/docker v28.5.2+incompatible // indirect
84+
github.com/docker/docker-credential-helpers v0.9.3 // indirect
8385
github.com/docker/go-connections v0.5.0 // indirect
8486
github.com/docker/go-units v0.5.0 // indirect
8587
github.com/dustin/go-humanize v1.0.1 // indirect
@@ -92,42 +94,55 @@ require (
9294
github.com/gkampitakis/ciinfo v0.3.0 // indirect
9395
github.com/gkampitakis/go-diff v1.3.2 // indirect
9496
github.com/go-chi/chi v4.1.2+incompatible // indirect
97+
github.com/go-chi/chi/v5 v5.2.4 // indirect
9598
github.com/go-errors/errors v1.5.1 // indirect
9699
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
97-
github.com/go-jose/go-jose/v4 v4.1.2 // indirect
100+
github.com/go-jose/go-jose/v4 v4.1.3 // indirect
98101
github.com/go-kit/log v0.2.1 // indirect
99102
github.com/go-logfmt/logfmt v0.6.0 // indirect
100103
github.com/go-logr/logr v1.4.3 // indirect
101104
github.com/go-logr/stdr v1.2.2 // indirect
102105
github.com/go-ole/go-ole v1.3.0 // indirect
103-
github.com/go-openapi/analysis v0.23.0 // indirect
104-
github.com/go-openapi/errors v0.22.0 // indirect
105-
github.com/go-openapi/jsonpointer v0.21.0 // indirect
106-
github.com/go-openapi/jsonreference v0.21.0 // indirect
107-
github.com/go-openapi/loads v0.22.0 // indirect
108-
github.com/go-openapi/runtime v0.28.0 // indirect
109-
github.com/go-openapi/spec v0.21.0 // indirect
110-
github.com/go-openapi/swag v0.23.0 // indirect
111-
github.com/go-openapi/validate v0.24.0 // indirect
106+
github.com/go-openapi/analysis v0.24.1 // indirect
107+
github.com/go-openapi/errors v0.22.6 // indirect
108+
github.com/go-openapi/jsonpointer v0.22.4 // indirect
109+
github.com/go-openapi/jsonreference v0.21.4 // indirect
110+
github.com/go-openapi/loads v0.23.2 // indirect
111+
github.com/go-openapi/runtime v0.29.2 // indirect
112+
github.com/go-openapi/spec v0.22.3 // indirect
113+
github.com/go-openapi/swag v0.25.4 // indirect
114+
github.com/go-openapi/swag/cmdutils v0.25.4 // indirect
115+
github.com/go-openapi/swag/conv v0.25.4 // indirect
116+
github.com/go-openapi/swag/fileutils v0.25.4 // indirect
117+
github.com/go-openapi/swag/jsonname v0.25.4 // indirect
118+
github.com/go-openapi/swag/jsonutils v0.25.4 // indirect
119+
github.com/go-openapi/swag/loading v0.25.4 // indirect
120+
github.com/go-openapi/swag/mangling v0.25.4 // indirect
121+
github.com/go-openapi/swag/netutils v0.25.4 // indirect
122+
github.com/go-openapi/swag/stringutils v0.25.4 // indirect
123+
github.com/go-openapi/swag/typeutils v0.25.4 // indirect
124+
github.com/go-openapi/swag/yamlutils v0.25.4 // indirect
125+
github.com/go-openapi/validate v0.25.1 // indirect
126+
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
112127
github.com/gofrs/uuid v4.4.0+incompatible // indirect
113128
github.com/gogo/protobuf v1.3.2 // indirect
114129
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
115130
github.com/golang/protobuf v1.5.4 // indirect
116131
github.com/golang/snappy v0.0.4 // indirect
117132
github.com/google/cel-go v0.26.0 // indirect
118-
github.com/google/certificate-transparency-go v1.2.1 // indirect
133+
github.com/google/certificate-transparency-go v1.3.2-0.20250507091337-0eddb39e94f8 // indirect
119134
github.com/google/gnostic-models v0.7.0 // indirect
120135
github.com/google/go-cmp v0.7.0 // indirect
121136
github.com/google/safetext v0.0.0-20240722112252-5a72de7e7962 // indirect
122137
github.com/google/uuid v1.6.0 // indirect
123-
github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
138+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect
124139
github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b // indirect
125140
github.com/hashicorp/errwrap v1.1.0 // indirect
126141
github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
127142
github.com/hashicorp/go-memdb v1.3.4 // indirect
128143
github.com/hashicorp/go-multierror v1.1.1 // indirect
129144
github.com/hashicorp/golang-lru v1.0.2 // indirect
130-
github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
145+
github.com/hashicorp/hcl v1.0.1-vault-7 // indirect
131146
github.com/in-toto/attestation v1.1.0 // indirect
132147
github.com/inconshreveable/mousetrap v1.1.0 // indirect
133148
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
@@ -139,7 +154,7 @@ require (
139154
github.com/klauspost/compress v1.18.2 // indirect
140155
github.com/kr/pretty v0.3.1 // indirect
141156
github.com/kr/text v0.2.0 // indirect
142-
github.com/letsencrypt/boulder v0.0.0-20240830194243-1fcf0ee08180 // indirect
157+
github.com/letsencrypt/boulder v0.20251110.0 // indirect
143158
github.com/lufia/plan9stats v0.0.0-20240819163618-b1d8f4d146e7 // indirect
144159
github.com/magiconair/properties v1.8.7 // indirect
145160
github.com/mailru/easyjson v0.7.7 // indirect
@@ -149,6 +164,7 @@ require (
149164
github.com/mitchellh/go-homedir v1.1.0 // indirect
150165
github.com/mitchellh/mapstructure v1.5.0 // indirect
151166
github.com/moby/docker-image-spec v1.3.1 // indirect
167+
github.com/moby/go-archive v0.2.0 // indirect
152168
github.com/moby/patternmatcher v0.6.0 // indirect
153169
github.com/moby/sys/sequential v0.6.0 // indirect
154170
github.com/moby/sys/user v0.4.0 // indirect
@@ -176,23 +192,23 @@ require (
176192
github.com/prometheus/procfs v0.16.1 // indirect
177193
github.com/prometheus/statsd_exporter v0.27.1 // indirect
178194
github.com/rogpeppe/go-internal v1.14.1 // indirect
179-
github.com/sagikazarmark/locafero v0.6.0 // indirect
195+
github.com/sagikazarmark/locafero v0.11.0 // indirect
180196
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
181197
github.com/sassoftware/relic v7.2.1+incompatible // indirect
182198
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
183199
github.com/shibumi/go-pathspec v1.3.0 // indirect
184200
github.com/shirou/gopsutil/v3 v3.24.5 // indirect
185201
github.com/shoenig/go-m1cpu v0.1.6 // indirect
186-
github.com/sigstore/protobuf-specs v0.4.0 // indirect
202+
github.com/sigstore/protobuf-specs v0.5.0 // indirect
187203
github.com/sigstore/timestamp-authority v1.2.2 // indirect
188204
github.com/sirupsen/logrus v1.9.3 // indirect
189205
github.com/skeema/knownhosts v1.3.1 // indirect
190-
github.com/sourcegraph/conc v0.3.0 // indirect
191-
github.com/spf13/afero v1.11.0 // indirect
192-
github.com/spf13/cast v1.7.0 // indirect
193-
github.com/spf13/cobra v1.9.1 // indirect
194-
github.com/spf13/pflag v1.0.6 // indirect
195-
github.com/spf13/viper v1.19.0 // indirect
206+
github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
207+
github.com/spf13/afero v1.15.0 // indirect
208+
github.com/spf13/cast v1.10.0 // indirect
209+
github.com/spf13/cobra v1.10.2 // indirect
210+
github.com/spf13/pflag v1.0.10 // indirect
211+
github.com/spf13/viper v1.21.0 // indirect
196212
github.com/stoewer/go-strcase v1.3.0 // indirect
197213
github.com/stretchr/objx v0.5.2 // indirect
198214
github.com/subosito/gotenv v1.6.0 // indirect
@@ -206,44 +222,44 @@ require (
206222
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
207223
github.com/tklauser/go-sysconf v0.3.14 // indirect
208224
github.com/tklauser/numcpus v0.8.0 // indirect
209-
github.com/vbatts/tar-split v0.11.5 // indirect
225+
github.com/vbatts/tar-split v0.12.2 // indirect
210226
github.com/x448/float16 v0.8.4 // indirect
211227
github.com/xanzy/ssh-agent v0.3.3 // indirect
212228
github.com/xlab/treeprint v1.2.0 // indirect
213229
github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect
214230
github.com/yudai/pp v2.0.1+incompatible // indirect
215231
github.com/yusufpapurcu/wmi v1.2.4 // indirect
216-
go.mongodb.org/mongo-driver v1.16.1 // indirect
232+
go.mongodb.org/mongo-driver v1.17.6 // indirect
217233
go.opencensus.io v0.24.0 // indirect
218-
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
219-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
220-
go.opentelemetry.io/otel v1.37.0 // indirect
221-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.35.0 // indirect
234+
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
235+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect
236+
go.opentelemetry.io/otel v1.38.0 // indirect
237+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 // indirect
222238
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 // indirect
223-
go.opentelemetry.io/otel/metric v1.37.0 // indirect
224-
go.opentelemetry.io/otel/trace v1.37.0 // indirect
239+
go.opentelemetry.io/otel/metric v1.38.0 // indirect
240+
go.opentelemetry.io/otel/trace v1.38.0 // indirect
225241
go.uber.org/multierr v1.11.0 // indirect
226-
go.uber.org/zap v1.27.0 // indirect
242+
go.uber.org/zap v1.27.1 // indirect
227243
go.yaml.in/yaml/v2 v2.4.2 // indirect
228244
go.yaml.in/yaml/v3 v3.0.4 // indirect
229-
golang.org/x/crypto v0.45.0 // indirect
230-
golang.org/x/mod v0.29.0 // indirect
231-
golang.org/x/net v0.47.0 // indirect
232-
golang.org/x/oauth2 v0.30.0 // indirect
233-
golang.org/x/sync v0.18.0 // indirect
234-
golang.org/x/sys v0.38.0 // indirect
235-
golang.org/x/term v0.37.0 // indirect
236-
golang.org/x/text v0.31.0 // indirect
245+
golang.org/x/crypto v0.46.0 // indirect
246+
golang.org/x/mod v0.30.0 // indirect
247+
golang.org/x/net v0.48.0 // indirect
248+
golang.org/x/oauth2 v0.34.0 // indirect
249+
golang.org/x/sync v0.19.0 // indirect
250+
golang.org/x/sys v0.39.0 // indirect
251+
golang.org/x/term v0.38.0 // indirect
252+
golang.org/x/text v0.32.0 // indirect
237253
golang.org/x/time v0.14.0 // indirect
238254
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
239-
google.golang.org/api v0.217.0 // indirect
240-
google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b // indirect
241-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250804133106-a7a43d27e69b // indirect
242-
google.golang.org/grpc v1.76.0 // indirect
243-
google.golang.org/protobuf v1.36.10 // indirect
255+
google.golang.org/api v0.260.0 // indirect
256+
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect
257+
google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
258+
google.golang.org/grpc v1.78.0 // indirect
259+
google.golang.org/protobuf v1.36.11 // indirect
244260
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
245261
gopkg.in/inf.v0 v0.9.1 // indirect
246-
gopkg.in/ini.v1 v1.67.0 // indirect
262+
gopkg.in/ini.v1 v1.67.1 // indirect
247263
gopkg.in/warnings.v0 v0.1.2 // indirect
248264
gopkg.in/yaml.v2 v2.4.0 // indirect
249265
gopkg.in/yaml.v3 v3.0.1 // indirect

0 commit comments

Comments
 (0)