Update all dependencies
This MR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| sigstore/cosign | ironbank-github | patch |
v2.2.2 -> v2.2.3
|
| trufflesecurity/trufflehog | ironbank-github | patch |
v3.66.2 -> v3.66.3
|
⚠ WarningSome dependencies could not be looked up. Check the warning logs for more information.
Release Notes
sigstore/cosign (sigstore/cosign)
v2.2.3
Bug Fixes
- Fix race condition on verification with multiple signatures attached to image (#3486)
- fix(clean): Fix clean cmd for private registries (#3446)
- Fixed BYO PKI verification (#3427)
Features
- Allow for option in cosign attest and attest-blob to upload attestation as supported in Rekor (#3466)
- Add support for OpenVEX predicate type (#3405)
Documentation
- Resolves #3088:
versionsub-command expected behaviour documentation and testing (#3447) - add examples for cosign attach signature cmd (#3468)
Misc
Contributors
- aalsabag
- Bob Callaway
- Carlos Tadeu Panato Junior
- Colleen Murphy
- Hayden B
- Mukuls77
- Omri Bornstein
- Puerco
- vivek kumar sahu
trufflesecurity/trufflehog (trufflesecurity/trufflehog)
v3.66.3
What's Changed
- Allow for configuring the buffered file writer by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2319
- added flyio protos by @lonmarsDev in https://github.com/trufflesecurity/trufflehog/pull/2357
- Scan GitHub wikis by @rgmz in https://github.com/trufflesecurity/trufflehog/pull/2233
- [chore] Add filesystem integration test by @mcastorina in https://github.com/trufflesecurity/trufflehog/pull/2358
- update azure test files to check rawV2 by @roxanne-tampus in https://github.com/trufflesecurity/trufflehog/pull/2353
- [bug] fix script change by @ahrav in https://github.com/trufflesecurity/trufflehog/pull/2360
Full Changelog: https://github.com/trufflesecurity/trufflehog/compare/v3.66.2...v3.66.3
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.