Bump the minor-patch group across 2 directories with 10 updates by dependabot[bot] · Pull Request #637 · sigstore/sigstore-go

dependabot · 2026-06-02T15:19:00Z

Bumps the minor-patch group with 6 updates in the / directory:

Package	From	To
github.com/go-openapi/runtime	`0.29.3`	`0.32.3`
github.com/google/certificate-transparency-go	`1.3.2`	`1.3.3`
github.com/in-toto/attestation	`1.1.2`	`1.2.0`
github.com/sigstore/rekor	`1.5.0`	`1.5.2`
github.com/sigstore/timestamp-authority/v2	`2.0.6`	`2.1.2`
github.com/transparency-dev/formats	`0.1.0`	`0.1.1`

Bumps the minor-patch group with 1 update in the /examples/oci-image-verification directory: github.com/google/go-containerregistry.

Updates github.com/go-openapi/runtime from 0.29.3 to 0.32.3

Release notes

Sourced from github.com/go-openapi/runtime's releases.

v0.32.3

0.32.3 - 2026-06-02

Full Changelog: go-openapi/runtime@v0.32.2...v0.32.3

6 commits in this release.

Implemented enhancements

feat(ci): added shared workflow for bot-pr monitoring by @fredbi ...

Documentation

doc: updated contributors file by @bot-go-openapi[bot] in #478 ...

Miscellaneous tasks

chore: prepare release v0.32.3 by @bot-go-openapi[bot] in #480 ...

chore: updated dependencies by @fredbi in #479 ...

Updates

build(deps): bump the other-dependencies group across 2 directories with 3 updates by @dependabot[bot] in #477 ...

build(deps): bump the go-openapi-dependencies group across 2 directories with 1 update by @dependabot[bot] in #476 ...

People who contributed to this release

@fredbi

runtime license terms

Per-module changes

... (truncated)

Commits

6c3a7fd chore: prepare release v0.32.3
1733ca7 chore: updated dependencies (#479)
7a7ea03 feat(ci): added shared workflow for bot-pr monitoring
d4d7f7d doc: updated contributors file
6937b17 build(deps): bump the other-dependencies group across 2 directories with 3 up...
4361051 build(deps): bump the go-openapi-dependencies group across 2 directories with...
a357ecf chore: prepare release v0.32.2
10b4d12 fix(client): added a guard to avoid the client to panic (#474)
ea80e5a chore: prepare release v0.32.1
01f5c55 doc: documented SkipAuth feature with build tag (#472)
Additional commits viewable in compare view

Updates github.com/go-openapi/strfmt from 0.26.1 to 0.26.3

Release notes

Sourced from github.com/go-openapi/strfmt's releases.

v0.26.3

0.26.3 - 2026-05-31

Full Changelog: go-openapi/strfmt@v0.26.2...v0.26.3

15 commits in this release.

Documentation

fix(ci): typo in sha by @fredbi ...

doc: updated contributors file by @bot-go-openapi[bot] in #258 ...

doc: updated contributors file by @bot-go-openapi[bot] in #251 ...

Miscellaneous tasks

chore: prepare release v0.26.3 by @bot-go-openapi[bot] in #260 ...

fix(ci): monitor - work around dependabot identity requirements by @fredbi ...

fix(ci): updated shared ci worflows (fix monitor-bot identity) by @fredbi ...

fix(ci): updated shared ci worflows (fix monitor-bot permissions) by @fredbi ...

fix(ci): updated shared ci worflows (fix monitor-bot filter) by @fredbi in #259 ...

ci: schedule bot PR monitoring by @fredbi in #257 ...

Updates

build(deps): bump the other-dependencies group across 3 directories with 2 updates by @dependabot[bot] in #252 ...

build(deps): bump golang.org/x/net from 0.54.0 to 0.55.0 in the golang-org-dependencies group across 1 directory by @dependabot[bot] in #255 ...

build(deps): bump the go-openapi-dependencies group across 2 directories with 1 update by @dependabot[bot] in #256 ...

build(deps): bump the development-dependencies group with 8 updates by @dependabot[bot] in #254 ...

build(deps): bump golang.org/x/net from 0.53.0 to 0.54.0 in the golang-org-dependencies group across 1 directory by @dependabot[bot] in #253 ...

build(deps): bump the go-openapi-dependencies group across 2 directories with 1 update by @dependabot[bot] in #249 ...

People who contributed to this release

@fredbi

strfmt license terms

[][license-url]

... (truncated)

Commits

d93543f chore: prepare release v0.26.3
7841767 build(deps): bump the other-dependencies group across 3 directories with 2 up...
f041a88 build(deps): bump golang.org/x/net
6ac9968 build(deps): bump the go-openapi-dependencies group across 2 directories with...
1d31844 fix(ci): monitor - work around dependabot identity requirements
1531efc fix(ci): typo in sha
cb7dd25 fix(ci): updated shared ci worflows (fix monitor-bot identity)
62db01a fix(ci): updated shared ci worflows (fix monitor-bot permissions)
c7cf6fb fix(ci): updated shared ci worflows (fix monitor-bot filter) (#259)
c2e3626 doc: updated contributors file
Additional commits viewable in compare view

Updates github.com/go-openapi/swag/conv from 0.25.5 to 0.26.0

Release notes

Sourced from github.com/go-openapi/swag/conv's releases.

v0.26.0

0.26.0 - 2026-04-15

Full Changelog: go-openapi/swag@v0.25.5...v0.26.0

14 commits in this release.

Implemented enhancements

feat(jsonname): added new json name provider more respectful of go co… by @fredbi in #195 ...

Documentation

doc: updated contributors file by @bot-go-openapi[bot] in #194 ...

doc: update discord link by @fredbi in #190 ...

doc: updated contributors file by @bot-go-openapi[bot] in #184 ...

docs: updated SECURITY.md by @fredbi in #182 ...

Code quality

doc: add portable agentic instructions by @fredbi in #191 ...

Miscellaneous tasks

chore: prepare release v0.26.0 by @bot-go-openapi[bot] in #196 ...

chore: bump go directive to 1.25.0 by @fredbi in #192 ...

ci: fixed dependabot path by @fredbi in #187 ...

Updates

build(deps): bump the go-openapi-dependencies group across 15 directories with 2 updates by @dependabot[bot] in #193 ...

build(deps): bump the other-dependencies group across 3 directories with 1 update by @dependabot[bot] in #189 ...

build(deps): bump the development-dependencies group with 7 updates by @dependabot[bot] in #188 ...

build(deps): bump the go-openapi-dependencies group across 15 directories with 2 updates by @dependabot[bot] in #185 ...

build(deps): bump the development-dependencies group across 2 directories with 7 updates by @dependabot[bot] in #183 ...

People who contributed to this release

@fredbi

... (truncated)

Commits

10f02a4 chore: prepare release v0.26.0
543ed20 feat(jsonname): added new json name provider more respectful of go convention...
15feaa1 doc: updated contributors file
be70d5e build(deps): bump the go-openapi-dependencies group across 15 directories wit...
e3a465d chore: bump go directive to 1.25.0 (#192)
544d0de doc: add portable agentic instructions (#191)
2345c91 doc: update discord link (#190)
6aaa57c build(deps): bump the other-dependencies group across 3 directories with 1 up...
524ef32 build(deps): bump the development-dependencies group with 7 updates
228d6ed ci: fixed dependabot path (#187)
Additional commits viewable in compare view

Updates github.com/google/certificate-transparency-go from 1.3.2 to 1.3.3

Release notes

Sourced from github.com/google/certificate-transparency-go's releases.

v1.3.3

What's Changed

CTFE

set explicit http server timeouts by @1seal in google/certificate-transparency-go#1755

Regenerate protos by @phbnf in google/certificate-transparency-go#1743

Update instructions to generate protos by @phbnf in google/certificate-transparency-go#1742

ctfe: Enforce max request and header size limits by @fghanmi in google/certificate-transparency-go#1720

[CTFE] Add a /log.v3.json endpoint to help satisfy a requirement of the Chrome CT Log Policy by @robstradling in google/certificate-transparency-go#1703

Tools

Log list library

Support tiled logs in the loglist3 logfilter functions by @robstradling in google/certificate-transparency-go#1762

Add FindTiledLog* functions by @robstradling in google/certificate-transparency-go#1763

Submission proxy

Cap request body size in submission proxy by @1seal in google/certificate-transparency-go#1754

add some additional log messages around CT log compatibility by @breadyzhang in google/certificate-transparency-go#1734

Other

jsonclient: don't depend on error text from other packages in tests by @neild in google/certificate-transparency-go#1741

Parse klog flags in preloader. by @phbnf in google/certificate-transparency-go#1711

Fix incorrect leaf hash calculation for precertificates in upload command by @Barre in google/certificate-transparency-go#1710

Misc

Remove internal witness by @roger2hk in google/certificate-transparency-go#1765

Update transparency-dev slack invite link by @taknira in google/certificate-transparency-go#1718

Dependency updates

Bump golangci-lint version to v2.10.1 by @roger2hk in google/certificate-transparency-go#1769

Bump the docker-deps group across 2 directories with 2 updates by @dependabot[bot] in google/certificate-transparency-go#1766

Bump github/codeql-action from 4.32.0 to 4.32.4 in the all-deps group by @dependabot[bot] in google/certificate-transparency-go#1767

Bump the all-deps group with 7 updates by @dependabot[bot] in google/certificate-transparency-go#1768

Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 by @dependabot[bot] in google/certificate-transparency-go#1764

Bump golang.org/x/crypto from 0.46.0 to 0.47.0 in the all-deps group by @dependabot[bot] in google/certificate-transparency-go#1756

Bump the all-deps group with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1757

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1758

Bumped linter and fixed a potential race condition by @mhutchinson in google/certificate-transparency-go#1753

Bump the all-deps group with 9 updates by @dependabot[bot] in google/certificate-transparency-go#1749

Bump the all-deps group across 1 directory with 5 updates by @dependabot[bot] in google/certificate-transparency-go#1748

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1750

Bump the all-deps group with 4 updates by @dependabot[bot] in google/certificate-transparency-go#1745

Bump the docker-deps group across 4 directories with 1 update by @dependabot[bot] in google/certificate-transparency-go#1744

Bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in google/certificate-transparency-go#1740

Bump the all-deps group with 2 updates by @dependabot[bot] in google/certificate-transparency-go#1735

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1737

Bump the all-deps group with 4 updates by @dependabot[bot] in google/certificate-transparency-go#1736

Bump the docker-deps group across 4 directories with 2 updates by @dependabot[bot] in google/certificate-transparency-go#1732

Bump Go from 1.23 to 1.24 by @roger2hk in google/certificate-transparency-go#1733

Bump the all-deps group with 10 updates by @dependabot[bot] in google/certificate-transparency-go#1731

Bump the all-deps group with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1730

Bump the all-deps group with 2 updates by @dependabot[bot] in google/certificate-transparency-go#1726

... (truncated)

Changelog

Sourced from github.com/google/certificate-transparency-go's changelog.

v1.3.3

CTFE

set explicit http server timeouts by @1seal in google/certificate-transparency-go#1755

Regenerate protos by @phbnf in google/certificate-transparency-go#1743

Update instructions to generate protos by @phbnf in google/certificate-transparency-go#1742

ctfe: Enforce max request and header size limits by @fghanmi in google/certificate-transparency-go#1720

[CTFE] Add a /log.v3.json endpoint to help satisfy a requirement of the Chrome CT Log Policy by @robstradling in google/certificate-transparency-go#1703

Tools

Log list library

Support tiled logs in the loglist3 logfilter functions by @robstradling in google/certificate-transparency-go#1762

Add FindTiledLog* functions by @robstradling in google/certificate-transparency-go#1763

Submission proxy

Cap request body size in submission proxy by @1seal in google/certificate-transparency-go#1754

add some additional log messages around CT log compatibility by @breadyzhang in google/certificate-transparency-go#1734

Other

jsonclient: don't depend on error text from other packages in tests by @neild in google/certificate-transparency-go#1741

Parse klog flags in preloader. by @phbnf in google/certificate-transparency-go#1711

Fix incorrect leaf hash calculation for precertificates in upload command by @Barre in google/certificate-transparency-go#1710

Misc

Remove internal witness by @roger2hk in google/certificate-transparency-go#1765

Update transparency-dev slack invite link by @taknira in google/certificate-transparency-go#1718

Dependency updates

Bump golangci-lint version to v2.10.1 by @roger2hk in google/certificate-transparency-go#1769

Bump the all-deps group with 7 updates by @dependabot[bot] in google/certificate-transparency-go#1768

Bump github/codeql-action from 4.32.0 to 4.32.4 in the all-deps group by @dependabot[bot] in google/certificate-transparency-go#1767

Bump the docker-deps group across 2 directories with 2 updates by @dependabot[bot] in google/certificate-transparency-go#1766

Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 by @dependabot[bot] in google/certificate-transparency-go#1764

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1758

Bump the all-deps group with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1757

Bump golang.org/x/crypto from 0.46.0 to 0.47.0 in the all-deps group by @dependabot[bot] in google/certificate-transparency-go#1756

Bumped linter and fixed a potential race condition by @mhutchinson in google/certificate-transparency-go#1753

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1750

Bump the all-deps group with 9 updates by @dependabot[bot] in google/certificate-transparency-go#1749

Bump the all-deps group across 1 directory with 5 updates by @dependabot[bot] in google/certificate-transparency-go#1748

Bump the all-deps group with 4 updates by @dependabot[bot] in google/certificate-transparency-go#1745

Bump the docker-deps group across 4 directories with 1 update by @dependabot[bot] in google/certificate-transparency-go#1744

Bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in google/certificate-transparency-go#1740

Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in google/certificate-transparency-go#1737

... (truncated)

Commits

e8f9317 Support tiled logs in the loglist3 logfilter functions (#1762)
f571c2e Cap request body size in submission proxy (#1754)
b0a55e9 Bump golangci-lint version to v2.10.1 (#1769)
f8d8cda Bump the docker-deps group across 2 directories with 2 updates (#1766)
e030cb1 Bump github/codeql-action from 4.32.0 to 4.32.4 in the all-deps group (#1767)
537ff1f Bump the all-deps group with 7 updates (#1768)
8c5792c Remove internal witness (#1765)
a599ccc Add FindTiledLog* functions (#1763)
3782b4d Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (#1764)
a6d1ef5 Bump golang.org/x/crypto from 0.46.0 to 0.47.0 in the all-deps group (#1756)
Additional commits viewable in compare view

Updates github.com/in-toto/attestation from 1.1.2 to 1.2.0

Release notes

Sourced from github.com/in-toto/attestation's releases.

v1.2.0

Core Attestation Framework Spec Changes

Ensure the Envelope spec meets ITE-5 by @marcelamelara in in-toto/attestation#431

Add predicate type to the allowed media types for the envelope's payload type by @mdeicas in in-toto/attestation#473

Clarify that non-cryptographic digests may use custom value encoding by @marcelamelara in in-toto/attestation#517

New / Updated Predicates

New Simple Verification Result (SVR) Predicate by @arewm in in-toto/attestation#470

Update Release Predicate to v0.2 by @ bdehamer in in-toto/attestation#495

New SPDX 3 Predicate by @JPEWdev in in-toto/attestation#508

Language Bindings Changes

Support validation of Cosign OCI statements with type https://in-toto.io/Statement/v0.1 by @alenon in in-toto/attestation#464

Add Rust bindings by @marcelamelara in in-toto/attestation#468

SVR proto definitions by @puerco in in-toto/attestation#519

Other Changes

Update link to URL redirects list by @mdeicas in in-toto/attestation#471

docs: fix typo in README.md by @tarilabs in in-toto/attestation#472

Upgrade Go in make-protos.yml@setup-go to be consistent w/ go.mod by @trishankatdatadog in in-toto/attestation#488

Bump Go version in CI tests by @marcelamelara in in-toto/attestation#491

Update attestation maintainers by @marcelamelara in in-toto/attestation#516 and in-toto/attestation#536

Add SVR to the list of predicates and fix some issues in the list by @lcarva in in-toto/attestation#537

New Contributors

@tarilabs made their first contribution in in-toto/attestation#472

@alenon made their first contribution in in-toto/attestation#464

@bdehamer made their first contribution in in-toto/attestation#495

@JPEWdev made their first contribution in in-toto/attestation#508

@lcarva made their first contribution in in-toto/attestation#537

Full Changelog: in-toto/attestation@v1.1.2...v1.2.0

Commits

df02077 Add SVR to the list of predicates and fix some issues in the list (#537)
cd3e5c7 Merge pull request #536 from marcelamelara/msm-update-maintainers
b31d198 Apply suggestions from code review
4527976 Add Aditya as maintainer, move Mikhail and Tom to emeritus
7bfb269 Ensure the Envelope spec meets ITE-5 (#431)
ad76f68 Clarify that non-cryptographic digests may use custom value encoding (#517)
071e175 Bump actions/setup-node from 6.2.0 to 6.3.0 (#535)
cad7a33 Bump markdownlint-cli from 0.47.0 to 0.48.0 (#533)
913a235 Bump actions/setup-go from 6.2.0 to 6.3.0 (#531)
36c27c1 Merge pull request #530 from in-toto/dependabot/npm_and_yarn/markdown-it-14.1.1
Additional commits viewable in compare view

Updates github.com/sigstore/rekor from 1.5.0 to 1.5.2

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.5.2

Changelog

759b98e2a7c39ea9779b6a51299c5f0f987f8802 alpine: Enforce max size limit on decompression (#2831)

c7e77ee26edd8631dd417166907093a9f13b85e5 Support restricting kinds on insertion (#2814)

a10818a8778dcb58eb582d00ffda4b2c86bf190b fix(trillianclient): strip dns:/// scheme from TLS ServerName in gRPC dial (#2812)

8a2f3a2dd023b81ad8b63e2f365676ec438dc9fa add checks to ensure returned entries match client inputs to rekor-cli (#2799)

0e88bac01d1173b8b2cbc8ed790106441573bbdb add nil pointer check to resolve fuzzing crash (#2807)

93da954478a2ffb1821d4904a80d9a5cbe268324 client: surface last-response details after retries are exhausted (#2796)

4d67ecd8ec810bc6af9761ad10ebd2ac899cfdbd Fix internal error detail leakage in 500 responses (#2801)

b34ca94fc01405cb50acb956cc181d57382a6b2d add defensive check to ensure tid is in config ahead of getting client (#2795)

656c832ab90feef91f5dcc751ae1cb851c73f4bd restapi: include inactiveShards in the homepage total count (#2797)

Thanks for all contributors!

v1.5.1

Changelog

2d46808ce98c3dd26158364ae28f4c49921c9b0d optimize memory for DSSE v0.0.1 processing (#2766)

6de110d1deb7fa2d9145584fd9446608ce1a777c return correct errors in rare failure situations (#2753)

7ff7c692f51d6060c6eebba0480536f5ba28abb5 raise error if decoding hash fails during inclusion proof (#2754)

Thanks for all contributors!

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.5.1

Features

optimize memory for DSSE v0.0.1 processing (#2766)

Bug Fixes

Type assert the entry bundle when verifying inclusion proof (#2755)

return correct errors in rare failure situations (#2753)

raise error if decoding hash fails during inclusion proof (#2754)

Commits

3b75cd9 build(deps): Bump the all group across 1 directory with 7 updates (#2829)
759b98e alpine: Enforce max size limit on decompression (#2831)
c7e77ee Support restricting kinds on insertion (#2814)
a10818a fix(trillianclient): strip dns:/// scheme from TLS ServerName in gRPC dial (#...
c31f3fc build(deps): Bump cloud.google.com/go/profiler from 0.4.3 to 0.6.0
f2a9fb0 build(deps): Bump go.uber.org/zap from 1.27.1 to 1.28.0
e3ba248 build(deps): Bump golang in the all group across 1 directory
62e5ddd build(deps): Bump github.com/go-openapi/swag from 0.25.5 to 0.26.0
f4f91d5 build(deps): Bump github.com/tink-crypto/tink-go-awskms/v2 to v3 (#2827)
9bc540f build(deps): Bump google.com/cloudsdktool/google-cloud-cli (#2820)
Additional commits viewable in compare view

Updates github.com/sigstore/timestamp-authority/v2 from 2.0.6 to 2.1.2

Release notes

Sourced from github.com/sigstore/timestamp-authority/v2's releases.

v2.1.2

Changelog

v2.1.2 patches a bug where expired TSA certificates would be rejected, which is not aligned with RFC 3161.

21dff8b84c13344aa4a931d9779c514e4b7f8538 Validate TSA certificate chain at timestamp issuance time (#1384)

v2.1.1

What's Changed

v2.1.1 drops the Go version back down to 1.25.0.

Switch utility for PEM encryption in sigstore/timestamp-authority#1378

Full Changelog: sigstore/timestamp-authority@v2.1.0...v2.1.1

v2.1.0

What's Changed

Bound path and HTTP method metric label cardinality to prevent OOM in sigstore/timestamp-authority#1374

Fix spec violations in policy, EKU, and hash verification in sigstore/timestamp-authority#1375

Full Changelog: sigstore/timestamp-authority@v2.0.6...v2.1.0

Commits

21dff8b Validate TSA certificate chain at timestamp issuance time (#1384)
1d43d95 chore(deps): bump the gomod group with 2 updates (#1383)
c9c7574 Switch utility for PEM encryption (#1378)
ca10d92 chore(deps): bump the gomod group with 5 updates (#1381)
918a94f chore(deps): bump cloud.google.com/go/security from 1.24.0 to 1.25.0 (#1382)
d9aee1b chore(deps): bump golang from 6df14f4 to 2d6c802 (#1379)
f695279 chore(deps): bump golang from 313faae to 6df14f4 (#1368)
5a15c60 chore(deps): bump github.com/go-chi/chi/v5 from 5.2.5 to 5.3.0 (#1371)
b72b967 chore(deps): bump github.com/go-openapi/runtime from 0.31.0 to 0.32.2 (#1377)
1e20100 chore(deps): bump go.step.sm/crypto in the gomod group (#1376)
Additional commits viewable in compare view

Updates github.com/transparency-dev/formats from 0.1.0 to 0.1.1

Release notes

Sourced from github.com/transparency-dev/formats's releases.

v0.1.1

What's Changed

Implement c2sp.org/tlog-proof by @Hayden-IO in transparency-dev/formats#228

Copy witness policy file format code from Tessera by @Hayden-IO in transparency-dev/formats#229

Bump Go to 1.25.0 by @roger2hk in transparency-dev/formats#242

Add MLDSA-44 cosigner implementation by @AlCutter in transparency-dev/formats#247

Add func to generate MLDSA key pairs by @AlCutter in transparency-dev/formats#249

Better MLDSA generate func name by @AlCutter in transparency-dev/formats#250

Remove unused RSA 6962 support by @AlCutter in transparency-dev/formats#256

Deps

🌱(deps): Bump golang.org/x/mod from 0.32.0 to 0.33.0 in the all-go-deps group by @dependabot[bot] in transparency-dev/formats#235

🌱(deps): Bump github/codeql-action from 4.32.2 to 4.32.3 in the all-gha-deps group by @dependabot[bot] in transparency-dev/formats#236

🌱(deps): Bump github/codeql-action from 4.32.3 to 4.32.4 in the all-gha-deps group by @dependabot[bot] in transparency-dev/formats#237

🌱(deps): Bump the all-gha-deps group with 2 updates by @dependabot[bot] in transparency-dev/formats#...
Description has been truncated

codysoyland · 2026-06-02T23:11:55Z

@dependabot recreate

Bumps the minor-patch group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) | `0.29.3` | `0.32.3` | | [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) | `1.3.2` | `1.3.3` | | [github.com/in-toto/attestation](https://github.com/in-toto/attestation) | `1.1.2` | `1.2.0` | | [github.com/sigstore/rekor](https://github.com/sigstore/rekor) | `1.5.0` | `1.5.2` | | [github.com/sigstore/timestamp-authority/v2](https://github.com/sigstore/timestamp-authority) | `2.0.6` | `2.1.2` | | [github.com/transparency-dev/formats](https://github.com/transparency-dev/formats) | `0.1.0` | `0.1.1` | Bumps the minor-patch group with 1 update in the /examples/oci-image-verification directory: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry). Updates `github.com/go-openapi/runtime` from 0.29.3 to 0.32.3 - [Release notes](https://github.com/go-openapi/runtime/releases) - [Commits](go-openapi/runtime@v0.29.3...v0.32.3) Updates `github.com/go-openapi/strfmt` from 0.26.1 to 0.26.3 - [Release notes](https://github.com/go-openapi/strfmt/releases) - [Commits](go-openapi/strfmt@v0.26.1...v0.26.3) Updates `github.com/go-openapi/swag/conv` from 0.25.5 to 0.26.0 - [Release notes](https://github.com/go-openapi/swag/releases) - [Commits](go-openapi/swag@v0.25.5...v0.26.0) Updates `github.com/google/certificate-transparency-go` from 1.3.2 to 1.3.3 - [Release notes](https://github.com/google/certificate-transparency-go/releases) - [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md) - [Commits](google/certificate-transparency-go@v1.3.2...v1.3.3) Updates `github.com/in-toto/attestation` from 1.1.2 to 1.2.0 - [Release notes](https://github.com/in-toto/attestation/releases) - [Commits](in-toto/attestation@v1.1.2...v1.2.0) Updates `github.com/sigstore/rekor` from 1.5.0 to 1.5.2 - [Release notes](https://github.com/sigstore/rekor/releases) - [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md) - [Commits](sigstore/rekor@v1.5.0...v1.5.2) Updates `github.com/sigstore/timestamp-authority/v2` from 2.0.6 to 2.1.2 - [Release notes](https://github.com/sigstore/timestamp-authority/releases) - [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md) - [Commits](sigstore/timestamp-authority@v2.0.6...v2.1.2) Updates `github.com/transparency-dev/formats` from 0.1.0 to 0.1.1 - [Release notes](https://github.com/transparency-dev/formats/releases) - [Commits](transparency-dev/formats@v0.1.0...v0.1.1) Updates `golang.org/x/crypto` from 0.50.0 to 0.52.0 - [Commits](golang/crypto@v0.50.0...v0.52.0) Updates `github.com/google/go-containerregistry` from 0.20.7 to 0.21.6 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.20.7...v0.21.6) --- updated-dependencies: - dependency-name: github.com/go-openapi/runtime dependency-version: 0.32.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch - dependency-name: github.com/go-openapi/strfmt dependency-version: 0.26.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch - dependency-name: github.com/go-openapi/swag/conv dependency-version: 0.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch - dependency-name: github.com/google/certificate-transparency-go dependency-version: 1.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch - dependency-name: github.com/google/go-containerregistry dependency-version: 0.21.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch - dependency-name: github.com/in-toto/attestation dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch - dependency-name: github.com/sigstore/rekor dependency-version: 1.5.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch - dependency-name: github.com/sigstore/timestamp-authority/v2 dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch - dependency-name: github.com/transparency-dev/formats dependency-version: 0.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch - dependency-name: golang.org/x/crypto dependency-version: 0.52.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot requested a review from a team as a code owner June 2, 2026 15:19

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 2, 2026

dependabot Bot force-pushed the dependabot/go_modules/minor-patch-56fb9aabed branch from fdb44fe to 9777f19 Compare June 2, 2026 23:13

codysoyland approved these changes Jun 3, 2026

View reviewed changes

codysoyland merged commit 40d743a into main Jun 3, 2026
13 checks passed

codysoyland deleted the dependabot/go_modules/minor-patch-56fb9aabed branch June 3, 2026 13:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the minor-patch group across 2 directories with 10 updates#637

Bump the minor-patch group across 2 directories with 10 updates#637
codysoyland merged 1 commit into
mainfrom
dependabot/go_modules/minor-patch-56fb9aabed

dependabot Bot commented on behalf of github Jun 2, 2026 •

edited

Loading

Uh oh!

codysoyland commented Jun 2, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jun 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.32.3

0.32.3 - 2026-06-02

Implemented enhancements

Documentation

Miscellaneous tasks

Updates

People who contributed to this release

Per-module changes

v0.26.3

0.26.3 - 2026-05-31

Documentation

Miscellaneous tasks

Updates

People who contributed to this release

v0.26.0

0.26.0 - 2026-04-15

Implemented enhancements

Documentation

Code quality

Miscellaneous tasks

Updates

People who contributed to this release

v1.3.3

What's Changed

CTFE

Tools

Log list library

Submission proxy

Other

Misc

Dependency updates

v1.3.3

CTFE

Tools

Log list library

Submission proxy

Other

Misc

Dependency updates

v1.2.0

Core Attestation Framework Spec Changes

New / Updated Predicates

Language Bindings Changes

Other Changes

New Contributors

v1.5.2

Changelog

Thanks for all contributors!

v1.5.1

Changelog

Thanks for all contributors!

v1.5.1

Features

Bug Fixes

v2.1.2

Changelog

v2.1.1

What's Changed

v2.1.0

What's Changed

v0.1.1

What's Changed

Deps

Uh oh!

codysoyland commented Jun 2, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jun 2, 2026 •

edited

Loading