Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.15

[dependabot]

Bumps github.com/sigstore/sigstore from 1.8.3 to 1.8.15.

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.15

What's Changed

• pkg/signature: fix RSA PSS 3072 key size in algorithm registry in sigstore/sigstore#1981
• check concrete type for non-nil to stop fuzzing crash in sigstore/sigstore#1983
• fix: cliplugin: return ErrorProviderNotFound when calling Get with a path in sigstore/sigstore#1982

Full Changelog: sigstore/sigstore@v1.8.14...v1.8.15

v1.8.14

What's Changed

This is the same content as v1.8.13, with a CI/CD fix.

• add initial plugin support for KMSs in sigstore/sigstore#1901
• cliplugin: add mocks and serialization testing in sigstore/sigstore#1918
• kms plugin: add SignMessage in sigstore/sigstore#1919
• cliplugin: add VerifySignature in sigstore/sigstore#1944
• cliplugin: add windows ci testing in sigstore/sigstore#1951
• Create Algorithm Registry API in sigstore/sigstore#1601
• cliplugin: add SupportedAlgorithms(), PublicKey(), and CryptoSigner(). in sigstore/sigstore#1946
• cliplugin: use caller contexts in sigstore/sigstore#1947
• cliplugin: semver, add tests for hash func encoding in sigstore/sigstore#1948
• cliplugin: lint fixes in sigstore/sigstore#1958
• cliplugin: convert module to package only in sigstore/sigstore#1956

v1.8.13

What's Changed

• add initial plugin support for KMSs in sigstore/sigstore#1901
• cliplugin: add mocks and serialization testing in sigstore/sigstore#1918
• kms plugin: add SignMessage in sigstore/sigstore#1919
• cliplugin: add VerifySignature in sigstore/sigstore#1944
• cliplugin: add windows ci testing in sigstore/sigstore#1951
• Create Algorithm Registry API in sigstore/sigstore#1601
• cliplugin: add SupportedAlgorithms(), PublicKey(), and CryptoSigner(). in sigstore/sigstore#1946
• cliplugin: use caller contexts in sigstore/sigstore#1947
• cliplugin: semver, add tests for hash func encoding in sigstore/sigstore#1948
• cliplugin: lint fixes in sigstore/sigstore#1958
• cliplugin: convert module to package only in sigstore/sigstore#1956

Full Changelog: sigstore/sigstore@v1.8.12...v1.8.13

v1.8.12

What's Changed

• build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1912
• build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1911
• build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @​dependabot in sigstore/sigstore#1909
• build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1917

... (truncated)

Commits

• 0c5004e build(deps): Bump golang.org/x/oauth2 from 0.25.0 to 0.26.0 (#1968)
• 08ccf77 build(deps): Bump github.com/aws/aws-sdk-go-v2 in /pkg/signature/kms/aws (#1970)
• 9720b04 build(deps): Bump golangci/golangci-lint-action (#1984)
• ce0fa17 fix: cliplugin: return ErrorProviderNotFound when calling Get with a path (#1...
• a5ada3f check concrete type for non-nil (#1983)
• 75b85e2 pkg/signature: fix RSA PSS 3072 key size in algorithm registry (#1981)
• 351b102 export variable (#1978)
• 0a1ec6f build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp (#1973)
• a806b7e build(deps): Bump github.com/hashicorp/vault/api (#1974)
• a235f11 build(deps): Bump localstack/localstack in /test/e2e in the all group (#1965)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #1838.