build(deps): bump the go-deps group across 1 directory with 11 updates

[dependabot]

Bumps the go-deps group with 10 updates in the / directory:

Package	From	To
github.com/elazarl/goproxy	1.7.0	1.7.2
github.com/fluxcd/pkg/git	0.25.0	0.26.0
github.com/fluxcd/pkg/git/gogit	0.25.0	0.26.0
github.com/minio/minio-go/v7	7.0.87	7.0.91
github.com/notaryproject/notation-core-go	1.2.0	1.3.0
github.com/notaryproject/notation-go	1.3.0	1.3.2
github.com/onsi/gomega	1.36.2	1.37.0
github.com/ory/dockertest/v3	3.11.0	3.12.0
github.com/prometheus/client_golang	1.21.0	1.22.0
github.com/sigstore/sigstore	1.8.15	1.9.3

Updates github.com/elazarl/goproxy from 1.7.0 to 1.7.2

Release notes

Sourced from github.com/elazarl/goproxy's releases.

v1.7.2

What's Changed

• Avoid breaking changes and port them to the v2 branch instead

Full Changelog: elazarl/goproxy@v1.7.1...v1.7.2

v1.7.1

What's Changed

• Add MITM request cancel test by @​ErikPelli in elazarl/goproxy#644
• Bump golang.org/x/text from 0.21.0 to 0.22.0 in /ext by @​dependabot in elazarl/goproxy#645
• Bump golang.org/x/net from 0.34.0 to 0.35.0 in /ext by @​dependabot in elazarl/goproxy#647
• Bump golang.org/x/net from 0.34.0 to 0.35.0 by @​dependabot in elazarl/goproxy#646
• Add next protocols in default TLS configuration by @​ErikPelli in elazarl/goproxy#651

Full Changelog: elazarl/goproxy@v1.7.0...v1.7.1

Commits

• 09a5680 Revert "Add next protocols in default TLS configuration (#651)"
• 948b6ca Revert "Connect related changes - add optional hooks (#504)"
• 44bab45 Connect related changes - add optional hooks (#504)
• 0003d27 Add next protocols in default TLS configuration (#651)
• 591e8ff Merge pull request #646 from elazarl/dependabot/go_modules/golang.org/x/net-0...
• be1818f Merge pull request #647 from elazarl/dependabot/go_modules/ext/golang.org/x/n...
• 41dd5c9 Bump golang.org/x/net from 0.34.0 to 0.35.0 in /ext
• b0ba765 Bump golang.org/x/net from 0.34.0 to 0.35.0
• 1f65b1b Merge pull request #645 from elazarl/dependabot/go_modules/ext/golang.org/x/t...
• 3d75816 Bump golang.org/x/text from 0.21.0 to 0.22.0 in /ext
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git from 0.25.0 to 0.26.0

Commits

• 877b123 Merge pull request #904 from fluxcd/git-mtls
• ee8655f Remove duplicate err return
• 3465f32 Wire ClientCert and ClientKey into gogit client
• f069943 Add ClientCert and ClientKey to Git auth options
• 7579486 Merge pull request #910 from fluxcd/renew-certs
• b890f1b Renew testdata certs
• f7fc565 Merge pull request #905 from fluxcd/update-sops-action
• 28f52c0 actions: Update SOPS repository
• 155709e Merge pull request #891 from fluxcd/fix-impersonator-namespace
• 8af0b98 Fix: Impersonator namespace was used by both ServiceAccount and KubeConfig
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git/gogit from 0.25.0 to 0.26.0

Commits

• 877b123 Merge pull request #904 from fluxcd/git-mtls
• ee8655f Remove duplicate err return
• 3465f32 Wire ClientCert and ClientKey into gogit client
• f069943 Add ClientCert and ClientKey to Git auth options
• 7579486 Merge pull request #910 from fluxcd/renew-certs
• b890f1b Renew testdata certs
• f7fc565 Merge pull request #905 from fluxcd/update-sops-action
• 28f52c0 actions: Update SOPS repository
• 155709e Merge pull request #891 from fluxcd/fix-impersonator-namespace
• 8af0b98 Fix: Impersonator namespace was used by both ServiceAccount and KubeConfig
• Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.13.2 to 5.16.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.0

What's Changed

• [v5] plumbing: support mTLS for HTTPS protocol by @​hiddeco in go-git/go-git#1510
• v5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514 by @​pjbgf in go-git/go-git#1515

Full Changelog: go-git/go-git@v5.15.0...v5.16.0

v5.15.0

What's Changed

• plumbing: add cert auth support to releases/v5.x by @​Javier-varez in go-git/go-git#1482
• v5: Bump dependencies by @​pjbgf in go-git/go-git#1505

Full Changelog: go-git/go-git@v5.14.0...v5.15.0

v5.14.0

What's Changed

• v5: Bump Go and dependencies to mitigate GO-2025-3487 by @​pjbgf in go-git/go-git#1436

⚠️ Note that this version requires Go 1.23, due to the bump to golang.org/x/[email protected] which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.

Full Changelog: go-git/go-git@v5.13.2...v5.14.0

Commits

• 6d4a5c6 Merge pull request #1515 from pjbgf/regre
• beedd6b plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514
• 763ce2e Merge pull request #1510 from hiddeco/mtls-support
• 5320e1b plumbing: surface transport configuration errors
• 9bbc93b plumbing: fix unintended pointer mutation in test
• f3783f4 plumbing: support mTLS for HTTPS protocol
• 6f444d3 Merge pull request #1505 from pjbgf/bump
• 9996069 v5: Bump dependencies
• 768fda7 Merge pull request #1482 from Javier-varez/add-cert-auth-support-v5.x
• ba9d693 plumbing: support setting custom host key algorithms along with host key call...
• Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.87 to 7.0.91

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix v7.0.90

What's Changed

• Add anonymous chunked encoding with trailing headers by @​klauspost in minio/minio-go#2084
• Implement AppendObject() API by @​harshavardhana in minio/minio-go#2082
• Update x/net version by @​BorjaOuterelo in minio/minio-go#2085
• Rety iterators by @​tlyons-cs in minio/minio-go#2087
• Add function for getting creds of remote client by @​shtripat in minio/minio-go#2089

New Contributors

• @​BorjaOuterelo made their first contribution in minio/minio-go#2085
• @​tlyons-cs made their first contribution in minio/minio-go#2087

Full Changelog: minio/minio-go@v7.0.89...v7.0.90

Bugfix Release

What's Changed

• add PurgeOnDelete to versioning config by @​poornas in minio/minio-go#2074
• Adds TokenRevokeType field to credential providers. by @​taran-p in minio/minio-go#2075
• make downtime info as map to denote per target info by @​Praveenrajmani in minio/minio-go#2079
• update deps and move CI/CD to go1.23, go1.24 by @​harshavardhana in minio/minio-go#2080
• update golint version by @​harshavardhana in minio/minio-go#2083

New Contributors

• @​taran-p made their first contribution in minio/minio-go#2075

Full Changelog: minio/minio-go@v7.0.88...v7.0.89

Bugfix Release

What's Changed

• add replication stat counters and downtime info types by @​Praveenrajmani in minio/minio-go#2071
• feat: add reverse version for listObjectVersions by @​jiuker in minio/minio-go#2072

New Contributors

• @​Praveenrajmani made their first contribution in minio/minio-go#2071

Full Changelog: minio/minio-go@v7.0.87...v7.0.88

Commits

• e8e8aca fix: incorrect set x-amz-date for signV4 (#2096)
• ed6737b Add 8 new aws region (#2090)
• c94afd8 Update version to next release
• 68fb5ee Add function for getting creds of remote client (#2089)
• 1e5fd8a Replacing retry goroutines with iterators (#2087)
• 7502986 Update x/net version (#2085)
• 6c30280 Implement AppendObject() API (#2082)
• fb4bc4c Add anonymous chunked encoding with trailing headers (#2084)
• efd53f1 Update version to next release
• 8c92869 update golint version (#2083)
• Additional commits viewable in compare view

Updates github.com/notaryproject/notation-core-go from 1.2.0 to 1.3.0

Release notes

Sourced from github.com/notaryproject/notation-core-go's releases.

v1.3.0

Vote PASSED [+4 -0]: #271

Updates

• Support of delta CRL during certificate revocation check.
• Upgraded go version to v1.23.0
• Error message fix and dependency updates.

What's Changed since v1.2.0

• feat: delta CRL by @​JeyJeyGao in notaryproject/notation-core-go#247
• bump: update go v1.23 by @​JeyJeyGao in notaryproject/notation-core-go#260
• build(deps): bump golang.org/x/crypto from 0.32.0 to 0.35.0 by @​dependabot in notaryproject/notation-core-go#261
• build(deps): bump apache/skywalking-eyes from 0.6.0 to 0.7.0 by @​dependabot in notaryproject/notation-core-go#258
• fix: use iterator instead of looping through multiple slices by @​JeyJeyGao in notaryproject/notation-core-go#259
• build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0 by @​dependabot in notaryproject/notation-core-go#262
• build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 by @​dependabot in notaryproject/notation-core-go#263
• build(deps): bump github.com/fxamacker/cbor/v2 from 2.7.0 to 2.8.0 by @​dependabot in notaryproject/notation-core-go#265
• build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0 by @​dependabot in notaryproject/notation-core-go#267
• fix: error message of SignatureAuthenticityError by @​Two-Hearts in notaryproject/notation-core-go#269

Full Changelog: notaryproject/notation-core-go@v1.2.0...v1.3.0

Commits

• ef87896 fix: error message of SignatureAuthenticityError (#269)
• 46726d8 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0 (#267)
• b85e8f7 build(deps): bump github.com/fxamacker/cbor/v2 from 2.7.0 to 2.8.0 (#265)
• 4d73532 build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#263)
• 6a378d5 build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0 (#262)
• ea37e4e fix: use iterator instead of looping through multiple slices (#259)
• fcf4512 build(deps): bump apache/skywalking-eyes from 0.6.0 to 0.7.0 (#258)
• 9c4662f build(deps): bump golang.org/x/crypto from 0.32.0 to 0.35.0 (#261)
• 441bbe8 bump: update go v1.23 (#260)
• 7510083 feat: delta CRL (#247)
• See full diff in compare view

Updates github.com/notaryproject/notation-go from 1.3.0 to 1.3.2

Release notes

Sourced from github.com/notaryproject/notation-go's releases.

v1.3.2

Vote PASSED [+5 -0]: #538

Update

• Error message and dependency updates

What's Changed since notation-go v1.3.1

• bump: release v1.3.1 by @​Two-Hearts in notaryproject/notation-go#517
• backport: from main to release-1.3 branch by @​Two-Hearts in notaryproject/notation-go#536

Full Changelog: notaryproject/notation-go@v1.3.1...v1.3.2

New Contributors

• @​qba73 made their first contribution in notaryproject/notation-go#529

v1.3.1

Vote PASSED [+5 -0]: #517

Bug fix

• This patch release removes the timestamp check against signing time during authentic timestamp verification due to potential time skew and the unauthenticated nature of signing time field.

What's Changed

• bump: release v1.3.0 by @​Two-Hearts in notaryproject/notation-go#507
• fix: remove signing time check during authenticTimestamp by @​Two-Hearts in notaryproject/notation-go#514
• bump: bump up dependencies for release-1.3 branch by @​Two-Hearts in notaryproject/notation-go#516

Full Changelog: notaryproject/notation-go@v1.3.0...v1.3.1

Commits

• 34a1aba bump: release v1.3.2
• c447774 backport: from main to release-1.3 branch (#536)
• 727046d Merge pull request #517 from Two-Hearts/release-1.3
• 961cef1 bump: release v1.3.1
• f171fb0 bump: bump up dependencies for release-1.3 branch (#516)
• 540cc34 fix: remove signing time check during authenticTimestamp (#514)
• 1864576 Merge pull request #507 from Two-Hearts/release-1.3
• See full diff in compare view

Updates github.com/onsi/gomega from 1.36.2 to 1.37.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.37.0

1.37.0

Features

• add To/ToNot/NotTo aliases for AsyncAssertion [5666f98]

v1.36.3

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.37.0

Features

• add To/ToNot/NotTo aliases for AsyncAssertion [5666f98]

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

Commits

• 272fca3 v1.37.0
• 5666f98 add To/ToNot/NotTo aliases for AsyncAssertion
• 2251143 v1.36.3
• adb8b49 bump all the things
• 7613216 chore: replace interface{} with any
• 9fe5259 Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822)
• a0e85b9 remove spurious "toolchain" from go.mod (#819)
• 604a8b1 Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823)
• 36fbc84 Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772)
• ced70d7 Bump github-pages from 231 to 232 in /docs (#778)
• Additional commits viewable in compare view

Updates github.com/ory/dockertest/v3 from 3.11.0 to 3.12.0

Release notes

Sourced from github.com/ory/dockertest/v3's releases.

v3.12.0

What's Changed

• chore(deps): bump github.com/docker/cli from 26.1.4+incompatible to 27.1.2+incompatible by @​dependabot in ory/dockertest#524
• chore(deps): bump actions/checkout from 3 to 4 by @​dependabot in ory/dockertest#514
• chore(deps): bump actions/stale from 4 to 9 by @​dependabot in ory/dockertest#526
• chore(deps): bump github.com/opencontainers/runc from 1.1.13 to 1.1.15 by @​dependabot in ory/dockertest#538
• chore(deps): bump actions/checkout from 2 to 4 by @​dependabot in ory/dockertest#527
• feat: use creds helper by @​GuillaumeSmaha in ory/dockertest#520
• added AuthConfigs to BuildOptions and pass that to BuildImage by @​DGollings in ory/dockertest#488
• add multiple test container example by @​akoserwal in ory/dockertest#515
• fix: trying to bind to an outbound ip returns an empty list of port bindings by @​atzoum in ory/dockertest#533
• chore(deps): bump golang.org/x/sys from 0.21.0 to 0.28.0 by @​dependabot in ory/dockertest#548
• chore(deps): bump actions/stale from 4 to 9 by @​dependabot in ory/dockertest#550
• chore(deps): bump actions/checkout from 2 to 4 by @​dependabot in ory/dockertest#549
• chore(deps): bump actions/checkout from 2 to 4 by @​dependabot in ory/dockertest#555
• chore(deps): bump github.com/docker/cli from 27.1.2+incompatible to 27.4.1+incompatible by @​dependabot in ory/dockertest#553
• chore(deps): bump github.com/opencontainers/runc from 1.1.15 to 1.2.3 by @​dependabot in ory/dockertest#551
• chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @​dependabot in ory/dockertest#547
• feat: add support for BuildKit when building images by @​tmc in ory/dockertest#416
• chore(deps): bump actions/setup-node from 2.pre.beta to 4.1.0 by @​dependabot in ory/dockertest#539
• chore(deps): bump actions/stale from 4 to 9 by @​dependabot in ory/dockertest#554

New Contributors

• @​GuillaumeSmaha made their first contribution in ory/dockertest#520
• @​DGollings made their first contribution in ory/dockertest#488
• @​akoserwal made their first contribution in ory/dockertest#515
• @​atzoum made their first contribution in ory/dockertest#533

Full Changelog: ory/dockertest@v3.11.0...v3.12.0

Commits

• 8a76ff0 chore: update repository templates to ory/meta@bc60...
• 207b20a chore: update repository templates to ory/meta@83e7...
• fabf563 autogen: update license overview
• 4b1e539 chore: update repository templates to ory/meta@44ef...
• 46d1a7b chore: update repository templates to ory/meta@c091...
• 13e6e33 chore(deps): bump actions/stale from 4 to 9 (#554)
• 91b7d0b chore(deps): bump actions/setup-node from 2.pre.beta to 4.1.0 (#539)
• 28c8c5b chore(deps): bump github.com/containerd/continuity from 0.4.3 to 0.4.5 (#545)
• eec3a4f feat: add support for BuildKit when building images (#416)
• f6e65ba chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#547)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.21.0 to 1.22.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.22.0 - 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)

• [FEATURE] prometheus: Add new CollectorFunc utility #1724
• [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
• [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
• [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

• build(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0 by @​dependabot in prometheus/client_golang#1720
• build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.3 by @​dependabot in prometheus/client_golang#1719
• Update RELEASE.md by @​bwplotka in prometheus/client_golang#1721
• chore(docs): Add links for the upstream PRs by @​kakkoyun in prometheus/client_golang#1722
• Added tips on releasing client and checking with k8s. by @​bwplotka in prometheus/client_golang#1723
• feat: Add new CollectorFunc utility by @​Saumya40-codes in prometheus/client_golang#1724
• build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @​dependabot in prometheus/client_golang#1725
• build(deps): bump the github-actions group with 5 updates by @​dependabot in prometheus/client_golang#1726
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1727
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1731
• build(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0 by @​dependabot in prometheus/client_golang#1739
• build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @​dependabot in prometheus/client_golang#1740
• Cleanup dependabot config by @​SuperQ in prometheus/client_golang#1741
• Upgrade Golang version v1.24 by @​dongjiang1989 in prometheus/client_golang#1738
• build(deps): bump the github-actions group with 2 updates by @​dependabot in prometheus/client_golang#1742
• Merging 1.21 release back to main. by @​bwplotka in prometheus/client_golang#1744
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1745
• Add support for undocumented query options for API by @​mahendrapaipuri in prometheus/client_golang#1743
• exp/api: Add experimental exp module; Add remote API with write client and handler. by @​bwplotka in prometheus/client_golang#1658
• exp/api: Add accepted msg type validation to handler by @​saswatamcode in prometheus/client_golang#1750
• build(deps): bump the github-actions group with 5 updates by @​dependabot in prometheus/client_golang#1751
• build(deps): bump github.com/klauspost/compress from 1.17.11 to 1.18.0 by @​dependabot in prometheus/client_golang#1752
• build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @​dependabot in prometheus/client_golang#1753
• exp: Reset snappy buf by @​saswatamcode in prometheus/client_golang#1756
• Merge release 1.21.1 to main. by @​bwplotka in prometheus/client_golang#1762
• exp: Add dependabot config by @​saswatamcode in prometheus/client_golang#1754
• build(deps): bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 in the github-actions group by @​dependabot in prometheus/client_golang#1764

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.22.0 / 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)

• [FEATURE] prometheus: Add new CollectorFunc utility #1724
• [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
• [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
• [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

1.21.1 / 2025-03-04

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

Commits

• d50be25 Cut 1.22.0 (#1793)
• 1043db7 Cut 1.22.0-rc.0 (#1768)
• e575c9c promhttp: Isolate zstd support and klauspost/compress library use to promhttp...
• f2276aa Merge pull request #1764 from prometheus/dependabot/github_actions/github-act...
• 9df772c build(deps): bump peter-evans/create-pull-request
• a3548c5 Merge pull request #1754 from saswatamcode/exp-eh
• 60fd2b0 Remove go.work file for now
• 8f9d0de exp: Add dependabot config
• c5cf981 Merge pull request #1762 from prometheus/release-1.21
• 8a42da3 Fix ios build. (#1758)
• Additional commits viewable in compare view

Updates github.com/sigstore/sigstore from 1.8.15 to 1.9.3

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.9.3

What's Changed

• add proto hash algorithm to registry by @​loosebazooka in sigstore/sigstore#2048

New Contributors

• @​loosebazooka made their first contribution in sigstore/sigstore#2048

Full Changelog: sigstore/sigstore@v1.9.2...v1.9.3

v1.9.2

What's Changed

• Add tink package by @​cmurphy in sigstore/sigstore#2024
• pkg/signature: add P384/P521 compatibility algo to algorithm registry by @​ret2libc in sigstore/sigstore#2037

New Contributors

• @​cmurphy made their first contribution in sigstore/sigstore#2024

Full Changelog: sigstore/sigstore@v1.9.1...v1.9.2

v1.9.1

What's Changed

• Implement default signing algorithms based on the key type by @​ret2libc in sigstore/sigstore#2014

Full Changelog: sigstore/sigstore@v1.9.0...v1.9.1

v1.9.0

What's Changed

• Update KMS policy for new plugin interface by @​haydentherapper in sigstore/sigstore#1987
• Update TUF root to latest v12 root by @​haydentherapper in sigstore/sigstore#1988
• build(deps): Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 by @​dependabot in sigstore/sigstore#1994
• upgrade go-jose to v4 by @​cpanato in sigstore/sigstore#2000
• pkg/signature: expose Algorithm Details information by @​ret2libc in sigstore/sigstore#2001

Full Changelog: sigstore/sigstore@v1.8.15...v1.9.0

Commits

• 1e63a21 add proto hash algorithm to registry (#2048)
• 404e5b5 Bump deps (#2047)
• 0a5d37c build(deps): Bump the gomod group across 1 directory with 2 updates (#2046)
• a14c5f0 build(deps): Bump actions/dependency-review-action in the all group (#2044)
• e842090 pkg/signature: add P384/P521 compatibility algo to algorithm registry (#2037)
• ac746e0 Update linter to v2 (#2041)

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.