Update dependency sigstore to v4 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
sigstore	<2 -> <5

---

Release Notes

sigstore/sigstore-python (sigstore)

v4.1.0

Compare Source

Added

• cli: Support using other Sigstore instances with --instance URL.
  New instances are trusted with new top level command trust-instance ROOTFILE.
  #​1548

Changed

• Added cryptography 46 to list of compatible cryptography releases
  (#​1544)
• Improved error message when verifying bundles with unsupported log entry versions
  (#​1569)

Fixed

• cli: Always read/write UTF-8. This fixes an issue on Windows where the platform
  default encoding was used: the issue has existed for a while, but became more visible
  with signature bundles that contain rekor2 entries.
  #​1553

v4.0.0

Compare Source

This is a major release with a host of API and functionality changes. The major new feature
is Rekor v2 support but many other changes are also included, see list below.

Added

• cli: Add --rekor-version to sign command arguments: This can be useful
  if Sigstore instance provides multiple Rekor versions and user wants to
  override the default choice
  #​1471
• cli: Support parallel signing. When multiple artifacts are signed, the Rekor
  requests are submitted in parallel: this is especially useful with Rekor v2.
  #​1468, #​1478,
  #​1485
• oidc (API): Allow custom audience claims via API
  #​1402
• rekor (API): Support Rekor v2 (aka rekor-tiles) in both verification and signing.
  #​1370, #​1422,
  #​1432
• trust (API): Make TrustedRoot, SigningConfig and ClientTrustConfig public API
  #​1496

Changed

• cli: Improve verify UX when wrong instance is used
  #​1510
• deps: replace sigstore_protobuf_specs dependency with sigstore-models
  #​1470
• trust: Update embedded TUF root
  #​1515
• trust (API): TrustConfig now provides the production()and staging() helpers. Similar methods were removed from
  SigningConfig, TrustedRoot, SigningContext and Issuer. Use TrustConfig everywhere in code base.
  #​1363
• trust (API): support SigningConfig v0.2, remove support for v0.1. The new format now fully defines the
  sigstore instance the client uses. SigningConfig class now has methods to return actual clients
  (like RekorClient) instead of just URLs for that sigstore instance. The --trust-config cli option now
  expects the trust config to contain a v0.2 SigningConfig.
  #​1358, #​1407
• trust: Support ed25519 keys in trusted root
  #​1377

Fixed

• rekor: resolve circular import of LogEntry
  #​1458
• rekor: Fix checkpoint signature lookup when there are multiple signatures
  #​1514
• rekor: Fix entry handling so inclusion promise is optional
  #​1382
• rekor: Avoid trailing slash in post to /entries
  #​1366
• sign: fetch TSA timestamps before submitting an entry to Rekor
  #​1463
• timestamp: Specify sha256 in TSA timestamp request
  #​1373
• trust: Fail less hard when trusted root contains unknown keys
  #​1424
• verify: Fix TSA cert chain construction (fixes issue in the case where certificate is not embedded in
  the timestamp)
  #​1482
• verify: Use TSA hash algorithm specified in the timestamp (SHA-256, SHA-384 and SHA-512 are supported)
  #​1385
• verify: Check artifact signing time against all established times
  #​1381
• verify: Handle unset TSA timestamp validity end
  #​1368

v3.6.6

Compare Source

Changed

• Improved error message when verifying bundles with rekor v2 entries
  (#​1565)
• Added cryptography 46 to list of compatible cryptography releases
  (#​1566)

v3.6.5

Compare Source

Fixed

• Fixed verified time handling so that additional timestamps cannot break
  otherwise valid signature bundles (#​1492)

Changed

• Added cryptography 45 to list of compatible cryptography releases
  (#​1498)

v3.6.4

Compare Source

Fixed

• Bumped the rfc3161-client dependency to >=1.0.3 to fix a security
  vulnerability (#​1451)

v3.6.3

Compare Source

Fixed

• Verify: Avoid hard failure if trusted root contains unsupported keytypes (as verification
  may succeed without that key).
  #​1425

v3.6.2

Compare Source

Fixed

• Fixed issue where a trust root with multiple rekor keys was not considered valid:
  Now any rekor key listed in the trust root is considered good to verify entries
  #​1350

Changed

• Upgraded python-tuf dependency to 6.0: Connections to TUF repository
  now use system certificates (instead of certifi) and have automatic
  retries
• Updated the embedded TUF root to version 12

v3.6.1

Compare Source

Fixed

• Relaxed the transitive dependency on cryptography to allow v43 and v44
  to be resolved
  (#​1251)

v3.6.0

Compare Source

Added

• API: The DSSE Envelope class now performs automatic validation
  (#​1211)

• API: Added signature property to Envelope class for accessing raw
  signature bytes (#​1211)

• Signed timestamps embedded in bundles are now automatically verified
  against Timestamp Authorities provided within the Trusted Root ([#​1206]
  (#​1206))

• Bundles are now generated with signed timestamps when signing if the
  Trusted Root contains one or more Timestamp Authorities
  (#​1216)

Removed

• Support for "detached" SCTs has been fully removed, aligning
  sigstore-python with other sigstore clients
  (#​1236)

Fixed

• Fixed a CLI parsing bug introduced in 3.5.1 where a warning about
  verifying legacy bundles was never shown
  (#​1198)

• Strengthened the requirement that an inclusion promise is present
  if no other source of signed time is present
  (#​1247)

v3.5.6

Compare Source

This is the last planned release in 3.5.x series: All users should upgrade to a newer release series.

Fixed

• Release process fix for [3.5.5]

v3.5.3

Compare Source

Fixed

• Corrective release for [3.5.2]

v3.5.1

Compare Source

Fixed

• Fixed a CLI parsing bug introduced in 3.5.0 when attempting
  to suppress irrelevant warnings
  (#​1192)

v3.5.0

Compare Source

Added

• CLI: The sigstore plumbing update-trust-root command has been added.
  Like other plumbing-level commands, this is considered unstable and
  changes are not subject to our semver policy until explicitly noted
  (#​1174)

Fixed

• CLI: Fixed an incorrect warning when verifying detached .crt/.sig
  inputs (#​1179)

v3.4.0

Compare Source

Changed

• CLI: When verifying, the --offline flag now fully disables all online
  operations, including routine local TUF repository refreshes
  (#​1143)

• sigstore-python's minimum supported Python version is now 3.9

Fixed

• CLI: The sigstore verify subcommands now always check for a matching
  input file, rather than unconditionally falling back to matching on a
  valid sha256:... digest pattern
  (#​1152)

v3.3.0

Compare Source

Added

• CLI: The sigstore verify command now outputs the inner in-toto statement
  when verifying DSSE envelopes. If verification is successful, the output
  will be the inner in-toto statement. This allows the user to see the
  statement's predicate, which sigstore-python does not verify and should be
  verified by the user.

• CLI: The sigstore attest subcommand has been added. This command is
  similar to cosign attest in that it signs over an artifact and a
  predicate using a DSSE envelope. This commands requires the user to pass
  a path to the file containing the predicate, and the predicate type.
  Currently only the SLSA Provenance v0.2 and v1.0 types are supported.

• CLI: The sigstore verify command now supports verifying digests. This means
  that the user can now pass a digest like sha256:aaaa.... instead of the
  path to an artifact, and sigstore-python will verify it as if it was the
  artifact with that digest.

v3.2.0

Compare Source

Added

• API: models.Bundle.BundleType is now a public API
  (#​1089)

• CLI: The sigstore plumbing subcommand hierarchy has been added. This
  hierarchy is for developer-only interactions, such as fixing malformed
  Sigstore bundles. These subcommands are not considered stable until
  explicitly documented as such.
  (#​1089)

Changed

• CLI: The default console logger now emits to stderr, rather than stdout
  (#​1089)

v3.1.0

Compare Source

Added

• API: dsse.StatementBuilder has been added. It can be used to construct an
  in-toto Statement for subsequent enveloping and signing.
  This API is public but is not considered stable until the next major
  release.
  (#​1077)

• API: dsse.Digest, dsse.DigestSet, and dsse.Subject have been added.
  These types can be used with the StatementBuilder API as part of in-toto
  Statement construction.
  These API are public but are not considered stable until the next major
  release.
  (#​1078)

Changed

• API: verify_dsse now rejects bundles with DSSE envelopes that have more than
  one signature, rather than checking all signatures against the same key
  (#​1062)

v3.0.0

Compare Source

Maintainers' note: this is a major release, with significant public API and CLI
changes. We strongly recommend you read the entries below to fully
understand the changes between 2.x and 3.x.

Added

• API: Signer.sign_artifact() has been added, replacing the removed
  Signer.sign() API

• API: Signer.sign_dsse() has been added. It takes an in-toto Statement
  as an input, producing a DSSE-formatted signature rather than a "bare"
  signature (#​804)

• API: "v3" Sigstore bundles are now supported during verification
  (#​901)

• API: Verifier.verify(...) can now take a Hashed as an input, performing
  signature verification on a pre-computed hash value
  (#​904)

• API: The sigstore.dsse module has been been added, including APIs
  for representing in-toto statements and DSSE envelopes
  (#​930)

• CLI: The --trust-config flag has been added as a global option,
  enabling consistent "BYO PKI" uses of sigstore with a single flag
  (#​1010)

• CLI: The sigstore verify subcommands can now verify bundles containing
  DSSE entries, such as those produced by
  GitHub Artifact Attestations
  (#​1015)

Removed

• BREAKING API CHANGE: SigningResult has been removed.
  The public signing APIs now return sigstore.models.Bundle.

• BREAKING API CHANGE: VerificationMaterials has been removed.
  The public verification APIs now accept sigstore.models.Bundle.

• BREAKING API CHANGE: Signer.sign(...) has been removed. Use
  either sign_artifact(...) or sign_dsse(...), depending on whether
  you're signing opaque bytes or an in-toto statement.

• BREAKING API CHANGE: VerificationResult has been removed.
  The public verification and policy APIs now raise
  sigstore.errors.VerificationError on failure.

• BREAKING CLI CHANGE: The --rekor-url and --fulcio-url
  flags have been entirely removed. To configure a custom PKI, use
  --trust-config
  (#​1010)

Changed

• BREAKING API CHANGE: Verifier.verify(...) now takes a bytes | Hashed
  as its verification input, rather than implicitly receiving the input through
  the VerificationMaterials parameter
  (#​904)

• BREAKING API CHANGE: VerificationMaterials.rekor_entry(...) now takes
  a Hashed parameter to convey the digest used for Rekor entry lookup
  (#​904)

• BREAKING API CHANGE: Verifier.verify(...) now takes a sigstore.models.Bundle,
  instead of a VerificationMaterials (#​937)

• BREAKING CLI CHANGE: sigstore sign now emits {input}.sigstore.json
  by default instead of {input}.sigstore, per the client specification
  (#​1007)

• sigstore-python now requires inclusion proofs in all signing and verification
  flows, regardless of bundle version of input types. Inputs that do not
  have an inclusion proof (such as detached materials) cause an online lookup
  before any further processing is performed
  (#​937)

• sigstore-python now generates "v3" bundles by default during signing
  (#​937)

• CLI: Bundles are now always verified offline. The offline flag has no effect.
  (#​937)

• CLI: "Detached" materials are now always verified online, due to a lack of
  an inclusion proof. Passing --offline with detached materials will cause
  an error (#​937)

• API: sigstore.transparency has been removed, and its pre-existing APIs
  have been re-homed under sigstore.models
  (#​990)

• API: oidc.IdentityToken.expected_certificate_subject has been renamed
  to oidc.IdentityToken.federated_issuer to better describe what it actually
  contains. No functional changes have been made to it
  (#​1016)

• API: policy.Identity now takes an optional OIDC issuer, rather than a
  required one (#​1015)

• CLI: sigstore verify github now requires --cert-identity or
  --repository, not just --cert-identity
  (#​1015)

v2.1.5

Compare Source

v2.1.3

Compare Source

v2.1.2

Compare Source

This is a corrective release for [2.1.1].

v2.1.0

Compare Source

Added

• CLI: sigstore verify's subcommands now discover {input}.sigstore.json
  by default, in addition to the previous {input}.sigstore. The former now
  takes precedence over the latter, and supplying both results in an error
  (#​820)

v2.0.1

Compare Source

Fixed

• CLI: When using --certificate-chain, read as bytes instead of str
  as expected by the underlying API (#​796)

v2.0.0

Compare Source

Added

• CLI: sigstore sign and sigstore get-identity-token now support the
  --oauth-force-oob option; which has the same behavior as the
  preexisting SIGSTORE_OAUTH_FORCE_OOB environment variable
  (#​667)

• Version 0.2 of the Sigstore bundle format is now supported
  (#​705)

• API addition: VerificationMaterials.to_bundle() is a new public API for
  producing a standard Sigstore bundle from sigstore-python's internal
  representation (#​719)

• API addition: New method sign.SigningResult.to_bundle() allows signing
  applications to serialize to the bundle format that is already usable in
  verification with verify.VerificationMaterials.from_bundle()
  (#​765)

Changed

• sigstore verify now performs additional verification of Rekor's inclusion
  proofs by cross-checking them against signed checkpoints
  (#​634)

• A cached copy of the trust bundle is now included with the distribution
  (#​611)

• Stopped emitting .sig and .crt signing outputs by default in sigstore sign.
  Sigstore bundles are now preferred
  (#​614)

• Trust root configuration now assumes that the TUF repository contains a trust
  bundle, rather than falling back to deprecated individual targets
  (#​626)

• API change: the sigstore.oidc.IdentityToken API has been stabilized as
  a wrapper for OIDC tokens
  (#​635)

• API change: Signer.sign now takes a sigstore.oidc.IdentityToken for
  its identity argument, rather than a "raw" OIDC token
  (#​635)

• API change: Issuer.identity_token now returns a
  sigstore.oidc.IdentityToken, rather than a "raw" OIDC token
  (#​635)

• sigstore verify is not longer a backwards-compatible alias for
  sigstore verify identity, as it was during the 1.0 release series
  (#​642)

• API change: the Signer API has been broken up into SigningContext
  and Signer, allowing a SigningContext to create individual Signer
  instances that correspond to a single IdentityToken. This new API
  also enables ephemeral key and certificate reuse across multiple inputs,
  reducing the number of cryptographic operations and network roundtrips
  required when signing more than one input
  (#​645)

• sigstore sign now uses an ephemeral P-256 keypair, rather than P-384
  (#​662)

• API change: RekorClientError does not try to always parse response
  content as JSON
  (#​694)

• API change: LogEntry.inclusion_promise can now be None, but only
  if LogEntry.inclusion_proof is not None
  (#​705)

• sigstore-python's minimum supported Python version is now 3.8
  (#​745)

Fixed

• Fixed a case where sigstore verify would fail to verify an otherwise valid
  inclusion proof due to an incorrect timerange check
  (#​633)

• Removed an unnecessary and backwards-incompatible parameter from the
  sigstore.oidc.detect_credential API
  (#​641)

• Fixed a case where sigstore sign (and sigstore verify) could fail while
  using a private instance due to a missing due to a missing ExtendedKeyUsage
  in the CA. We now enforce the fact that the TBSPrecertificate signer must be
  a valid CA (#​658)

• Fixed a case where identity token retrieval would produce an unhelpful
  error message (#​767)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.