Skip to content

Commit c1961f1

Browse files
dependabot[bot]dependabot[bot]
authored
Bump github.com/carabiner-dev/signer from 0.1.2 to 0.3.5
Bumps [github.com/carabiner-dev/signer](https://github.com/carabiner-dev/signer) from 0.1.2 to 0.3.5. - [Release notes](https://github.com/carabiner-dev/signer/releases) - [Commits](carabiner-dev/signer@v0.1.2...v0.3.5) --- updated-dependencies: - dependency-name: github.com/carabiner-dev/signer dependency-version: 0.3.5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
1 parent b1e58ee commit c1961f1

File tree

2 files changed

+16
-16
lines changed

2 files changed

+16
-16
lines changed

go.mod

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
module github.com/slsa-framework/source-tool
22

3-
go 1.25.0
3+
go 1.25.5
44

55
require (
6-
github.com/carabiner-dev/signer v0.1.2
6+
github.com/carabiner-dev/signer v0.3.5
77
github.com/carabiner-dev/vcslocator v0.3.2
88
github.com/fatih/color v1.18.0
99
github.com/go-git/go-billy/v6 v6.0.0-20250627091229-31e2a16eef30
@@ -31,7 +31,7 @@ require (
3131
github.com/cenkalti/backoff/v5 v5.0.3 // indirect
3232
github.com/cloudflare/circl v1.6.1 // indirect
3333
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect
34-
github.com/coreos/go-oidc/v3 v3.16.0 // indirect
34+
github.com/coreos/go-oidc/v3 v3.17.0 // indirect
3535
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 // indirect
3636
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
3737
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
@@ -101,7 +101,7 @@ require (
101101
github.com/sigstore/protobuf-specs v0.5.0 // indirect
102102
github.com/sigstore/rekor v1.4.3 // indirect
103103
github.com/sigstore/rekor-tiles/v2 v2.0.1 // indirect
104-
github.com/sigstore/sigstore v1.10.0 // indirect
104+
github.com/sigstore/sigstore v1.10.3 // indirect
105105
github.com/sigstore/timestamp-authority/v2 v2.0.3 // indirect
106106
github.com/sirupsen/logrus v1.9.3 // indirect
107107
github.com/skeema/knownhosts v1.3.1 // indirect
@@ -123,8 +123,8 @@ require (
123123
golang.org/x/net v0.47.0 // indirect
124124
golang.org/x/oauth2 v0.33.0 // indirect
125125
golang.org/x/sync v0.18.0 // indirect
126-
golang.org/x/sys v0.38.0 // indirect
127-
golang.org/x/term v0.37.0 // indirect
126+
golang.org/x/sys v0.39.0 // indirect
127+
golang.org/x/term v0.38.0 // indirect
128128
golang.org/x/text v0.31.0 // indirect
129129
golang.org/x/time v0.14.0 // indirect
130130
golang.org/x/tools v0.39.0 // indirect

go.sum

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -77,8 +77,8 @@ github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdn
7777
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
7878
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
7979
github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
80-
github.com/carabiner-dev/signer v0.1.2 h1:R0MT947V75vw8sYUrqxzGeXA3wBcDoxkOiEPYWrO0rg=
81-
github.com/carabiner-dev/signer v0.1.2/go.mod h1:P9jv4aV3QoukE/304ZmhK1mI7B5aZxjgUMuy/fjsjdQ=
80+
github.com/carabiner-dev/signer v0.3.5 h1:PUzXLHMoaIc3A4+tlxS/syb4PYwl0UU55viOLGchiDc=
81+
github.com/carabiner-dev/signer v0.3.5/go.mod h1:D3PsTzKupkHmAa7kZ7WqmMkba8KCXDJL6+vuaQjuzt8=
8282
github.com/carabiner-dev/vcslocator v0.3.2 h1:/rfhELG1mvqFq0xi8LQSkfpAVoQDCGlWoL6J5tX9Inw=
8383
github.com/carabiner-dev/vcslocator v0.3.2/go.mod h1:jvYlXLVyqQqkBuSH/CiE1pbHifoPaAhWtUjLquHaBb0=
8484
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
@@ -91,8 +91,8 @@ github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUo
9191
github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4=
9292
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL2kskAlV9ckgEsNQXscjIaLiOYiZ75d4e94E6dcQ=
9393
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w=
94-
github.com/coreos/go-oidc/v3 v3.16.0 h1:qRQUCFstKpXwmEjDQTIbyY/5jF00+asXzSkmkoa/mow=
95-
github.com/coreos/go-oidc/v3 v3.16.0/go.mod h1:wqPbKFrVnE90vty060SB40FCJ8fTHTxSwyXJqZH+sI8=
94+
github.com/coreos/go-oidc/v3 v3.17.0 h1:hWBGaQfbi0iVviX4ibC7bk8OKT5qNr4klBaCHVNvehc=
95+
github.com/coreos/go-oidc/v3 v3.17.0/go.mod h1:wqPbKFrVnE90vty060SB40FCJ8fTHTxSwyXJqZH+sI8=
9696
github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
9797
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 h1:uX1JmpONuD549D73r6cgnxyUu18Zb7yHAy5AYU0Pm4Q=
9898
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
@@ -364,8 +364,8 @@ github.com/sigstore/rekor v1.4.3 h1:2+aw4Gbgumv8vYM/QVg6b+hvr4x4Cukur8stJrVPKU0=
364364
github.com/sigstore/rekor v1.4.3/go.mod h1:o0zgY087Q21YwohVvGwV9vK1/tliat5mfnPiVI3i75o=
365365
github.com/sigstore/rekor-tiles/v2 v2.0.1 h1:1Wfz15oSRNGF5Dzb0lWn5W8+lfO50ork4PGIfEKjZeo=
366366
github.com/sigstore/rekor-tiles/v2 v2.0.1/go.mod h1:Pjsbhzj5hc3MKY8FfVTYHBUHQEnP0ozC4huatu4x7OU=
367-
github.com/sigstore/sigstore v1.10.0 h1:lQrmdzqlR8p9SCfWIpFoGUqdXEzJSZT2X+lTXOMPaQI=
368-
github.com/sigstore/sigstore v1.10.0/go.mod h1:Ygq+L/y9Bm3YnjpJTlQrOk/gXyrjkpn3/AEJpmk1n9Y=
367+
github.com/sigstore/sigstore v1.10.3 h1:s7fBYYOzW/2Vd0nND2ZdpWySb5vRF2u9eix/NZMHJm0=
368+
github.com/sigstore/sigstore v1.10.3/go.mod h1:T26vXIkpnGEg391v3TaZ8EERcXbnjtZb/1erh5jbIQk=
369369
github.com/sigstore/sigstore-go v1.1.4 h1:wTTsgCHOfqiEzVyBYA6mDczGtBkN7cM8mPpjJj5QvMg=
370370
github.com/sigstore/sigstore-go v1.1.4/go.mod h1:2U/mQOT9cjjxrtIUeKDVhL+sHBKsnWddn8URlswdBsg=
371371
github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.0 h1:UOHpiyezCj5RuixgIvCV3QyuxIGQT+N6nGZEXA7OTTY=
@@ -478,11 +478,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
478478
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
479479
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
480480
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
481-
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
482-
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
481+
golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
482+
golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
483483
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
484-
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
485-
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
484+
golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
485+
golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
486486
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
487487
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
488488
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=

0 commit comments

Comments
 (0)