-
Notifications
You must be signed in to change notification settings - Fork 768
Pull requests: sigstore/cosign
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
chore(deps): bump actions/cache from 5.0.5 to 6.1.0
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
#5011
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump actions/checkout from 6.0.3 to 7.0.0
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
#5010
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump the actions group with 5 updates
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
#5009
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump github.com/buildkite/agent/v3 from 3.130.0 to 3.132.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5008
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump google.golang.org/api from 0.284.0 to 0.288.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5007
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump golang.org/x/sync from 0.21.0 to 0.22.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5006
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump golang.org/x/crypto from 0.53.0 to 0.54.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5005
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump golang.org/x/term from 0.44.0 to 0.45.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5004
opened Jul 13, 2026 by
dependabot
Bot
Loading…
chore(deps): bump the gomod group with 2 updates
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#5003
opened Jul 13, 2026 by
dependabot
Bot
Loading…
fix: include artifactType in OCI 1.1 signature referrer manifest (cherry-pick PR-4997 to release-2.6)
#5002
opened Jul 13, 2026 by
anithapriyanatarajan
Contributor
Loading…
fix(download): Validate predicate type for new bundle format
#5001
opened Jul 10, 2026 by
aaronlew02
Contributor
Loading…
Guard against empty certificate PEM in mutate.Signature (attach path)
#4998
opened Jul 9, 2026 by
arpitjain099
Loading…
chore(deps): bump cuelang.org/go from 0.16.1 to 0.17.0
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#4989
opened Jul 6, 2026 by
dependabot
Bot
Loading…
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.7.0 to 2.8.1
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#4987
opened Jul 6, 2026 by
dependabot
Bot
Loading…
chore(deps): bump github.com/open-policy-agent/opa from 1.17.1 to 1.18.2
dependencies
Pull requests that update a dependency file
go
Pull requests that update Go code
#4986
opened Jul 6, 2026 by
dependabot
Bot
Loading…
fix: don't warn about tag usage for cosign-generated references
#4967
opened Jun 29, 2026 by
ricardbejarano
Contributor
Loading…
Require new bundle format for signing and verification
#4959
opened Jun 18, 2026 by
aaronlew02
Contributor
•
Draft
chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
#4955
opened Jun 15, 2026 by
dependabot
Bot
Loading…
check bundle layer size before reading in remote.Bundle
#4947
opened Jun 14, 2026 by
alhudz
Loading…
providers/filesystem: honor SIGSTORE_OIDC_TOKEN_FILE env var
#4934
opened Jun 9, 2026 by
dustinkirkland
Loading…
Previous Next
ProTip!
Follow long discussions with comments:>50.