Skip to content

build(deps): bump github.com/sigstore/rekor from 1.5.2 to 1.5.3#984

Merged
mihaimaruseac merged 1 commit into
mainfrom
dependabot/go_modules/github.com/sigstore/rekor-1.5.3
Jul 13, 2026
Merged

build(deps): bump github.com/sigstore/rekor from 1.5.2 to 1.5.3#984
mihaimaruseac merged 1 commit into
mainfrom
dependabot/go_modules/github.com/sigstore/rekor-1.5.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/sigstore/rekor from 1.5.2 to 1.5.3.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.5.3

Changelog

  • 7d9dcffcc27c4912e7d17fc768db01aa2d5cf26c Changelog for v1.5.3 (#2871)
  • f230638c11a77e26bcef2bd2d502623527c23397 Use bytes.Equal for inclusion proof root hash comparison (#2861)
  • 747226830b6888555f2ed195d65c592e85a5cfb1 return 499 if client disconnects instead of 500 (#2870)
  • 792221be80dedadc9f41ae5975ac2b5b5d9a6921 build(deps): Bump google.golang.org/grpc from 1.80.0 to 1.82.0 (#2859)
  • 912dda344477c9c2ce0782731553a8fc0b76c58d build(deps): Bump the all group across 1 directory with 7 updates (#2869)
  • 0f9921df54391f4936eae6753a13cacb6e0d659a Change max upperbound on latency metrics (#2868)
  • 322a3f2cd78f0ada4901f68c56e4a8bb86e0e609 build(deps): Bump golang from 87a41d2 to f96cc55 (#2855)
  • e997a8abe2f187b316bba229171b83d474136a90 build(deps): Bump actions/checkout from 6.0.3 to 7.0.0 (#2857)
  • 4444582076ed0bd3071ab5c1044426fdccf855c3 build(deps): Bump golang.org/x/net from 0.52.0 to 0.55.0 in /hack/tools (#2866)
  • f81061c497f66244d6f3f45b9f1c4b009defb6c4 Move fuzz into its own workflow (#2865)
  • 1a2f3f22a7e4e0033411b587f792b09e17bbd56c build(deps): Bump google.com/cloudsdktool/google-cloud-cli (#2862)
  • cf8f143d98a2476d4b0bc476a4ceeec6032a5807 build(deps): Bump the all group with 2 updates (#2863)
  • 4e6fd6005a6c006c3f0bc644df9bb9b1b0bd1128 build(deps): Bump the all group across 1 directory with 11 updates
  • 088835b8916af4554020909b34d692b67cf583e6 build(deps): Bump golang in the all group across 1 directory
  • 37eb42417790461684d34aa79f505f41dc9e95b7 build(deps): Bump the all group across 1 directory with 2 updates
  • bbc0f78d46da013db889a10947f57c47c9339952 build(deps): Bump google.com/cloudsdktool/google-cloud-cli
  • 32e68681ada478a959d7786cbe7966e06197bff0 build(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0
  • 400f8d54e79cf8438cdfaa4a21a23f72250d9152 build(deps): Bump github.com/go-openapi/loads from 0.23.3 to 0.24.0
  • a2d42d58996106e40ba7d163892a8cfe3797df6c build(deps): Bump github.com/redis/go-redis/v9 from 9.18.0 to 9.20.0
  • e1e207b3a3c7fd2d1391ac0e0e92d0d6b2c616f3 build(deps): Bump github.com/go-openapi/runtime from 0.29.4 to 0.32.2
  • 128ebabceab62c82a4cc7308fb18ef476100fcf7 build(deps): Bump golang from 313faae to 2d6c802
  • 6c9dd721e4500dc56b8bf3d70cf4af31ed058dbd build(deps): Bump golang.org/x/net from 0.53.0 to 0.55.0
  • 65c104c47b03ca8f487464c417782452bfef8add build(deps): Bump the all group across 1 directory with 4 updates
  • 6e4daae2da593cd88729e3de1d531c50cd8c5dee build(deps): Bump google.com/cloudsdktool/google-cloud-cli
  • adebc681c70eef419c71aa33f7ed8d85dddf878c update builder to use go1.26.3

Thanks for all contributors!

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.5.3

Features

  • return 499 when clients disconnect instead of 500 (#2870)

Improvements

  • Change max upperbound on latency metrics (#2868)
Commits
  • 7d9dcff Changelog for v1.5.3 (#2871)
  • f230638 Use bytes.Equal for inclusion proof root hash comparison (#2861)
  • 7472268 return 499 if client disconnects instead of 500 (#2870)
  • 792221b build(deps): Bump google.golang.org/grpc from 1.80.0 to 1.82.0 (#2859)
  • 912dda3 build(deps): Bump the all group across 1 directory with 7 updates (#2869)
  • 0f9921d Change max upperbound on latency metrics (#2868)
  • 322a3f2 build(deps): Bump golang from 87a41d2 to f96cc55 (#2855)
  • e997a8a build(deps): Bump actions/checkout from 6.0.3 to 7.0.0 (#2857)
  • 4444582 build(deps): Bump golang.org/x/net from 0.52.0 to 0.55.0 in /hack/tools (#2866)
  • f81061c Move fuzz into its own workflow (#2865)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/sigstore/rekor](https://github.com/sigstore/rekor) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/sigstore/rekor/releases)
- [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md)
- [Commits](sigstore/rekor@v1.5.2...v1.5.3)

---
updated-dependencies:
- dependency-name: github.com/sigstore/rekor
  dependency-version: 1.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 13, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 13, 2026 10:52
@dependabot dependabot Bot added the go Pull requests that update Go code label Jul 13, 2026
@mihaimaruseac mihaimaruseac merged commit 8fa92ed into main Jul 13, 2026
10 checks passed
@mihaimaruseac mihaimaruseac deleted the dependabot/go_modules/github.com/sigstore/rekor-1.5.3 branch July 13, 2026 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant