Skip to content

Bump the go-deps group across 3 directories with 2 updates#1954

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-deps-eb247d3459
Open

Bump the go-deps group across 3 directories with 2 updates#1954
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-deps-eb247d3459

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-deps group with 2 updates in the / directory: github.com/sigstore/fulcio and github.com/sigstore/timestamp-authority/v2.
Bumps the go-deps group with 1 update in the /tools/ctlog directory: github.com/sigstore/fulcio.
Bumps the go-deps group with 1 update in the /tools/tsa directory: github.com/sigstore/timestamp-authority/v2.

Updates github.com/sigstore/fulcio from 1.8.7 to 1.8.8

Release notes

Sourced from github.com/sigstore/fulcio's releases.

v1.8.8

Changelog

  • a783aca51abce93aca863fac2addf0194880e065 Include CT log error body in logs (#2393)
  • 965cdddc90299409ebba952f41b3be8233b2a7b2 update builder to use go1.26.4 (#2388)
  • 80d8405e84eb76d60d99363aa2782631c86418ba Add --ct-log-origin flag (#2392)
  • 7074b709ec6309d863f8789bdd32a75b49c5e127 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#2383)
  • 16cc54efe85eb2f5ef7f7e51494cb344e14690a0 docs: clarify RSA_PSS algorithm and ignored field in proto (#2378)
  • 6b2c67d809db4a6fa4b4d04940fea0878151d8d7 Update fulcio to have configurable hsm-caroot-id rather than hardcoded (#2377)

Thanks for all contributors!

Commits
  • a783aca Include CT log error body in logs (#2393)
  • 965cddd update builder to use go1.26.4 (#2388)
  • 654e688 build(deps): bump golang.org/x/net (#2389)
  • 462c070 build(deps): bump nginx in the all group across 1 directory (#2381)
  • ccc0782 build(deps): bump golang from 68cb6d6 to 792443b (#2379)
  • 3e0f119 build(deps): bump the all group across 1 directory with 5 updates (#2391)
  • 61e2802 build(deps): bump the all group across 1 directory with 5 updates (#2390)
  • 80d8405 Add --ct-log-origin flag (#2392)
  • 7074b70 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#2383)
  • 16cc54e docs: clarify RSA_PSS algorithm and ignored field in proto (#2378)
  • Additional commits viewable in compare view

Updates github.com/sigstore/timestamp-authority/v2 from 2.1.2 to 2.1.3

Release notes

Sourced from github.com/sigstore/timestamp-authority/v2's releases.

v2.1.3

What's Changed

v2.1.3 bumps the version of Go used to build the binaries and containers to the latest release, 1.26.4. This release also contains a number of changes related to RFC3161 compliance.

Full Changelog: sigstore/timestamp-authority@v2.1.2...v2.1.3

Commits
  • 811e94a chore(deps): bump github.com/go-openapi/swag/cmdutils (#1423)
  • 41e1818 chore(deps): bump github.com/go-openapi/strfmt (#1420)
  • 32d28ff chore(deps): bump github.com/go-openapi/swag/netutils (#1421)
  • 157294b chore(deps): bump the actions group across 1 directory with 3 updates (#1419)
  • 42e74fc require timestamping leaf certificate to be an end-entity (#1416)
  • 3f20613 chore(deps): bump github.com/go-openapi/swag/jsonutils (#1422)
  • 01aa5b9 chore(deps): bump golang from 32c0e6e to f96cc55 (#1414)
  • 99c7698 handle client disconnection as 499 error: (#1417)
  • ba3024d chore(deps): bump actions/setup-go in the actions group (#1415)
  • b7c4a2a Fix timeout flag reporting its value type as format in help (#1413)
  • Additional commits viewable in compare view

Updates github.com/sigstore/fulcio from 1.8.7 to 1.8.8

Release notes

Sourced from github.com/sigstore/fulcio's releases.

v1.8.8

Changelog

  • a783aca51abce93aca863fac2addf0194880e065 Include CT log error body in logs (#2393)
  • 965cdddc90299409ebba952f41b3be8233b2a7b2 update builder to use go1.26.4 (#2388)
  • 80d8405e84eb76d60d99363aa2782631c86418ba Add --ct-log-origin flag (#2392)
  • 7074b709ec6309d863f8789bdd32a75b49c5e127 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#2383)
  • 16cc54efe85eb2f5ef7f7e51494cb344e14690a0 docs: clarify RSA_PSS algorithm and ignored field in proto (#2378)
  • 6b2c67d809db4a6fa4b4d04940fea0878151d8d7 Update fulcio to have configurable hsm-caroot-id rather than hardcoded (#2377)

Thanks for all contributors!

Commits
  • a783aca Include CT log error body in logs (#2393)
  • 965cddd update builder to use go1.26.4 (#2388)
  • 654e688 build(deps): bump golang.org/x/net (#2389)
  • 462c070 build(deps): bump nginx in the all group across 1 directory (#2381)
  • ccc0782 build(deps): bump golang from 68cb6d6 to 792443b (#2379)
  • 3e0f119 build(deps): bump the all group across 1 directory with 5 updates (#2391)
  • 61e2802 build(deps): bump the all group across 1 directory with 5 updates (#2390)
  • 80d8405 Add --ct-log-origin flag (#2392)
  • 7074b70 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#2383)
  • 16cc54e docs: clarify RSA_PSS algorithm and ignored field in proto (#2378)
  • Additional commits viewable in compare view

Updates github.com/sigstore/timestamp-authority/v2 from 2.1.2 to 2.1.3

Release notes

Sourced from github.com/sigstore/timestamp-authority/v2's releases.

v2.1.3

What's Changed

v2.1.3 bumps the version of Go used to build the binaries and containers to the latest release, 1.26.4. This release also contains a number of changes related to RFC3161 compliance.

Full Changelog: sigstore/timestamp-authority@v2.1.2...v2.1.3

Commits
  • 811e94a chore(deps): bump github.com/go-openapi/swag/cmdutils (#1423)
  • 41e1818 chore(deps): bump github.com/go-openapi/strfmt (#1420)
  • 32d28ff chore(deps): bump github.com/go-openapi/swag/netutils (#1421)
  • 157294b chore(deps): bump the actions group across 1 directory with 3 updates (#1419)
  • 42e74fc require timestamping leaf certificate to be an end-entity (#1416)
  • 3f20613 chore(deps): bump github.com/go-openapi/swag/jsonutils (#1422)
  • 01aa5b9 chore(deps): bump golang from 32c0e6e to f96cc55 (#1414)
  • 99c7698 handle client disconnection as 499 error: (#1417)
  • ba3024d chore(deps): bump actions/setup-go in the actions group (#1415)
  • b7c4a2a Fix timeout flag reporting its value type as format in help (#1413)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 2 updates in the / directory: [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) and [github.com/sigstore/timestamp-authority/v2](https://github.com/sigstore/timestamp-authority).
Bumps the go-deps group with 1 update in the /tools/ctlog directory: [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio).
Bumps the go-deps group with 1 update in the /tools/tsa directory: [github.com/sigstore/timestamp-authority/v2](https://github.com/sigstore/timestamp-authority).


Updates `github.com/sigstore/fulcio` from 1.8.7 to 1.8.8
- [Release notes](https://github.com/sigstore/fulcio/releases)
- [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md)
- [Commits](sigstore/fulcio@v1.8.7...v1.8.8)

Updates `github.com/sigstore/timestamp-authority/v2` from 2.1.2 to 2.1.3
- [Release notes](https://github.com/sigstore/timestamp-authority/releases)
- [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md)
- [Commits](sigstore/timestamp-authority@v2.1.2...v2.1.3)

Updates `github.com/sigstore/fulcio` from 1.8.7 to 1.8.8
- [Release notes](https://github.com/sigstore/fulcio/releases)
- [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md)
- [Commits](sigstore/fulcio@v1.8.7...v1.8.8)

Updates `github.com/sigstore/timestamp-authority/v2` from 2.1.2 to 2.1.3
- [Release notes](https://github.com/sigstore/timestamp-authority/releases)
- [Changelog](https://github.com/sigstore/timestamp-authority/blob/main/CHANGELOG.md)
- [Commits](sigstore/timestamp-authority@v2.1.2...v2.1.3)

---
updated-dependencies:
- dependency-name: github.com/sigstore/fulcio
  dependency-version: 1.8.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/sigstore/timestamp-authority/v2
  dependency-version: 2.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/sigstore/fulcio
  dependency-version: 1.8.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/sigstore/timestamp-authority/v2
  dependency-version: 2.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 10, 2026
@dependabot dependabot Bot requested review from a team as code owners July 10, 2026 02:44
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants