Skip to content

build(deps): bump github.com/sigstore/fulcio from 1.8.5 to 1.8.6 in /prober/prober#797

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/prober/prober/github.com/sigstore/fulcio-1.8.6
Open

build(deps): bump github.com/sigstore/fulcio from 1.8.5 to 1.8.6 in /prober/prober#797
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/prober/prober/github.com/sigstore/fulcio-1.8.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/sigstore/fulcio from 1.8.5 to 1.8.6.

Release notes

Sourced from github.com/sigstore/fulcio's releases.

v1.8.6

Changelog

  • 378c654f48c3bafdced04ead7010aab2cb4c6ca1 Block cross-host redirects and restrict bearer token to expected host (#2354)
  • 39b48e6a8f2efe1809a1b19b4301666c3fd36667 Include raw subject in certificates (#2307)
  • 80eaed06e911cdfd26dd18f02b8e862f7f6ee453 Update Azure AKS OIDC issuer URL regex (#2266)
  • 001376a50932095cf4b6e65299ed2d29abe83524 add support for new circleci root issuer (#2278)

Thanks for all contributors!

Changelog

Sourced from github.com/sigstore/fulcio's changelog.

v1.8.6

Features

  • Include raw subject in certificates (#2307)
Commits
  • 378c654 Block cross-host redirects and restrict bearer token to expected host (#2354)
  • 7a5d3e3 bump builder image to use go1.26.3 (#2353)
  • a05982e build(deps): bump go.step.sm/crypto from 0.75.0 to 0.81.0 (#2348)
  • dfa63a8 build(deps): bump golang from 313faae to 2d6c802 (#2344)
  • 7b3a344 build(deps): bump google.golang.org/api from 0.279.0 to 0.280.0 (#2349)
  • 9290f7f build(deps): bump the all group with 2 updates (#2350)
  • 423d535 build(deps): bump nginx from 1.31.0 to 1.31.1 in the all group (#2352)
  • 19a3f8e build(deps): bump the all group across 1 directory with 6 updates (#2337)
  • 6b597ce build(deps): bump google.golang.org/api from 0.276.0 to 0.279.0 (#2338)
  • 0d1dc79 build(deps): bump nginx from 1.29.8 to 1.31.0 in the all group (#2342)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 1, 2026
@dependabot dependabot Bot requested review from a team as code owners July 1, 2026 12:09
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 1, 2026
Bumps [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/sigstore/fulcio/releases)
- [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md)
- [Commits](sigstore/fulcio@v1.8.5...v1.8.6)

---
updated-dependencies:
- dependency-name: github.com/sigstore/fulcio
  dependency-version: 1.8.6
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/prober/prober/github.com/sigstore/fulcio-1.8.6 branch from b4c6988 to 4c2e146 Compare July 9, 2026 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants