What's Changed
- Bump go.step.sm/crypto from 0.43.0 to 0.43.1 by @dependabot in #639
- Bump actions/dependency-review-action from 4.1.0 to 4.1.1 by @dependabot in #640
- Bump actions/dependency-review-action from 4.1.1 to 4.1.2 by @dependabot in #641
- Bump go.uber.org/zap from 1.26.0 to 1.27.0 by @dependabot in #643
- Bump actions/dependency-review-action from 4.1.2 to 4.1.3 by @dependabot in #642
- Don't mark hash argument as required. by @kommendorkapten in #644
- Bump codecov/codecov-action from 4.0.1 to 4.1.0 by @dependabot in #646
- Bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #652
- Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.1 to 1.8.2 by @dependabot in #648
- Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.1 to 1.8.2 by @dependabot in #649
- Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.1 to 1.8.2 by @dependabot in #650
- Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.1 to 1.8.2 by @dependabot in #651
- Bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 by @dependabot in #653
- Bump github.com/go-openapi/strfmt from 0.22.0 to 0.22.1 by @dependabot in #654
- Bump github.com/go-openapi/spec from 0.20.14 to 0.20.15 by @dependabot in #656
- Bump github.com/go-openapi/loads from 0.21.5 to 0.21.6 by @dependabot in #657
- Bump github.com/go-playground/validator/v10 from 10.18.0 to 10.19.0 by @dependabot in #660
- Bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #655
- Bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in #662
- Bump github.com/go-openapi/runtime from 0.27.1 to 0.27.2 by @dependabot in #661
- Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 by @dependabot in #663
- Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #664
- Bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in #666
- Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 by @dependabot in #668
- Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 by @dependabot in #667
- Bump github.com/go-openapi/runtime from 0.27.2 to 0.28.0 by @dependabot in #673
- Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #674
- Bump cloud.google.com/go/security from 1.15.5 to 1.15.6 by @dependabot in #675
- Bump go.step.sm/crypto from 0.43.1 to 0.44.0 by @dependabot in #677
- Bump go.step.sm/crypto from 0.44.0 to 0.44.1 by @dependabot in #681
- Bump actions/dependency-review-action from 4.1.3 to 4.2.3 by @dependabot in #678
- Bump dependabot/fetch-metadata from 1.6.0 to 2.0.0 by @dependabot in #680
- Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0 by @dependabot in #679
- Bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #676
- Bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #682
- Bump actions/dependency-review-action from 4.2.4 to 4.2.5 by @dependabot in #683
- Bump anchore/sbom-action from 0.15.9 to 0.15.10 by @dependabot in #684
- Bump codecov/codecov-action from 4.1.0 to 4.1.1 by @dependabot in #685
- Bump go.step.sm/crypto from 0.44.1 to 0.44.2 by @dependabot in #686
- Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.2 to 1.8.3 by @dependabot in #691
- Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.2 to 1.8.3 by @dependabot in #687
- Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.2 to 1.8.3 by @dependabot in #688
- Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.2 to 1.8.3 by @dependabot in #689
- Bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 by @dependabot in #690
- Bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.0 by @dependabot in #692
- Bump codecov/codecov-action from 4.1.1 to 4.2.0 by @dependabot in #695
- Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in #693
- Bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in #696
- Bump sigs.k8s.io/release-utils from 0.8.0 to 0.8.1 by @dependabot in #697
- Bump codecov/codecov-action from 4.2.0 to 4.3.0 by @dependabot in #698
- Bump go.step.sm/crypto from 0.44.2 to 0.44.3 by @dependabot in #699
- Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #700
- Bump go.step.sm/crypto from 0.44.3 to 0.44.5 by @dependabot in #702
- Bump cloud.google.com/go/security from 1.15.6 to 1.16.0 by @dependabot in #701
- Bump go.step.sm/crypto from 0.44.5 to 0.44.6 by @dependabot in #703
- Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #704
- Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #705
- Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #706
- Bump go.step.sm/crypto from 0.44.6 to 0.44.7 by @dependabot in #708
- Bump github.com/rs/cors from 1.10.1 to 1.11.0 by @dependabot in #709
- Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #712
- Bump dependabot/fetch-metadata from 2.0.0 to 2.1.0 by @dependabot in #711
- Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #710
- Bump go.step.sm/crypto from 0.44.7 to 0.44.8 by @dependabot in #714
- Bump anchore/sbom-action from 0.15.10 to 0.15.11 by @dependabot in #713
- Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #715
- Bump actions/dependency-review-action from 4.2.5 to 4.3.1 by @dependabot in #716
- Bump github.com/go-playground/validator/v10 from 10.19.0 to 10.20.0 by @dependabot in #717
- Bump google.golang.org/protobuf from 1.33.0 to 1.34.0 by @dependabot in #718
- Bump actions/dependency-review-action from 4.3.1 to 4.3.2 by @dependabot in #719
- Bump codecov/codecov-action from 4.3.0 to 4.3.1 by @dependabot in #720
- Bump cloud.google.com/go/security from 1.16.0 to 1.16.1 by @dependabot in #721
- Bump github.com/beevik/ntp from 1.3.1 to 1.4.1 by @dependabot in #724
- Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #723
- Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 by @dependabot in #707
- Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #725
- Bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #727
- Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #726
- Bump sigs.k8s.io/release-utils from 0.8.1 to 0.8.2 by @dependabot in #730
- Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot in #731
- Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #734
- Upgrade to go1.22 and other updates by @cpanato in #722
- Bump github.com/go-swagger/go-swagger from 0.30.5 to 0.31.0 in /hack/tools in the gomod-hack group by @dependabot in #736
- Bump the gomod group with 2 updates by @dependabot in #737
- Bump the actions group with 4 updates by @dependabot in #738
- Bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in #728
- Bump golang from 1.21.6 to 1.22.3 by @dependabot in #732
- fix bad merge by @cpanato in #739
- Bump go.step.sm/crypto from 0.44.8 to 0.45.0 by @dependabot in #740
- Bump golang from
d344199
tof43c6f0
by @dependabot in #741 - Bump actions/checkout from 4.1.5 to 4.1.6 in the actions group by @dependabot in #742
- Bump github/codeql-action from 2.13.4 to 3.25.5 by @dependabot in #743
- Bump the actions group with 3 updates by @dependabot in #744
- Bump go.step.sm/crypto from 0.45.0 to 0.45.1 in the gomod group by @dependabot in #745
- Bump cloud.google.com/go/security from 1.16.1 to 1.17.0 by @dependabot in #746
- Bump github.com/beevik/ntp from 1.4.1 to 1.4.2 in the gomod group by @dependabot in #747
- Bump the gomod group with 5 updates by @dependabot in #748
- Bump github.com/beevik/ntp from 1.4.2 to 1.4.3 in the gomod group by @dependabot in #749
- Bump go.step.sm/crypto from 0.45.1 to 0.46.0 by @dependabot in #750
- Bump github/codeql-action from 3.25.6 to 3.25.7 in the actions group by @dependabot in #751
- Bump github.com/go-playground/validator/v10 from 10.20.0 to 10.21.0 by @dependabot in #753
- Bump github.com/spf13/viper from 1.18.2 to 1.19.0 by @dependabot in #752
- Bump the actions group across 1 directory with 2 updates by @dependabot in #758
- Bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in #756
- Bump golang from 1.22.3 to 1.22.4 in the docker group by @dependabot in #757
- Bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 by @dependabot in #755
- Bump go.step.sm/crypto from 0.46.0 to 0.47.0 by @dependabot in #759
- Bump google.golang.org/protobuf from 1.34.1 to 1.34.2 in the gomod group by @dependabot in #760
- Bump github.com/go-playground/validator/v10 from 10.21.0 to 10.22.0 by @dependabot in #762
- Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 by @dependabot in #761
- Bump golang from
969349b
to0f76912
by @dependabot in #764 - Bump go.step.sm/crypto from 0.47.0 to 0.47.1 in the gomod group by @dependabot in #763
- Bump the actions group with 3 updates by @dependabot in #765
- Bump golang from
0f76912
toa0679ac
by @dependabot in #767 - Bump github/codeql-action from 3.25.9 to 3.25.10 in the actions group by @dependabot in #766
- Bump golang from
a0679ac
toc2010b9
by @dependabot in #768 - Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in the gomod group by @dependabot in #769
- Bump imjasonh/setup-ko from 0.6 to 0.7 in the actions group by @dependabot in #770
- Bump golang from
c2010b9
toa66eda6
by @dependabot in #771 - Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 by @dependabot in #772
- Update sigstore/sigstore dependencies by @malancas in #774
- Bump the gomod group with 6 updates by @dependabot in #775
- Bump github/codeql-action from 3.25.10 to 3.25.11 in the actions group by @dependabot in #776
- Bump golang from
a66eda6
to3589439
by @dependabot in #777 - Bump go.step.sm/crypto from 0.47.1 to 0.48.0 by @dependabot in #779
- Bump cloud.google.com/go/security from 1.17.1 to 1.17.2 in the gomod group by @dependabot in #778
- Bump go.step.sm/crypto from 0.48.0 to 0.48.1 in the gomod group by @dependabot in #781
- Bump golang from 1.22.4 to 1.22.5 in the docker group by @dependabot in #782
- Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the actions group by @dependabot in #785
- Bump golang.org/x/net from 0.26.0 to 0.27.0 by @dependabot in #784
- Bump sigs.k8s.io/release-utils from 0.8.2 to 0.8.3 in the gomod group by @dependabot in #783
- Bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #786
- Bump anchore/sbom-action from 0.16.0 to 0.16.1 in the actions group by @dependabot in #787
- Bump go.step.sm/crypto from 0.48.1 to 0.49.0 by @dependabot in #788
- Bump cloud.google.com/go/security from 1.17.2 to 1.17.3 in the gomod group by @dependabot in #791
- Bump actions/setup-go from 5.0.1 to 5.0.2 in the actions group by @dependabot in #790
- Bump golang from
fcae9e0
to829eff9
by @dependabot in #789 - Bump the gomod group with 5 updates by @dependabot in #792
- Bump go.step.sm/crypto from 0.49.0 to 0.50.0 by @dependabot in #793
- Bump the actions group with 2 updates by @dependabot in #794
- Bump anchore/sbom-action from 0.16.1 to 0.17.0 in the actions group by @dependabot in #795
- Bump github/codeql-action from 3.25.12 to 3.25.13 in the actions group by @dependabot in #796
- Bump golang from
829eff9
to86a3c48
by @dependabot in #797 - Bump github/codeql-action from 3.25.13 to 3.25.14 in the actions group by @dependabot in #798
- Bump cloud.google.com/go/security from 1.17.3 to 1.17.4 in the gomod group by @dependabot in #799
- Bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 in the gomod group by @dependabot in #800
- Bump the actions group across 1 directory with 3 updates by @dependabot in #803
- Bump actions/upload-artifact from 4.3.4 to 4.3.5 in the actions group by @dependabot in #804
- Bump go.step.sm/crypto from 0.50.0 to 0.51.1 by @dependabot in #802
- Bump the actions group with 2 updates by @dependabot in #805
- Bump golang.org/x/net from 0.27.0 to 0.28.0 by @dependabot in #808
- Bump golang from 1.22.5 to 1.22.6 in the docker group by @dependabot in #806
- Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 in the actions group by @dependabot in #809
- Bump golang from
2bd56f0
to305aae5
by @dependabot in #811 - Bump the actions group with 2 updates by @dependabot in #812
- Bump github/codeql-action from 3.26.1 to 3.26.2 in the actions group by @dependabot in #814
- Bump github/codeql-action from 3.26.2 to 3.26.3 in the actions group by @dependabot in #815
- Bump the actions group with 2 updates by @dependabot in #817
- Bump github/codeql-action from 3.26.4 to 3.26.5 in the actions group by @dependabot in #818
- Bump github/codeql-action from 3.26.5 to 3.26.6 in the actions group by @dependabot in #819
- Bump actions/upload-artifact from 4.3.6 to 4.4.0 in the actions group by @dependabot in #822
- Bump github/codeql-action from 3.26.6 to 3.26.7 in the actions group by @dependabot in #829
- Bump github/codeql-action from 3.26.7 to 3.26.8 in the actions group by @dependabot in #830
- chore: bump go to use v1.23 by @hectorj2f in #831
- bump github/codeql-action from 3.26.8 to 3.26.9 in the actions group by @dependabot in #832
- Bump golang from 1.22.6 to 1.23.1 in the docker group by @dependabot in #825
- Bump the gomod group across 1 directory with 8 updates by @dependabot in #828
Full Changelog: v1.2.2...v1.2.3