Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/smallstep/certificates from 0.27.5 to 0.28.0 #202

Merged
merged 1 commit into from
Nov 5, 2024
Merged

Bump github.com/smallstep/certificates from 0.27.5 to 0.28.0 #202

merged 1 commit into from
Nov 5, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 4, 2024

Bumps github.com/smallstep/certificates from 0.27.5 to 0.28.0.

Release notes

Sourced from github.com/smallstep/certificates's releases.

Step CA v0.28.0 (24-10-30)

Official Release Artifacts

Linux

OSX Darwin

Windows

For more builds across platforms and architectures, see the Assets section below. And for packaged versions (Docker, k8s, Homebrew), see our installation docs.

Don't see the artifact you need? Open an issue here.

Signatures and Checksums

step-ca uses sigstore/cosign for signing and verifying release artifacts.

Below is an example using cosign to verify a release artifact:

cosign verify-blob \
  --certificate step-ca_darwin_0.28.0_amd64.tar.gz.sig.pem \
  --signature step-ca_darwin_0.28.0_amd64.tar.gz.sig \
  --certificate-identity-regexp "https://github\.com/smallstep/workflows/.*" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.28.0_amd64.tar.gz

The checksums.txt file (in the Assets section below) contains a checksum for every artifact in the release.

Changelog

  • df13aaef0b9cb5f0d6e9c011695214dbafff7aca Update changelog for v0.28.0 (#2051)
  • 77667e7f43fba96a720b07870856d75fa3503dca Merge pull request #2049 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.18.2
  • 5147c6024049529b128cca9e9bc23f520b5c6331 Bump cloud.google.com/go/security from 1.18.1 to 1.18.2
  • efd324d6d62c58d848f303f46091ce8c7c95fca2 Merge pull request #2048 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.6.2
  • a51f670f77179b9d69c9506e69caa0d45204fcaf Merge pull request #2047 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.35.1
  • 9943bf1984b249bfac5820d5f7507a92c3b3b367 Merge pull request #2050 from smallstep/dependabot/go_modules/google.golang.org/api-0.203.0
  • bb8605c079ca4aa5cc459ee3b3641a7735d93322 Add DisableSSHCAUser and DisableSSHCAHost options to linkedca GCP provisioner (#2045)
  • 95a6cad404fe5065bd74f3218da248a4b2840c84 Bump google.golang.org/api from 0.201.0 to 0.203.0
  • 99baf6744aa02732fa3c8a2a5e3f95370ea0e5f0 Bump cloud.google.com/go/longrunning from 0.6.1 to 0.6.2
  • bfe436b14560519d4c863a39dc713a0742414235 Bump github.com/newrelic/go-agent/v3 from 3.35.0 to 3.35.1

... (truncated)

Changelog

Sourced from github.com/smallstep/certificates's changelog.

[0.28.0] - 2024-10-29

Added

  • smallstep/certificates#2045

Changed

  • For IID provisioners with disableCustomSANs set to true, validate that the requested DNS names are a subset of the allowed DNS names (based on the IID token), smallstep/certificates#2044
Commits
  • df13aae Update changelog for v0.28.0 (#2051)
  • 77667e7 Merge pull request #2049 from smallstep/dependabot/go_modules/cloud.google.co...
  • 5147c60 Bump cloud.google.com/go/security from 1.18.1 to 1.18.2
  • efd324d Merge pull request #2048 from smallstep/dependabot/go_modules/cloud.google.co...
  • a51f670 Merge pull request #2047 from smallstep/dependabot/go_modules/github.com/newr...
  • 9943bf1 Merge pull request #2050 from smallstep/dependabot/go_modules/google.golang.o...
  • bb8605c Add DisableSSHCAUser and DisableSSHCAHost options to linkedca GCP provisioner...
  • 95a6cad Bump google.golang.org/api from 0.201.0 to 0.203.0
  • 99baf67 Bump cloud.google.com/go/longrunning from 0.6.1 to 0.6.2
  • bfe436b Bump github.com/newrelic/go-agent/v3 from 3.35.0 to 3.35.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/smallstep/certificates from 0.27.5 to 0.28.0
09dcfd0 
Bumps [github.com/smallstep/certificates](https://github.com/smallstep/certificates) from 0.27.5 to 0.28.0.
- [Release notes](https://github.com/smallstep/certificates/releases)
- [Changelog](https://github.com/smallstep/certificates/blob/master/CHANGELOG.md)
- [Commits](smallstep/certificates@v0.27.5...v0.28.0)

---
updated-dependencies:
- dependency-name: github.com/smallstep/certificates
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from maraino as a code owner November 4, 2024 15:46
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 4, 2024
@dependabot dependabot bot requested a review from a team as a code owner November 4, 2024 15:46
@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Nov 4, 2024
@github-actions github-actions bot merged commit 51d2922 into master Nov 5, 2024
14 checks passed
@github-actions github-actions bot deleted the dependabot/go_modules/github.com/smallstep/certificates-0.28.0 branch November 5, 2024 08:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hslatman hslatman hslatman approved these changes

@maraino maraino Awaiting requested review from maraino maraino is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file needs triage Waiting for discussion / prioritization by team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hslatman