Sourced from github.com/sigstore/sigstore's releases.

v1.8.12

What's Changed

• build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1912
• build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1911
• build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @​dependabot in sigstore/sigstore#1909
• build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @​dependabot in sigstore/sigstore#1917
• build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @​dependabot in sigstore/sigstore#1915
• build(deps): Bump the gomod group across 2 directories with 5 updates by @​dependabot in sigstore/sigstore#1916
• build(deps): Bump cloud.google.com/go/kms from 1.20.3 to 1.20.4 in /pkg/signature/kms/gcp in the gomod group across 1 directory by @​dependabot in sigstore/sigstore#1920
• build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 by @​dependabot in sigstore/sigstore#1924
• build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @​dependabot in sigstore/sigstore#1921
• build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 by @​dependabot in sigstore/sigstore#1922
• build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 by @​dependabot in sigstore/sigstore#1923
• build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz by @​dependabot in sigstore/sigstore#1908
• build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @​dependabot in sigstore/sigstore#1910
• build(deps): Bump the tools group across 1 directory with 2 updates by @​dependabot in sigstore/sigstore#1913
• cleanup ci by @​cpanato in sigstore/sigstore#1927

Full Changelog: sigstore/sigstore@v1.8.11...v1.8.12

• e28cdf3 cleanup ci (#1927)
• 8041221 build(deps): Bump the tools group across 1 directory with 2 updates (#1913)
• 57944ce build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8....
• 99a57f3 build(deps): Bump golang.org/x/crypto in /test/fuzz (#1908)
• 125d1dc build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#1923)
• 73220ab build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0 (#1922)
• cc55882 build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 (#1921)
• 47e3edd build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#1924)
• 7b4f423 build(deps): Bump cloud.google.com/go/kms (#1920)
• 1f3a09e build(deps): Bump the gomod group across 2 directories with 5 updates (#1916)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)