Adding function for adding a single attestor #104
Closed
Commits on Jan 16, 2024
-
adding function to add a single attestor
Signed-off-by: chaosinthecrd <[email protected]>
-
Fixing bug introduced in logs - warning and debug logs not printing (i…
…n-toto#103) warning logs and debug logs werent printing after error check - fixing it Signed-off-by: chaosinthecrd <[email protected]>
-
Point to v0.2.0 of archivista (in-toto#105)
Signed-off-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
Create SECURITY.md (in-toto#107)
Add an initial SECURITY.md file. Signed-off-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump github/codeql-action from 2.22.9 to 3.22.11 (in-toto#110)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.9 to 3.22.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c0d1daa...b374143) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/download-artifact from 3.0.2 to 4.0.0 (in-toto#112)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3.0.2 to 4.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@9bc31d5...7a1cd32) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/upload-artifact from 3.1.3 to 4.0.0 (in-toto#111)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@a8a3f3a...c7d193f) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump golang.org/x/crypto from 0.14.0 to 0.17.0 (in-toto#115)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](golang/crypto@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump github.com/go-git/go-git/v5 from 5.5.2 to 5.11.0 (in-toto…
…#119) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.5.2 to 5.11.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.5.2...v5.11.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump github/codeql-action from 3.22.11 to 3.22.12 (in-toto#118)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.11 to 3.22.12. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b374143...012739e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/download-artifact from 4.0.0 to 4.1.0 (in-toto#117)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@7a1cd32...f44cd7b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump k8s.io/apimachinery from 0.26.11 to 0.26.12 (in-toto#116)
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.26.11 to 0.26.12. - [Commits](kubernetes/apimachinery@v0.26.11...v0.26.12) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
Update SECURITY-INSIGHTS.yml with additional information (in-toto#108)
* Update SECURITY-INSIGHTS.yml with additional information Signed-off-by: John Kjell <[email protected]> * Address Scorecard feedback and add dependency policy. Signed-off-by: John Kjell <[email protected]> --------- Signed-off-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (in-toto#121
) Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.3.3 to 1.3.7. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.3.3...v1.3.7) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/dependency-review-action from 3.1.4 to 3.1.5 (in-…
…toto#123) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.4 to 3.1.5. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@01bc870...c74b580) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump github/codeql-action from 3.22.12 to 3.23.0 (in-toto#122)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.12 to 3.23.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@012739e...e5f05b8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
fix: added oidc redirect url option for fulcio (in-toto#76)
* fix: added oidc redirect url option for fulcio Signed-off-by: Patrick Kwiatkowski <[email protected]> * Update fulcio.go --------- Signed-off-by: Patrick Kwiatkowski <[email protected]> Signed-off-by: Tom Meadows <[email protected]> Co-authored-by: Tom Meadows <[email protected]> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/upload-artifact from 4.0.0 to 4.1.0 (in-toto#126)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@c7d193f...1eb3cb2) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
chore: bump actions/download-artifact from 4.1.0 to 4.1.1 (in-toto#127)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@f44cd7b...6b208ae) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: chaosinthecrd <[email protected]>
-
added old function with deprecation warning
Signed-off-by: chaosinthecrd <[email protected]>
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.