v0.11.0

What's Changed

• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.15 to 1.54.16 by @dependabot in #1535
• chore(deps): Bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 by @dependabot in #1536
• chore(deps): Bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #1537
• set to go1.22.5 by @cpanato in #1538
• chore(deps): Bump anchore/sbom-action from 0.16.0 to 0.16.1 by @dependabot in #1539
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.16 to 1.54.17 by @dependabot in #1541
• chore(deps): Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #1543
• chore(deps): Bump github.com/sigstore/scaffolding from 0.7.3 to 0.7.4 by @dependabot in #1542
• chore(deps): Bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #1540
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.17 to 1.54.18 by @dependabot in #1544
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.6 to 1.8.7 by @dependabot in #1546
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.6 to 1.8.7 by @dependabot in #1547
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.6 to 1.8.7 by @dependabot in #1549
• chore(deps): Bump github.com/sigstore/sigstore from 1.8.6 to 1.8.7 by @dependabot in #1550
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.6 to 1.8.7 by @dependabot in #1548
• chore(deps): Bump anchore/sbom-action from 0.16.1 to 0.17.0 by @dependabot in #1552
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.18 to 1.54.19 by @dependabot in #1551
• chore(deps): Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #1545
• chore(deps): Bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1 by @dependabot in #1553
• chore(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.12.0 to 1.13.0 by @dependabot in #1554
• chore(deps): Bump k8s.io/client-go from 0.30.2 to 0.30.3 by @dependabot in #1557
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.54.20 by @dependabot in #1558
• chore(deps): Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #1559
• chore(deps): Bump github.com/docker/docker from 27.0.3+incompatible to 27.1.0+incompatible by @dependabot in #1560
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.54.20 to 1.55.0 by @dependabot in #1562
• chore(deps): Bump github.com/docker/docker from 27.1.0+incompatible to 27.1.1+incompatible by @dependabot in #1563
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.55.0 to 1.55.1 by @dependabot in #1564
• chore(deps): Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #1568
• chore(deps): Bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #1567
• chore(deps): Bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 by @dependabot in #1570
• chore(deps): Bump github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4 by @dependabot in #1572
• chore(deps): Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot in #1575
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.55.1 to 1.55.4 by @dependabot in #1574
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.55.4 to 1.55.5 by @dependabot in #1576
• chore(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #1577
• push incremental builds to GHCR instead of gcr by @bobcallaway in #1578
• chore(deps): Bump mikefarah/yq from 4.44.2 to 4.44.3 by @dependabot in #1580
• chore(deps): Bump google-github-actions/setup-gcloud from 2.1.0 to 2.1.1 by @dependabot in #1581
• chore(deps): Bump google-github-actions/auth from 2.1.3 to 2.1.4 by @dependabot in #1582
• chore(deps): Bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #1584
• chore(deps): Bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #1583
• chore(deps): Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #1593
• chore(deps): Bump anchore/sbom-action from 0.17.0 to 0.17.1 by @dependabot in #1594
• chore(deps): Bump github/codeql-action from 3.26.0 to 3.26.3 by @dependabot in #1596
• chore(deps): Bump anchore/sbom-action from 0.17.1 to 0.17.2 by @dependabot in #1598
• chore(deps): Bump github/codeql-action from 3.26.3 to 3.26.6 by @dependabot in #1604
• chore(deps): Bump github.com/sigstore/scaffolding from 0.7.4 to 0.7.8 by @dependabot in #1603
• chore(deps): Bump github.com/docker/docker from 27.1.1+incompatible to 27.2.0+incompatible by @dependabot in #1606
• chore(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.13.0 to 1.14.0 by @dependabot in #1605
• chore(deps): Bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in #1609
• Add support for custom trusted root target path by @codysoyland in #1608
• chore(deps): Bump google-github-actions/auth from 2.1.4 to 2.1.5 by @dependabot in #1597
• chore(deps): Bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2 by @dependabot in #1586
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.8 to 1.8.9 by @dependabot in #1611
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.8 to 1.8.9 by @dependabot in #1614
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.8 to 1.8.9 by @dependabot in #1612
• chore(deps): Bump github.com/sigstore/sigstore from 1.8.8 to 1.8.9 by @dependabot in #1615
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.8 to 1.8.9 by @dependabot in #1613
• chore(deps): Bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in #1616
• chore(deps): Bump github.com/sigstore/scaffolding from 0.7.8 to 0.7.9 by @dependabot in #1618
• chore(deps): Bump github.com/docker/docker from 27.2.0+incompatible to 27.2.1+incompatible by @dependabot in #1619
• update chainguard-dev/actions by @cpanato in #1630
• chore(deps): Bump k8s.io/client-go from 0.31.0 to 0.31.1 by @dependabot in #1620
• chore(deps): Bump github/codeql-action from 3.26.6 to 3.26.9 by @dependabot in #1632
• chore(deps): Bump github.com/open-policy-agent/opa from 0.67.0 to 0.68.0 by @dependabot in #1631
• chore(deps): Bump github.com/docker/docker from 27.2.1+incompatible to 27.3.1+incompatible by @dependabot in #1628
• chore(deps): Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #1634
• chore(deps): Bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in #1636
• chore(deps): Bump codecov/codecov-action from 4.5.0 to 4.6.0 by @dependabot...

v0.9.0

What's Changed

• chore(deps): Bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #1214
• chore(deps): Bump google-github-actions/setup-gcloud from 2.0.1 to 2.1.0 by @dependabot in #1213
• chore(deps): Bump google-github-actions/auth from 2.0.1 to 2.1.0 by @dependabot in #1215
• chore(deps): Bump k8s.io/code-generator from 0.29.0 to 0.29.1 by @dependabot in #1203
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.1 to 1.50.2 by @dependabot in #1217
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.2 to 1.50.3 by @dependabot in #1218
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.3 to 1.50.4 by @dependabot in #1222
• chore(deps): Bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #1221
• chore(deps): Bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in #1223
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.4 to 1.50.5 by @dependabot in #1224
• chore(deps): Bump github.com/google/go-containerregistry from 0.18.0 to 0.19.0 by @dependabot in #1225
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.5 to 1.50.6 by @dependabot in #1226
• chore(deps): Bump codecov/codecov-action from 3.1.5 to 3.1.6 by @dependabot in #1229
• chore(deps): Bump anchore/sbom-action from 0.15.6 to 0.15.7 by @dependabot in #1230
• chore(deps): Bump anchore/sbom-action from 0.15.7 to 0.15.8 by @dependabot in #1234
• chore(deps): Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @dependabot in #1235
• chore(deps): Bump codecov/codecov-action from 3.1.6 to 4.0.0 by @dependabot in #1236
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.6 to 1.50.8 by @dependabot in #1231
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.8 to 1.50.9 by @dependabot in #1238
• chore(deps): Bump codecov/codecov-action from 4.0.0 to 4.0.1 by @dependabot in #1237
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.9 to 1.50.10 by @dependabot in #1240
• chore(deps): Bump github.com/sigstore/rekor from 1.3.4 to 1.3.5 by @dependabot in #1239
• chore(deps): Bump google-github-actions/auth from 2.1.0 to 2.1.1 by @dependabot in #1241
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.10 to 1.50.12 by @dependabot in #1244
• chore(deps): Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #1242
• chore(deps): Bump golang.org/x/net from 0.20.0 to 0.21.0 by @dependabot in #1247
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.12 to 1.50.13 by @dependabot in #1249
• chore(deps): Bump mikefarah/yq from 4.40.5 to 4.40.7 by @dependabot in #1252
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.13 to 1.50.14 by @dependabot in #1250
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.14 to 1.50.15 by @dependabot in #1253
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.15 to 1.50.16 by @dependabot in #1254
• chore(deps): Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #1251
• chore(deps): Bump k8s.io/client-go from 0.29.1 to 0.29.2 by @dependabot in #1256
• Bump cosign to v2.2.3 by @priyawadhwa in #1270
• ci: remove support for Kubernetes v1.22.x by @hectorj2f in #1269
• chore(deps): Bump codecov/codecov-action from 4.0.1 to 4.0.2 by @dependabot in #1272
• chore(deps): Bump mikefarah/yq from 4.40.7 to 4.41.1 by @dependabot in #1262
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.16 to 1.50.25 by @dependabot in #1273
• chore(deps): Bump k8s.io/code-generator from 0.29.1 to 0.29.2 by @dependabot in #1258
• chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2 by @dependabot in #1277
• chore(deps): Bump mikefarah/yq from 4.41.1 to 4.42.1 by @dependabot in #1275
• chore(deps): Bump google-github-actions/auth from 2.1.1 to 2.1.2 by @dependabot in #1276
• chore(deps): Bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in #1279
• chore(deps): Bump codecov/codecov-action from 4.0.2 to 4.1.0 by @dependabot in #1280
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.25 to 1.50.26 by @dependabot in #1278
• chore(deps): Bump go.uber.org/zap from 1.26.0 to 1.27.0 by @dependabot in #1266
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.1 to 1.8.2 by @dependabot in #1283
• chore(deps): Bump imranismail/setup-kustomize from a76db1c6419124d51470b1e388c4b29476f495f1 to 2ba527d4d055ab63514ba50a99456fc35684947f # v2.1.0 by @dependabot in #1274
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.1 to 1.8.2 by @dependabot in #1285
• chore(deps): Bump github.com/sigstore/sigstore from 1.8.1 to 1.8.2 by @dependabot in #1281
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.1 to 1.8.2 by @dependabot in #1284
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.26 to 1.50.29 by @dependabot in #1288
• chore(deps): Bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #1290
• chore(deps): Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #1289
• Add missing tool name in local development documentation by @malancas in #1265
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.1 to 1.8.2 by @dependabot in #1286
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.29 to 1.50.30 by @dependabot in #1291
• chore(deps): Bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in #1294
• chore(deps): Bump anchore/sbom-action from 0.15.8 to 0.15.9 by @dependabot in #1293
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.30 to 1.50.31 by @dependabot in #1292
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.31 to 1.50.32 by @dependabot in #1296
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.32 to 1.50.33 by @dependabot in #1298
• chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 by @dependabot in #1300
• chore(deps): Bump gopkg.in/go-jose/go-jose.v2 from 2.6.2 to 2.6.3 by @dependabot in #1299
• chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 25.0.4+incompatible by @dependabot in #1301
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.33 to 1.50.35 by @dependabot in #1302
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.35 to 1.50.36 by @dependabot in #1305
• chore(deps): Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1304
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.50.36 to 1.50.37 by @dependabot in #1306
• chore(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in https://github.com/sigst...

v0.8.4

Changelog

• 8596f22 Merge pull request #1212 from tcnghia/update-aws-sdk

Thanks to all contributors!

v0.8.3

What's Changed

• Update link to security policy by @haydentherapper in #953
• upgrade Go to 1.21 by @cpanato in #1017
• update sigstore/rekor dependency by @k4leung4 in #1068

New Contributors

• @haydentherapper made their first contribution in #953

Full Changelog: v0.8.2...v0.8.3

v0.8.2

Changelog

• 3c52aec Merge pull request #912 from hectorj2f/bump_scaffolding

Thanks to all contributors!

What's Changed

• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.299 to 1.44.300 by @dependabot in #893
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.300 to 1.44.301 by @dependabot in #895
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.301 to 1.44.304 by @dependabot in #902
• chore(deps): Bump k8s.io/client-go from 0.27.3 to 0.27.4 by @dependabot in #900
• chore(deps): Bump sigstore/scaffolding from 0.6.4 to 0.6.5 by @dependabot in #897
• chore(deps): Bump k8s.io/code-generator from 0.26.5 to 0.27.4 by @dependabot in #898
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.304 to 1.44.305 by @dependabot in #904
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.305 to 1.44.306 by @dependabot in #905
• Add support for local registry use to the local-dev tooling by @malancas in #894
• chore(deps): Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.5+incompatible by @dependabot in #907
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.306 to 1.44.307 by @dependabot in #906
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.307 to 1.44.308 by @dependabot in #908
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.308 to 1.44.309 by @dependabot in #909
• chore(deps): Bump google.golang.org/grpc from 1.56.2 to 1.57.0 by @dependabot in #910
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.309 to 1.44.311 by @dependabot in #911
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.311 to 1.44.312 by @dependabot in #913
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.312 to 1.44.313 by @dependabot in #914
• chore(deps): Bump golang.org/x/net from 0.12.0 to 0.13.0 by @dependabot in #915
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.313 to 1.44.314 by @dependabot in #916
• chore(deps): Bump go.uber.org/zap from 1.24.0 to 1.25.0 by @dependabot in #917
• chore(deps): Bump github.com/google/go-containerregistry from 0.15.3-0.20230607134719-145eebe7465d to 0.16.1 by @dependabot in #919
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.314 to 1.44.315 by @dependabot in #918
• chore(deps): Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0 by @dependabot in #920
• chore(deps): Bump golang.org/x/net from 0.13.0 to 0.14.0 by @dependabot in #922
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.315 to 1.44.317 by @dependabot in #923
• chore(deps): Bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #933
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.7.1 to 1.7.2 by @dependabot in #932
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.7.1 to 1.7.2 by @dependabot in #931
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.317 to 1.44.319 by @dependabot in #934
• chore(deps): Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 by @dependabot in #927
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.7.1 to 1.7.2 by @dependabot in #928
• chore(deps): Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.7.1 to 1.7.2 by @dependabot in #930
• Store the digest of each verified attestation in the PolicyAttestation object by @hectorj2f in #925
• chore(deps): Bump github.com/theupdateframework/go-tuf from 0.5.2 to 0.6.0 by @dependabot in #903
• chore(deps): Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 by @dependabot in #937
• chore(deps): Bump github.com/hashicorp/golang-lru from 0.5.4 to 1.0.2 by @dependabot in #926
• bump scaffolding version by @hectorj2f in #912

Full Changelog: v0.8.1...v0.8.2

v0.8.1

Changelog

• 45ec96c Merge pull request #892 from sigstore/dependabot/github_actions/mikefarah/yq-4.34.2

Thanks to all contributors!

v0.8.0

What's Changed

• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.209 to 1.44.210 by @dependabot in #624
• chore(deps): Bump sigstore/scaffolding from 0.5.4 to 0.6.3 by @dependabot in #622
• chore(deps): Bump sigstore/cosign-installer from 4079ad3567a89f68395480299c77e40170430341 to 77560e399fb1b0d50a89024c16dd3a908f8d44b5 by @dependabot in #625
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.211 by @dependabot in #630
• chore(deps): Bump k8s.io/api from 0.26.1 to 0.26.2 by @dependabot in #626
• chore(deps): Bump sigstore/cosign-installer from 3.0.0 to 3.0.1 by @dependabot in #633
• chore(deps): Bump mikefarah/yq from 4.31.1 to 4.31.2 by @dependabot in #634
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.211 to 1.44.212 by @dependabot in #635
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.213 by @dependabot in #636
• Use default cosign-installer version by @hectorj2f in #637
• add new required input parameter by @cpanato in #639
• update sigstore deps by @cpanato in #641
• chore(deps): Bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #644
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.213 to 1.44.214 by @dependabot in #645
• Point README to our sigstore docs website by @hectorj2f in #646
• upgrade to use go1.20 by @cpanato in #642
• Add an optional Message to Static actions for custom fail message. by @vaikas in #652
• chore(deps): Bump actions/cache from 3.2.6 to 3.3.0 by @dependabot in #653
• chore(deps): Bump sigstore/scaffolding from 0.6.3 to 0.6.4 by @dependabot in #654
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.214 to 1.44.217 by @dependabot in #655
• chore(deps): Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 by @dependabot in #650
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.217 to 1.44.218 by @dependabot in #656
• chore(deps): Bump actions/cache from 3.3.0 to 3.3.1 by @dependabot in #658
• chore(deps): Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 by @dependabot in #661
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.218 to 1.44.220 by @dependabot in #660
• chore(deps): Bump github/codeql-action from 2.2.5 to 2.2.7 by @dependabot in #663
• chore(deps): Bump actions/setup-go from 3.5.0 to 4.0.0 by @dependabot in #664
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.220 to 1.44.221 by @dependabot in #665
• chore(deps): Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 by @dependabot in #667
• chore(deps): Bump github.com/google/go-containerregistry from 0.13.1-0.20230203223142-b3c23b4c3f28 to 0.14.0 by @dependabot in #668
• chore(deps): Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #666
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.221 to 1.44.223 by @dependabot in #670
• chore(deps): Bump mikefarah/yq from 4.31.2 to 4.32.2 by @dependabot in #672
• chore(deps): Bump anchore/sbom-action from 0.13.3 to 0.13.4 by @dependabot in #671
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.223 to 1.44.225 by @dependabot in #674
• chore(deps): Bump k8s.io/apimachinery from 0.26.2 to 0.26.3 by @dependabot in #675
• chore(deps): Bump k8s.io/api from 0.26.2 to 0.26.3 by @dependabot in #677
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.225 to 1.44.226 by @dependabot in #680
• chore(deps): Bump google.golang.org/grpc from 1.53.0 to 1.54.0 by @dependabot in #679
• chore(deps): Bump github/codeql-action from 2.2.7 to 2.2.8 by @dependabot in #682
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.226 to 1.44.227 by @dependabot in #683
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.227 to 1.44.228 by @dependabot in #685
• chore(deps): Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #684
• chore(deps): Bump mikefarah/yq from 4.32.2 to 4.33.1 by @dependabot in #687
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.228 to 1.44.229 by @dependabot in #688
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.229 to 1.44.230 by @dependabot in #690
• chore(deps): Bump github/codeql-action from 2.2.8 to 2.2.9 by @dependabot in #686
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.230 to 1.44.231 by @dependabot in #691
• chore(deps): Bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 by @dependabot in #692
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.231 to 1.44.232 by @dependabot in #695
• chore(deps): Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #694
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.232 to 1.44.233 by @dependabot in #697
• chore(deps): Bump mikefarah/yq from 4.33.1 to 4.33.2 by @dependabot in #696
• Load a TrustRoot reference when using the policy-tester by @hectorj2f in #698
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.233 to 1.44.234 by @dependabot in #699
• chore(deps): Bump anchore/sbom-action from 0.13.4 to 0.14.1 by @dependabot in #700
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.234 to 1.44.235 by @dependabot in #701
• chore(deps): Bump github/codeql-action from 2.2.9 to 2.2.10 by @dependabot in #702
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.235 to 1.44.236 by @dependabot in #703
• chore(deps): Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible by @dependabot in #705
• chore(deps): Bump github.com/sigstore/sigstore from 1.6.0 to 1.6.1 by @dependabot in #704
• chore(deps): Bump golang.org/x/net from 0.8.0 to 0.9.0 by @dependabot in #706
• chore(deps): Bump actions/github-script from 6.4.0 to 6.4.1 by @dependabot in #707
• chore(deps): Bump github/codeql-action from 2.2.10 to 2.2.11 by @dependabot in #709
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.236 to 1.44.237 by @dependabot in #708
• chore(deps): Bump sigstore/cosign-installer from 3.0.1 to 3.0.2 by @dependabot in #711
• chore(deps): Bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #714
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.237 to 1.44.239 by @dependabot in #715
• bump scorecard script to use latest versions by @hectorj2f in #716
• chore(deps): Bump mikefarah/yq from 4.33.2 to 4.33.3 by @dependabot in #719
• chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.239 to 1.44.240 by @dependabot in #720
• update links to use CDN-backed TUF endpoint by @bobcallaway in #718
• chore(deps): Bump githu...

v0.4.3

Changelog

• 58fbefc Merge pull request #689 from elfotografo007/fix-GHSA-vvpx-j8f3-3w6h-0.4.x

Thanks to all contributors!

@elfotografo007

What's Changed

• Bump golang.org/x/net by @elfotografo007 in #689

Full Changelog: v0.4.2...v0.4.3

v0.7.0

Changelog

• 89ef904 Merge pull request #619 from sigstore/dependabot/go_modules/github.com/aws/aws-sdk-go-1.44.209

Thanks to all contributors!

v0.6.3

Changelog

• 7de0227 change validation to avoid only setting rfc3161timestamp #7de0227 @hectorj2f
• d0d1797 fix policy conversion from v1beta1 to v1alpha1 #d0d1797 @hectorj2f

Thanks to all contributors!

@hectorj2f