Skip to content

Commit d210768

Browse files
jiparisjiparis
authored
chore: upgrade timestamp-authority module (#2639)
Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
1 parent 2745fe2 commit d210768

File tree

3 files changed

+99
-102
lines changed

3 files changed

+99
-102
lines changed

go.mod

Lines changed: 33 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -8,11 +8,11 @@ require (
88
cuelang.org/go v0.15.1
99
entgo.io/ent v0.14.6-0.20251003170342-01063ef6395c
1010
github.com/adrg/xdg v0.4.0
11-
github.com/aws/aws-sdk-go-v2 v1.40.0
12-
github.com/aws/aws-sdk-go-v2/config v1.32.2 // indirect
13-
github.com/aws/aws-sdk-go-v2/credentials v1.19.2
11+
github.com/aws/aws-sdk-go-v2 v1.41.0
12+
github.com/aws/aws-sdk-go-v2/config v1.32.5 // indirect
13+
github.com/aws/aws-sdk-go-v2/credentials v1.19.5
1414
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.28.6
15-
github.com/aws/aws-sdk-go-v2/service/sso v1.30.5
15+
github.com/aws/aws-sdk-go-v2/service/sso v1.30.7
1616
github.com/aws/smithy-go v1.24.0
1717
github.com/cenkalti/backoff/v4 v4.3.0
1818
github.com/coreos/go-oidc/v3 v3.17.0
@@ -41,7 +41,7 @@ require (
4141
github.com/rs/zerolog v1.32.0
4242
github.com/secure-systems-lab/go-securesystemslib v0.9.1
4343
github.com/sigstore/sigstore v1.10.3
44-
github.com/spdx/tools-golang v0.5.3
44+
github.com/spdx/tools-golang v0.5.5
4545
github.com/spf13/cobra v1.10.2
4646
github.com/spf13/pflag v1.0.10
4747
github.com/spf13/viper v1.21.0
@@ -51,11 +51,11 @@ require (
5151
go.uber.org/zap v1.27.1
5252
golang.org/x/exp v0.0.0-20250813145105-42675adae3e6
5353
golang.org/x/oauth2 v0.33.0
54-
golang.org/x/term v0.37.0
54+
golang.org/x/term v0.38.0
5555
google.golang.org/api v0.256.0
5656
google.golang.org/genproto v0.0.0-20250922171735-9219d122eba9 // indirect
5757
google.golang.org/grpc v1.77.0
58-
google.golang.org/protobuf v1.36.10
58+
google.golang.org/protobuf v1.36.11
5959
sigs.k8s.io/yaml v1.6.0
6060
)
6161

@@ -90,10 +90,11 @@ require (
9090
github.com/sigstore/fulcio v1.8.3
9191
github.com/sigstore/protobuf-specs v0.5.0
9292
github.com/sigstore/sigstore-go v1.1.4-0.20251201121426-2cdedea80894
93-
github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.0
94-
github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.0
95-
github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.0
96-
github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.0
93+
github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.3
94+
github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.3
95+
github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.3
96+
github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.3
97+
github.com/sigstore/timestamp-authority/v2 v2.0.4
9798
github.com/styrainc/regal v0.35.1
9899
github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78
99100
gitlab.com/gitlab-org/security-products/analyzers/report/v5 v5.3.0
@@ -126,11 +127,11 @@ require (
126127
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
127128
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.2 // indirect
128129
github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.12 // indirect
129-
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 // indirect
130+
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 // indirect
130131
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.3 // indirect
131132
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.12 // indirect
132133
github.com/aws/aws-sdk-go-v2/service/kms v1.49.1 // indirect
133-
github.com/aws/aws-sdk-go-v2/service/signin v1.0.2 // indirect
134+
github.com/aws/aws-sdk-go-v2/service/signin v1.0.4 // indirect
134135
github.com/bahlo/generic-list-go v0.2.0 // indirect
135136
github.com/bmatcuk/doublestar v1.3.4 // indirect
136137
github.com/bmatcuk/doublestar/v4 v4.8.1 // indirect
@@ -203,6 +204,7 @@ require (
203204
github.com/lestrrat-go/jwx/v3 v3.0.11 // indirect
204205
github.com/lestrrat-go/option v1.0.1 // indirect
205206
github.com/lestrrat-go/option/v2 v2.0.0 // indirect
207+
github.com/letsencrypt/boulder v0.20251110.0 // indirect
206208
github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect
207209
github.com/minio/md5-simd v1.1.2 // indirect
208210
github.com/minio/sha256-simd v1.0.1 // indirect
@@ -232,16 +234,17 @@ require (
232234
github.com/sergi/go-diff v1.4.0 // indirect
233235
github.com/shirou/gopsutil/v4 v4.25.6 // indirect
234236
github.com/sigstore/rekor-tiles/v2 v2.0.1 // indirect
235-
github.com/sigstore/timestamp-authority/v2 v2.0.3 // indirect
236237
github.com/skeema/knownhosts v1.3.1 // indirect
237238
github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
238239
github.com/spiffe/go-spiffe/v2 v2.6.0 // indirect
239240
github.com/stoewer/go-strcase v1.3.1 // indirect
240241
github.com/styrainc/roast v0.15.0 // indirect
242+
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
241243
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
242244
github.com/tetratelabs/wabin v0.0.0-20230304001439-f6f874872834 // indirect
243245
github.com/tetratelabs/wazero v1.9.0 // indirect
244246
github.com/theupdateframework/go-tuf/v2 v2.3.0 // indirect
247+
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
245248
github.com/tklauser/go-sysconf v0.3.14 // indirect
246249
github.com/tklauser/numcpus v0.9.0 // indirect
247250
github.com/transparency-dev/formats v0.0.0-20251017110053-404c0d5b696c // indirect
@@ -266,7 +269,7 @@ require (
266269
go.opentelemetry.io/otel/sdk v1.38.0 // indirect
267270
go.opentelemetry.io/otel/sdk/metric v1.38.0 // indirect
268271
go.opentelemetry.io/proto/otlp v1.7.1 // indirect
269-
go.step.sm/crypto v0.74.0 // indirect
272+
go.step.sm/crypto v0.75.0 // indirect
270273
go.yaml.in/yaml/v2 v2.4.3 // indirect
271274
go.yaml.in/yaml/v3 v3.0.4 // indirect
272275
goa.design/goa/v3 v3.22.6 // indirect
@@ -288,13 +291,13 @@ require (
288291
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
289292
github.com/agext/levenshtein v1.2.3 // indirect
290293
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
291-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.14 // indirect
292-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.14 // indirect
293-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.14 // indirect
294+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.16 // indirect
295+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.16 // indirect
296+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.16 // indirect
294297
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect
295-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.14 // indirect
296-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.10 // indirect
297-
github.com/aws/aws-sdk-go-v2/service/sts v1.41.2 // indirect
298+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.16 // indirect
299+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.12 // indirect
300+
github.com/aws/aws-sdk-go-v2/service/sts v1.41.5 // indirect
298301
github.com/beorn7/perks v1.0.1 // indirect
299302
github.com/blang/semver v3.5.1+incompatible // indirect
300303
github.com/cespare/xxhash/v2 v2.3.0 // indirect
@@ -317,13 +320,13 @@ require (
317320
github.com/go-logr/logr v1.4.3 // indirect
318321
github.com/go-logr/stdr v1.2.2 // indirect
319322
github.com/go-openapi/analysis v0.24.1 // indirect
320-
github.com/go-openapi/errors v0.22.4 // indirect
323+
github.com/go-openapi/errors v0.22.5 // indirect
321324
github.com/go-openapi/inflect v0.21.0 // indirect
322-
github.com/go-openapi/jsonpointer v0.22.1 // indirect
323-
github.com/go-openapi/jsonreference v0.21.3 // indirect
325+
github.com/go-openapi/jsonpointer v0.22.4 // indirect
326+
github.com/go-openapi/jsonreference v0.21.4 // indirect
324327
github.com/go-openapi/loads v0.23.2 // indirect
325328
github.com/go-openapi/runtime v0.29.2 // indirect
326-
github.com/go-openapi/spec v0.22.1 // indirect
329+
github.com/go-openapi/spec v0.22.2 // indirect
327330
github.com/go-openapi/strfmt v0.25.0 // indirect
328331
github.com/go-openapi/swag v0.25.4 // indirect
329332
github.com/go-openapi/validate v0.25.1 // indirect
@@ -356,7 +359,6 @@ require (
356359
github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267 // indirect
357360
github.com/json-iterator/go v1.1.12 // indirect
358361
github.com/klauspost/compress v1.18.1 // indirect
359-
github.com/letsencrypt/boulder v0.20251110.0 // indirect
360362
github.com/magiconair/properties v1.8.10 // indirect
361363
github.com/mailru/easyjson v0.9.1 // indirect
362364
github.com/mattn/go-colorable v0.1.14 // indirect
@@ -389,16 +391,13 @@ require (
389391
github.com/sassoftware/relic v7.2.1+incompatible // indirect
390392
github.com/shibumi/go-pathspec v1.3.0 // indirect
391393
github.com/sigstore/rekor v1.4.3 // indirect
392-
github.com/sigstore/timestamp-authority v1.2.9
393394
github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af // indirect
394395
github.com/spf13/afero v1.15.0 // indirect
395396
github.com/spf13/cast v1.10.0 // indirect
396397
github.com/stretchr/objx v0.5.2 // indirect
397398
github.com/subosito/gotenv v1.6.0 // indirect
398-
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
399399
github.com/thales-e-security/pool v0.0.2 // indirect
400400
github.com/theupdateframework/go-tuf v0.7.0 // indirect
401-
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
402401
github.com/transparency-dev/merkle v0.0.2 // indirect
403402
github.com/vbatts/tar-split v0.12.2 // indirect
404403
github.com/zclconf/go-cty v1.16.2 // indirect
@@ -407,12 +406,12 @@ require (
407406
go.opentelemetry.io/otel v1.38.0 // indirect
408407
go.opentelemetry.io/otel/trace v1.38.0 // indirect
409408
go.uber.org/multierr v1.11.0 // indirect
410-
golang.org/x/crypto v0.45.0
409+
golang.org/x/crypto v0.46.0
411410
golang.org/x/mod v0.30.0 // indirect
412-
golang.org/x/net v0.47.0 // indirect
413-
golang.org/x/sync v0.18.0 // indirect
414-
golang.org/x/sys v0.38.0 // indirect
415-
golang.org/x/text v0.31.0 // indirect
411+
golang.org/x/net v0.48.0 // indirect
412+
golang.org/x/sync v0.19.0 // indirect
413+
golang.org/x/sys v0.39.0 // indirect
414+
golang.org/x/text v0.32.0 // indirect
416415
golang.org/x/time v0.14.0 // indirect
417416
golang.org/x/tools v0.39.0 // indirect
418417
google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 // indirect

0 commit comments

Comments
 (0)