-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade sigstore/cosign dependency to v1.5.2 #924
Upgrade sigstore/cosign dependency to v1.5.2 #924
Conversation
Codecov Report
@@ Coverage Diff @@
## main #924 +/- ##
==========================================
+ Coverage 69.66% 69.74% +0.07%
==========================================
Files 119 119
Lines 5364 5377 +13
==========================================
+ Hits 3737 3750 +13
Misses 1265 1265
Partials 362 362
Continue to review full report at Codecov.
|
github.com/google/go-cmp v0.5.7 | ||
github.com/google/go-containerregistry v0.8.0 | ||
github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20210610160139-c086c7f16d4e | ||
github.com/google/go-containerregistry v0.8.1-0.20220125170349-50dfc2733d10 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we use a released version of ggcr?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will the replace directive on line 46 take care of that, perhaps? If I recall correctly the project does not build with this version but it is a transitive dependency of the version upgrade.
e4118db
to
28cb4c1
Compare
28cb4c1
to
3964ca9
Compare
* Upgrade sigstore/cosign dependency to v1.5.2. * Lock version of Kubernetes libraries to v0.20.11.
3964ca9
to
013a9d9
Compare
Upgrade sigstore/cosign dependency from v1.0.0 to v1.5.2.
Fixes #923
Tasks: