From a3ec4904ac89b617ecb95e0b13be90cc6b7ede1c Mon Sep 17 00:00:00 2001 From: Jason Power Date: Thu, 3 Oct 2024 09:11:18 +0100 Subject: [PATCH] chore(deps): bump github.com/theupdateframework/go-tuf/v2 (#272) * chore(deps): bump github.com/theupdateframework/go-tuf/v2 Bumps [github.com/theupdateframework/go-tuf/v2](https://github.com/theupdateframework/go-tuf) from 2.0.0 to 2.0.1. - [Release notes](https://github.com/theupdateframework/go-tuf/releases) - [Changelog](https://github.com/theupdateframework/go-tuf/blob/master/.goreleaser.yaml) - [Commits](https://github.com/theupdateframework/go-tuf/compare/v2.0.0...v2.0.1) --- updated-dependencies: - dependency-name: github.com/theupdateframework/go-tuf/v2 dependency-type: indirect ... Signed-off-by: dependabot[bot] * update cel expressions * update e2e tests --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/e2e-tests.yml | 2 +- .github/workflows/kind-verify-attestation.yaml | 2 +- .github/workflows/tests.yaml | 2 +- .tekton/cosign-pull-request.yaml | 2 +- .tekton/cosign-push.yaml | 2 +- go.mod | 2 +- go.sum | 4 ++-- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index 652dc49c777..104127b020e 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -212,4 +212,4 @@ jobs: - name: Collect diagnostics if: ${{ failure() }} - uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main + uses: chainguard-dev/actions/kind-diag@9ba949ac63357c725a9438f3e05a1e33d313498e # main diff --git a/.github/workflows/kind-verify-attestation.yaml b/.github/workflows/kind-verify-attestation.yaml index 572cc98dddd..fd994d4ae05 100644 --- a/.github/workflows/kind-verify-attestation.yaml +++ b/.github/workflows/kind-verify-attestation.yaml @@ -151,7 +151,7 @@ jobs: - name: Collect diagnostics if: ${{ failure() }} - uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main + uses: chainguard-dev/actions/kind-diag@9ba949ac63357c725a9438f3e05a1e33d313498e # main - name: Create vuln attestation for it run: | diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index de5ab337360..48877b73abb 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -174,7 +174,7 @@ jobs: - name: Collect diagnostics if: ${{ failure() }} - uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main + uses: chainguard-dev/actions/kind-diag@9ba949ac63357c725a9438f3e05a1e33d313498e # main e2e-windows-powershell-tests: name: Run PowerShell E2E tests diff --git a/.tekton/cosign-pull-request.yaml b/.tekton/cosign-pull-request.yaml index 89ad1c243b1..4cd3b0fb747 100644 --- a/.tekton/cosign-pull-request.yaml +++ b/.tekton/cosign-pull-request.yaml @@ -7,7 +7,7 @@ metadata: build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "main" && ( "Dockerfile.cosign.rh".pathChanged() || ".tekton/cosign-pull-request.yaml".pathChanged() || "cmd/***".pathChanged() || "internal/***".pathChanged() || "pkg/***".pathChanged() || "Build.mak".pathChanged() || "Makefile".pathChanged() || "trigger-konflux-builds.txt".pathChanged() ) + pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "main" && ( "Dockerfile.cosign.rh".pathChanged() || ".tekton/cosign-pull-request.yaml".pathChanged() || "cmd/***".pathChanged() || "internal/***".pathChanged() || "pkg/***".pathChanged() || "Build.mak".pathChanged() || "Makefile".pathChanged() || "trigger-konflux-builds.txt".pathChanged() || "go.mod".pathChanged() || "go.sum".pathChanged() ) pipelinesascode.tekton.dev/task: "[.tekton/cosign-unit-test.yaml]" creationTimestamp: null labels: diff --git a/.tekton/cosign-push.yaml b/.tekton/cosign-push.yaml index 65ad9f77d87..790dbd7ef5a 100644 --- a/.tekton/cosign-push.yaml +++ b/.tekton/cosign-push.yaml @@ -6,7 +6,7 @@ metadata: build.appstudio.redhat.com/commit_sha: '{{revision}}' build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" - pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "main" && ( "Dockerfile.cosign.rh".pathChanged() || ".tekton/cosign-push.yaml".pathChanged() || "cmd/***".pathChanged() || "internal/***".pathChanged() || "pkg/***".pathChanged() || "Build.mak".pathChanged() || "Makefile".pathChanged() || "trigger-konflux-builds.txt".pathChanged() ) + pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "main" && ( "Dockerfile.cosign.rh".pathChanged() || ".tekton/cosign-push.yaml".pathChanged() || "cmd/***".pathChanged() || "internal/***".pathChanged() || "pkg/***".pathChanged() || "Build.mak".pathChanged() || "Makefile".pathChanged() || "trigger-konflux-builds.txt".pathChanged() || "go.mod".pathChanged() || "go.sum".pathChanged() ) pipelinesascode.tekton.dev/task: "[.tekton/cosign-unit-test.yaml]" creationTimestamp: null labels: diff --git a/go.mod b/go.mod index 123b9eb3b99..7c314f1022d 100644 --- a/go.mod +++ b/go.mod @@ -241,7 +241,7 @@ require ( github.com/tchap/go-patricia/v2 v2.3.1 // indirect github.com/thales-e-security/pool v0.0.2 // indirect github.com/theupdateframework/go-tuf v0.7.0 // indirect - github.com/theupdateframework/go-tuf/v2 v2.0.0 // indirect + github.com/theupdateframework/go-tuf/v2 v2.0.1 // indirect github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect github.com/tjfoc/gmsm v1.4.1 // indirect github.com/urfave/negroni v1.0.0 // indirect diff --git a/go.sum b/go.sum index b3839926a89..ce149f08171 100644 --- a/go.sum +++ b/go.sum @@ -678,8 +678,8 @@ github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gt github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU= github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI= github.com/theupdateframework/go-tuf v0.7.0/go.mod h1:uEB7WSY+7ZIugK6R1hiBMBjQftaFzn7ZCDJcp1tCUug= -github.com/theupdateframework/go-tuf/v2 v2.0.0 h1:rD8d9RotYBprZVgC+9oyTZ5MmawepnTSTqoDuxjWgbs= -github.com/theupdateframework/go-tuf/v2 v2.0.0/go.mod h1:baB22nBHeHBCeuGZcIlctNq4P61PcOdyARlplg5xmLA= +github.com/theupdateframework/go-tuf/v2 v2.0.1 h1:11p9tXpq10KQEujxjcIjDSivMKCMLguls7erXHZnxJQ= +github.com/theupdateframework/go-tuf/v2 v2.0.1/go.mod h1:baB22nBHeHBCeuGZcIlctNq4P61PcOdyARlplg5xmLA= github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 h1:e/5i7d4oYZ+C1wj2THlRK+oAhjeS/TRQwMfkIuet3w0= github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399/go.mod h1:LdwHTNJT99C5fTAzDz0ud328OgXz+gierycbcIx2fRs= github.com/tjfoc/gmsm v1.3.2/go.mod h1:HaUcFuY0auTiaHB9MHFGCPx5IaLhTUd2atbCFBQXn9w=