Bump protocolbuffers/protobuf from 23.4 to 24.0 (#1312)

* Bump protocolbuffers/protobuf from 23.4 to 24.0 Bumps [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf) from 23.4 to 24.0. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v23.4...v24.0) --- updated-dependencies: - dependency-name: protocolbuffers/protobuf dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump protoc version, change setup-protoc Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Hayden Blauzvern <hblauzvern@google.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hayden Blauzvern <hblauzvern@google.com>
sigstore · Aug 9, 2023 · 08a2b7c · 08a2b7c
1 parent 7d46c03
commit 08a2b7c
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 6 deletions.
diff --git a/.github/workflows/depsreview.yml b/.github/workflows/depsreview.yml
@@ -21,4 +21,6 @@ permissions:
 jobs:
   dependency-review:
     name: License and Vulnerability Scan
-    uses: sigstore/community/.github/workflows/reusable-dependency-review.yml@9b1b5aca605f92ec5b1bf3681b1e61b3dbc420cc
+    uses: sigstore/community/.github/workflows/reusable-dependency-review.yml@f57b2d1c73f8595fe268259720efb21388db2a27
+    with:
+      allow-deps: pkg:githubactions/arduino/setup-protoc@9b1ee5b22b0a3f1feb8c2ff99b32c89b3c3191e9 # v2.0.0
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -35,10 +35,10 @@ jobs:
       - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
           go-version: ${{ env.GOVERSION }}
-      - uses: trail-of-forks/setup-protoc@a97892a429d98fae78d26f40334ab7eb616d08b9
+      - uses: arduino/setup-protoc@9b1ee5b22b0a3f1feb8c2ff99b32c89b3c3191e9 # v2.0.0
         name: Install protobuf
         with:
-          version: '23.1'
+          version: '24.0'
           repo-token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build

diff --git a/.github/workflows/protoc-dependabot-hack.yml b/.github/workflows/protoc-dependabot-hack.yml
@@ -16,4 +16,4 @@ jobs:
 
       # update the version in these places manually when Dependabot proposes a change to it here:
       # 1. the version in main.yml used to install protoc
-      - uses: protocolbuffers/protobuf@v23.4
+      - uses: protocolbuffers/protobuf@v24.0
diff --git a/pkg/generated/protobuf/fulcio.pb.go b/pkg/generated/protobuf/fulcio.pb.go
diff --git a/pkg/generated/protobuf/legacy/fulcio_legacy.pb.go b/pkg/generated/protobuf/legacy/fulcio_legacy.pb.go