Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / sigstore/sigstore issues and pull requests

#1949 - SignerVerifier: providing either a message or a digest

Issue - State: open - Opened by ramonpetgrave64 19 days ago
Labels: enhancement

#1948 - cliplugin: semver, add tests for hash func encoding

Pull Request - State: open - Opened by ramonpetgrave64 19 days ago

#1947 - cliplugin: use caller contexts

Pull Request - State: open - Opened by ramonpetgrave64 19 days ago

#1946 - cliplugin: add SupportedAlgorithms(), PublicKey(), and CryptoSigner().

Pull Request - State: open - Opened by ramonpetgrave64 20 days ago - 1 comment

#1945 - build(deps): Bump the gomod group across 6 directories with 5 updates

Pull Request - State: open - Opened by dependabot[bot] 20 days ago
Labels: dependencies, go

#1944 - cliplugin: add VerifySignature

Pull Request - State: closed - Opened by ramonpetgrave64 23 days ago - 1 comment

#1943 - ignore: accidentally created PR

Pull Request - State: closed - Opened by ramonpetgrave64 25 days ago

#1942 - build(deps): Bump google.golang.org/api from 0.216.0 to 0.217.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 26 days ago
Labels: dependencies, go

#1940 - build(deps): Bump the gomod group across 6 directories with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 26 days ago - 2 comments
Labels: dependencies, go

#1939 - build(deps): Bump actions/setup-go from 5.2.0 to 5.3.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] 26 days ago
Labels: dependencies, github_actions

#1938 - build(deps): Bump golang.org/x/net from 0.25.0 to 0.33.0 in /pkg/signature/kms/hashivault

Pull Request - State: closed - Opened by dependabot[bot] 27 days ago
Labels: dependencies, go

#1937 - build(deps): Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] 27 days ago
Labels: dependencies, github_actions

#1936 - build(deps): Bump the gomod group across 2 directories with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] 27 days ago
Labels: dependencies, go

#1935 - Stop bumping go directive unless necessitated by other dependencies

Issue - State: closed - Opened by kaovilai about 1 month ago - 1 comment

#1933 - use ubuntu-22.04 for the e2e tests workflow

Pull Request - State: closed - Opened by cpanato about 1 month ago - 3 comments

#1932 - build(deps): Bump actions/upload-artifact from 4.4.3 to 4.6.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, github_actions

#1931 - build(deps): Bump google.golang.org/api from 0.214.0 to 0.216.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1930 - build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.16.0 to 1.17.0 in /pkg/signature/kms/azure

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1929 - build(deps): Bump the gomod group across 2 directories with 5 updates

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1927 - cleanup ci

Pull Request - State: closed - Opened by cpanato about 1 month ago

#1926 - build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1925 - build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0 in /pkg/signature/kms/azure

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1924 - build(deps): Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1923 - build(deps): Bump golang.org/x/crypto from 0.31.0 to 0.32.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1922 - build(deps): Bump golang.org/x/term from 0.27.0 to 0.28.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1921 - build(deps): Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1919 - kms plugin: add SignMessage

Pull Request - State: closed - Opened by ramonpetgrave64 about 2 months ago

#1918 - cliplugin: add mocks and serialization testing

Pull Request - State: closed - Opened by ramonpetgrave64 about 2 months ago - 2 comments

#1917 - build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1916 - build(deps): Bump the gomod group across 2 directories with 5 updates

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1915 - build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, docker

#1914 - Disabling CreateKey for KMSs

Issue - State: open - Opened by ramonpetgrave64 about 2 months ago - 3 comments
Labels: enhancement

#1913 - build(deps): Bump the tools group across 1 directory with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, go

#1912 - build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1911 - build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1910 - build(deps): Bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1909 - build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1908 - build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.31.0 in /test/fuzz

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1907 - build(deps): Bump actions/cache from 4.1.2 to 4.2.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1906 - build(deps): Bump google.golang.org/api from 0.209.0 to 0.210.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1905 - build(deps): Bump golang.org/x/crypto from 0.29.0 to 0.30.0 in /pkg/signature/kms/azure

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1904 - build(deps): Bump golang.org/x/term from 0.26.0 to 0.27.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, go

#1903 - build(deps): Bump golang.org/x/crypto from 0.29.0 to 0.31.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1901 - add initial plugin support for KMSs

Pull Request - State: closed - Opened by ramonpetgrave64 2 months ago - 10 comments

#1900 - build(deps): Bump the gomod group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1899 - build(deps): Bump localstack/localstack from 4.0.2 to 4.0.3 in /test/e2e in the all group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, docker

#1898 - build(deps): Bump actions/dependency-review-action from 4.4.0 to 4.5.0 in the all group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1897 - build(deps): Bump localstack/localstack from 3.8.1 to 4.0.2 in /test/e2e

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, docker

#1896 - build(deps): Bump hashicorp/vault from 1.18.1 to 1.18.2 in /test/e2e in the all group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, docker

#1894 - build(deps): Bump google.golang.org/api from 0.206.0 to 0.209.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, go

#1893 - build(deps): Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /pkg/signature/kms/aws

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1892 - build(deps): Bump github.com/stretchr/testify from 1.9.0 to 1.10.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, go

#1891 - build(deps): Bump the gomod group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1890 - build(deps): Bump google.golang.org/api from 0.205.0 to 0.206.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1889 - build(deps): Bump the gomod group across 2 directories with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1887 - build(deps): Bump google.golang.org/api from 0.204.0 to 0.205.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1886 - build(deps): Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1884 - build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.29.0 in /pkg/signature/kms/azure

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1883 - build(deps): Bump golang.org/x/term from 0.25.0 to 0.26.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, go

#1882 - build(deps): Bump golang.org/x/crypto from 0.28.0 to 0.29.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, go

#1881 - build(deps): Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1880 - build(deps): Bump the gomod group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1879 - go directive in go.mod is unnecessarily specific

Issue - State: closed - Opened by dnwe 3 months ago
Labels: bug

#1878 - fix: set go module directive to 1.22.0

Pull Request - State: closed - Opened by dnwe 3 months ago

#1877 - build(deps): Bump google.golang.org/api from 0.203.0 to 0.204.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1876 - build(deps): Bump the gomod group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1875 - build(deps): Bump hashicorp/vault from 1.18.0 to 1.18.1 in /test/e2e in the all group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, docker

#1874 - build(deps): Bump the all group with 4 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1872 - build(deps): Bump the gomod group across 1 directory with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1871 - Upgrade TUF from deprecated v0 API to modern v2

Issue - State: closed - Opened by jas4711 4 months ago - 13 comments
Labels: enhancement

#1869 - build(deps): Bump google.golang.org/api from 0.200.0 to 0.201.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1866 - Add workflow to synchronize go dependencies in submodules

Pull Request - State: closed - Opened by codysoyland 4 months ago - 2 comments

#1865 - bump to go 1.22.8

Pull Request - State: closed - Opened by cpanato 4 months ago - 2 comments

#1864 - build(deps): Bump the all group in /test/e2e with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, docker

#1863 - build(deps): Bump the all group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#1862 - build(deps): Bump google.golang.org/api from 0.199.0 to 0.200.0 in /pkg/signature/kms/gcp

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1859 - build(deps): Bump the gomod group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1858 - Mark TUF client as deprecated

Pull Request - State: closed - Opened by haydentherapper 4 months ago

#1857 - CVE in go-tuf please upgrade to go-tuf/v2

Issue - State: closed - Opened by xnox 4 months ago - 1 comment
Labels: bug

#1852 - build(deps): Bump golang.org/x/crypto from 0.25.0 to 0.28.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

#1828 - feat(kms): Add Alibaba Cloud KMS support

Pull Request - State: open - Opened by mozillazg 5 months ago - 5 comments

#1728 - Fix RSA signature ASN.1 parsing bug

Pull Request - State: open - Opened by malancas 9 months ago

#1658 - Add plugin interface for out-of-tree KMS providers

Issue - State: open - Opened by bobcallaway 12 months ago - 10 comments
Labels: enhancement

#1637 - build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#1636 - build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#1635 - build(deps): Bump the all group in /pkg/signature/kms/hashivault with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, go