Bump github.com/carabiner-dev/ampel from 1.2.1 to 1.3.1

[dependabot]

Bumps github.com/carabiner-dev/ampel from 1.2.1 to 1.3.1.

Release notes

Sourced from github.com/carabiner-dev/ampel's releases.

v1.3.1

No release notes provided.

v1.3.0

What's New 🎉

This is a new minor release that pulls in significant improvements in the Carabiner libraries. These translate into new features, these are the most important:

• Support for verifying attestations signed with SPIFFE SVIDS
• New CVSS CEL plugin allows fine-grained policy checks in vulnerability data (thanks @​knrc !)
• Added support to verify the source repository imprinted in fulcio certificates (thanks @​TomHennen !)
• Results output in attestations can now be signed with sigstore and the other methods supported in the carabiner signer.
• Support for emitting evaluation results to external systems via Publisher extensions (shipped the implementation: webhook)
• Started publishing the AMPEL container image again, signed with sigstore. Ships with SBOM and provenance attestation

... plus the usual dependency updates. Have fun verifying!

What's Changed

• Bump github.com/carabiner-dev/termtable from 1.0.0 to 1.1.0 by @​dependabot[bot] in carabiner-dev/ampel#262
• Cli flag groups by @​puerco in carabiner-dev/ampel#266
• Bump github.com/package-url/packageurl-go from 0.1.5 to 0.1.6 in the gomod group by @​dependabot[bot] in carabiner-dev/ampel#265
• Bump the actions group with 2 updates by @​dependabot[bot] in carabiner-dev/ampel#264
• Bump carabiner-dev/actions from e9aa1ccdf9e93cbd1f8965d6178b85d2b7d3a1f9 to 0c4687ee67199eae75b461d32d8fa2945bd522d0 by @​dependabot[bot] in carabiner-dev/ampel#263
• Refactor attesting into new ResultsAttester by @​puerco in carabiner-dev/ampel#267
• Implement attestation signing by @​puerco in carabiner-dev/ampel#268
• Add homebrew instructions by @​puerco in carabiner-dev/ampel#269
• Add ErrOnMissingAttestations eval option by @​puerco in carabiner-dev/ampel#272
• Bump github.com/Masterminds/semver/v3 from 3.4.0 to 3.5.0 by @​dependabot[bot] in carabiner-dev/ampel#271
• Bump chainguard-dev/actions from 1.6.16 to 1.6.17 in the actions group by @​dependabot[bot] in carabiner-dev/ampel#270
• Bump chainguard-dev/actions from 1.6.17 to 1.6.19 in the actions group by @​dependabot[bot] in carabiner-dev/ampel#273
• Bump github.com/google/cel-go from 0.28.0 to 0.28.1 in the gomod group by @​dependabot[bot] in carabiner-dev/ampel#274
• Bump goreleaser/goreleaser-action from 7.2.1 to 7.2.2 in the actions group by @​dependabot[bot] in carabiner-dev/ampel#275
• Add support for CVSS parsing within policies by @​knrc in carabiner-dev/ampel#278
• Bump github.com/jedib0t/go-pretty/v6 from 6.7.10 to 6.8.0 by @​dependabot[bot] in carabiner-dev/ampel#281
• Update deps by @​TomHennen in carabiner-dev/ampel#279
• Bump the actions group across 1 directory with 3 updates by @​dependabot[bot] in carabiner-dev/ampel#280
• Bump the gomod group with 3 updates by @​dependabot[bot] in carabiner-dev/ampel#282
• Resolve source-repo identity matcher from context (from_context) by @​TomHennen in carabiner-dev/ampel#285
• Bump chainguard-dev/actions from 1.6.21 to 1.6.22 in the actions group by @​dependabot[bot] in carabiner-dev/ampel#286
• Add support for eval results publishers by @​puerco in carabiner-dev/ampel#287
• Bump linter to v2.12 and fix all nits by @​puerco in carabiner-dev/ampel#288
• Bump github.com/carabiner-dev/policy from 0.5.1-0.20260428221018-836cdae656c0 to 0.5.1 by @​dependabot[bot] in carabiner-dev/ampel#290
• Bump carabiner-dev/actions from 1.2.0 to 1.2.1 in the actions group by @​dependabot[bot] in carabiner-dev/ampel#289
• Restore image build, modernize release CI by @​puerco in carabiner-dev/ampel#291

New Contributors

• @​knrc made their first contribution in carabiner-dev/ampel#278
• @​TomHennen made their first contribution in carabiner-dev/ampel#279

Full Changelog: carabiner-dev/ampel@v1.2.1...v1.3.0

Commits

• 49fa686 Merge pull request #296 from carabiner-dev/dependabot/github_actions/actions-...
• 5b6bbd7 Merge pull request #297 from carabiner-dev/dependabot/github_actions/actions/...
• 2a73389 Merge pull request #299 from TomHennen/fix/issue-298-workers
• b5f49be Fix worker-count-dependent policy verdicts (#298)
• 4038973 Bump actions/checkout from 6.0.3 to 7.0.0
• 1f322ac Bump chainguard-dev/actions from 1.6.23 to 1.6.24 in the actions group
• f1adf3a Merge pull request #295 from carabiner-dev/dependabot/github_actions/actions-...
• 5cf7de7 Merge pull request #294 from deobieta/policy-fail-flag
• eaff28c Bump chainguard-dev/actions from 1.6.22 to 1.6.23 in the actions group
• 11beb4e fix: extract repeated string literals into named constants
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)