build(deps): bump github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1 #5598

dependabot · 2025-04-21T08:01:09Z

Bumps github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1.

Changelog

Sourced from github.com/sigstore/protobuf-specs's changelog.

0.4.1

Changed

Updated SigningConfig to specify API versions and validity periods (#539)

Added deprecated, but still in use, algorithms for ECDSA P384 and P512 using SHA256 (#572)

Commits

9581010 protos/PublicKeyDetails: add compatibility algorithms using SHA256 (#572)
44b9830 build(deps): bump quote from 1.0.38 to 1.0.40 in /gen/pb-rust (#580)
e5bccce build(deps): bump syn from 2.0.98 to 2.0.100 in /gen/pb-rust (#581)
ed1f69d build(deps): bump prost from 0.13.4 to 0.13.5 in /gen/pb-rust (#584)
3629838 build(deps): bump serde_json from 1.0.139 to 1.0.140 in /gen/pb-rust (#583)
a9885b2 build(deps): bump anyhow from 1.0.96 to 1.0.97 in /gen/pb-rust (#582)
7e4a1ad Update Dockerfile.protobuf to 29.4 (#571)
bf91edb minor zizmor fixes to specify permissions (#570)
01c386e build(deps): bump gradle/actions from 4.3.0 to 4.3.1 (#567)
793836f build(deps): bump ruby/setup-ruby from 1.227.0 to 1.229.0 (#569)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/sigstore/protobuf-specs](https://github.com/sigstore/protobuf-specs) from 0.4.0 to 0.4.1. - [Release notes](https://github.com/sigstore/protobuf-specs/releases) - [Changelog](https://github.com/sigstore/protobuf-specs/blob/main/CHANGELOG.md) - [Commits](sigstore/protobuf-specs@v0.4.0...v0.4.1) --- updated-dependencies: - dependency-name: github.com/sigstore/protobuf-specs dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 21, 2025

dependabot bot requested a review from a team as a code owner April 21, 2025 08:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1 #5598

build(deps): bump github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1 #5598

dependabot bot commented on behalf of github Apr 21, 2025

build(deps): bump github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1 #5598

Are you sure you want to change the base?

build(deps): bump github.com/sigstore/protobuf-specs from 0.4.0 to 0.4.1 #5598

Conversation

dependabot bot commented on behalf of github Apr 21, 2025

0.4.1

Changed