Bump the all group across 1 directory with 5 updates

[dependabot]

Bumps the all group with 4 updates in the / directory: github.com/sigstore/protobuf-specs, github.com/sigstore/rekor-tiles, github.com/sigstore/sigstore and github.com/theupdateframework/go-tuf/v2.

Updates github.com/sigstore/protobuf-specs from 0.5.0 to 0.5.1

Changelog

Sourced from github.com/sigstore/protobuf-specs's changelog.

v0.5.1

• Add ML-DSA-44 algorithm identifier (#860)

Commits

• 3001afe Bump ts to v0.5.1 for new release (#874)
• f68ef15 build(deps): bump the actions-deps group with 2 updates (#873)
• 9859358 build(deps): bump gradle-wrapper in /java in the java-deps group (#866)
• 51546ad build(deps): bump ts-proto from 2.11.2 to 2.11.5 in /protoc-builder/hack in t...
• 8bb3cb3 build(deps): bump the docker-refs group (#867)
• 9dfb871 Update GRPC_GATEWAY_COMMIT in versions.mk (#864)
• 80abc3f build(deps): bump the rust-deps group across 1 directory with 3 updates (#869)
• c24db24 build(deps): bump homebrew/core/protobuf from 33.4 to 34.1 in /protoc-builder...
• 6a50d86 Update GOOGLEAPIS_COMMIT in versions.mk (#863)
• a2cbebd Bump packages for 0.5.1, bump deps (#862)
• Additional commits viewable in compare view

Updates github.com/sigstore/rekor-tiles from 0.1.7-0.20250624231741-98cd4a77300f to 0.1.11

Release notes

Sourced from github.com/sigstore/rekor-tiles's releases.

v0.1.11

What's Changed

• Make verifier pkg public in sigstore/rekor-tiles#479
• Rename metrics by in sigstore/rekor-tiles#481
• Bump Tessera library to latest release in sigstore/rekor-tiles#494

Full Changelog: sigstore/rekor-tiles@v0.1.10...v0.1.11

v0.1.10

Changelog

• c0c5fc73260c54ef36ae77f942dd39afb9556194 Bump Tessera to latest release (#471)

Full Changelog: sigstore/rekor-tiles@v0.1.9...v0.1.10

v0.1.9

Changelog

• fdc24378451350cadb26466e050b7e5b4b425105 Add sleep binary to released image (#451)

v0.1.8

What's Changed

• Fix release container build, bump image deps in sigstore/rekor-tiles#446

Full Changelog: sigstore/rekor-tiles@v0.1.7...v0.1.8

v0.1.7

What's Changed

• Move internal packages to internal/ in sigstore/rekor-tiles#390
• Use protobuf-specs container for building in sigstore/rekor-tiles#391
• Retract accidental tag in sigstore/rekor-tiles#392
• Enable persistent antispam option in sigstore/rekor-tiles#405
• Create initial sharding playbook in sigstore/rekor-tiles#254
• Add end-to-end tests for sharding workflow in sigstore/rekor-tiles#400
• Update clients doc for DSSE verification in sigstore/rekor-tiles#409
• Update sharding for metrics and tinkey in sigstore/rekor-tiles#416
• minor nits regarding slog usage in sigstore/rekor-tiles#427
• Export Tessera Open Telemetry metrics in sigstore/rekor-tiles#426
• Update sharding documentation for monitoring in sigstore/rekor-tiles#429
• Sharding procedure updates based on feedback in sigstore/rekor-tiles#433
• Catch pushback error in sigstore/rekor-tiles#442
• Remove TSA from e2e test in sigstore/rekor-tiles#443
• Add sleep binary to image in sigstore/rekor-tiles#444
• Require deployment review for creating releases in sigstore/rekor-tiles#431
• Add better shutdown handling for tessera in sigstore/rekor-tiles#432

Full Changelog: sigstore/rekor-tiles@v0.1.6...v0.1.7

Commits

• See full diff in compare view

Updates github.com/sigstore/sigstore from 1.10.4 to 1.10.6

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.10.6

What's Changed

• fix: remove leftover Go template syntax from success page by @​imjasonh in sigstore/sigstore#2324

Full Changelog: sigstore/sigstore@v1.10.5...v1.10.6

v1.10.5

What's Changed

• (kms/hashivault): add openbao support in sigstore/sigstore#2303
• Fix typo in RSA PSS 4096 signature identifier in sigstore/sigstore#2270
• fix: eliminate usage of text/template in sigstore/sigstore#2288
• chore: mention openbao being supported as well (#2303) in sigstore/sigstore#2313

Full Changelog: sigstore/sigstore@v1.10.4...v1.10.5

Commits

• 311895e fix: remove leftover Go template syntax from success page (#2324)
• c90de3e chore: mention openbao being supported as well (#2313) (#2313)
• b377f8f chore: Project-wide linting (#2310)
• 295d656 build(deps): Bump the all group across 1 directory with 3 updates (#2296)
• c731032 (kms/hashivault): add openbao support (#2303)
• b56c866 fix: eliminate usage of text/template (#2288)
• 1d8faff build(deps): Bump github.com/aws/aws-sdk-go-v2/config (#2286)
• 4ac5776 build(deps): Bump github.com/letsencrypt/boulder (#2282)
• 36276e8 build(deps): Bump golang.org/x/crypto from 0.44.0 to 0.47.0 (#2258)
• 59887c9 build(deps): Bump the all group across 1 directory with 2 updates (#2278)
• Additional commits viewable in compare view

Updates github.com/sigstore/sigstore-go from 1.1.1 to 1.1.2-0.20250811211025-bac873564adb

Commits

• See full diff in compare view

Updates github.com/theupdateframework/go-tuf/v2 from 2.4.1 to 2.4.2

Release notes

Sourced from github.com/theupdateframework/go-tuf/v2's releases.

v2.4.2

What's Changed

• Do not allow empty hashes for the Target role by @​rdimitrov in theupdateframework/go-tuf#721
• Decouple CI Go version from module minimum by @​rdimitrov in theupdateframework/go-tuf#726
• chore(deps): bump github.com/sigstore/sigstore from 1.10.4 to 1.10.5 by @​dependabot[bot] in theupdateframework/go-tuf#727
• chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.10.0 to 0.11.0 by @​dependabot[bot] in theupdateframework/go-tuf#729
• Fix log line to not be fmt-styled by @​abayer in theupdateframework/go-tuf#730
• chore(deps): bump github.com/sigstore/sigstore from 1.10.5 to 1.10.6 by @​dependabot[bot] in theupdateframework/go-tuf#732
• Fix threshold counting for duplicate public keys by @​rdimitrov in theupdateframework/go-tuf#733

New Contributors

• @​abayer made their first contribution in theupdateframework/go-tuf#730

Full Changelog: theupdateframework/go-tuf@v2.4.1...v2.4.2

Commits

• f5edbde Fix threshold counting for duplicate public keys (#733)
• 2800c0a chore(deps): bump github.com/sigstore/sigstore from 1.10.5 to 1.10.6 (#732)
• 45e0a1f Fix log line to not be fmt-styled (#730)
• a5a1273 chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.10...
• 7e8f69f chore(deps): bump github.com/sigstore/sigstore from 1.10.4 to 1.10.5 (#727)
• fa94ec0 Decouple CI Go version from module minimum (#726)
• 17b4808 Do not allow empty hashes for the Target role (#721)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions