Skip to content

Bump github.com/google/go-sev-guest from 0.13.0 to 0.14.1 #548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump github.com/google/go-sev-guest from 0.13.0 to 0.14.1 #548

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 3, 2025
edited
Loading

Bumps github.com/google/go-sev-guest from 0.13.0 to 0.14.1.

Release notes

Sourced from github.com/google/go-sev-guest's releases.

v0.14.1

This is a maintenance release that addresses an issue in our automated release pipeline. There are no functional changes to the go-sev-guest library in this version.

What's Fixed

CI: Fixed the release workflow which was failing with a 403 Forbidden error. The workflow's GITHUB_TOKEN has now been granted the necessary contents: write permissions to successfully publish artifacts to GitHub Releases. This change unblocks all future releases.

v0.14.0

This release aligns the SEV-SNP attestation report structure with the latest AMD SEV-SNP ABI specification (Rev 1.58), adding support for launch mitigation vector fields. This ensures compatibility with the newest firmware and allows for correct parsing of the LAUNCH_MIT_VECTOR and CURRENT_MIT_VECTOR fields.

What's Changed

  • feat: Add mitigation vector fields to SEV-SNP report
Commits
  • 3753e9e Merge pull request #178 from onlyshawn/fix_release_problem
  • d759bed Merge branch 'main' into fix_release_problem
  • 1eaae25 Add write permission for release workflow
  • 0923fe1 Merge pull request #177 from onlyshawn/fix-goreleaser-typo
  • 378fc2b Fix .goreleaser.yaml typo to be compatible with go releaser 2.12.7
  • 8ccc6d7 Merge pull request #176 from google/fix-goreleaser-config
  • 355e01b chore(release): Update .goreleaser.yml to version 2 syntax. Resolves deprecat...
  • e47e484 Merge pull request #175 from onlyshawn/feature/add-mitigation-vector
  • d0bc3f7 feat: Add mitigation vector fields to SEV-SNP report
  • b60b35c Merge pull request #166 from willemschots/fix/race-condition-in-get-product-c...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 3, 2025
@dependabot
Bump github.com/google/go-sev-guest from 0.13.0 to 0.14.1
a303460 
Bumps [github.com/google/go-sev-guest](https://github.com/google/go-sev-guest) from 0.13.0 to 0.14.1.
- [Release notes](https://github.com/google/go-sev-guest/releases)
- [Changelog](https://github.com/google/go-sev-guest/blob/main/.goreleaser.yaml)
- [Commits](google/go-sev-guest@v0.13.0...v0.14.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-sev-guest
  dependency-version: 0.14.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/google/go-sev-guest-0.14.1 branch from 459f811 to a303460 Compare November 4, 2025 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SammyOina SammyOina SammyOina approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SammyOina