attest

Author	SHA1	Message	Date
Brian DeHamer	38bcf9b1c5	New subject-checksums input param (#198 ) * new subject-checksums input param Signed-off-by: Brian DeHamer <bdehamer@github.com> * check for valid hex string for digest Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2025-01-21 10:32:02 -08:00
dependabot[bot]	d8029d4690	Bump the npm-development group with 6 updates (#186 ) * Bump the npm-development group with 6 updates Bumps the npm-development group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) \| `9.16.0` \| `9.17.0` \| \| [@sigstore/mock](https://github.com/sigstore/sigstore-js) \| `0.8.0` \| `0.9.0` \| \| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) \| `22.9.4` \| `22.10.2` \| \| [eslint](https://github.com/eslint/eslint) \| `9.16.0` \| `9.17.0` \| \| [prettier](https://github.com/prettier/prettier) \| `3.3.3` \| `3.4.2` \| \| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) \| `8.18.0` \| `8.18.1` \| Updates `@eslint/js` from 9.16.0 to 9.17.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/commits/v9.17.0/packages/js) Updates `@sigstore/mock` from 0.8.0 to 0.9.0 - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/mock@0.8.0...@sigstore/mock@0.9.0) Updates `@types/node` from 22.9.4 to 22.10.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 9.16.0 to 9.17.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v9.16.0...v9.17.0) Updates `prettier` from 3.3.3 to 3.4.2 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.2) Updates `typescript-eslint` from 8.18.0 to 8.18.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.18.1/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@eslint/js" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@sigstore/mock" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: typescript-eslint dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-12-23 12:10:15 -08:00
Brian DeHamer	bfa7e6911b	Update eslint from 8.x to 9.x (#185 ) * remove eslint prettier plugins Signed-off-by: Brian DeHamer <bdehamer@github.com> * eslint upgrade Signed-off-by: Brian DeHamer <bdehamer@github.com> * source fixup Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-13 15:25:52 -08:00
Brian DeHamer	94d0d43131	add attestation-id and attestation-url outputs (#181 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-09 09:56:33 -08:00
Brian DeHamer	65e34a8aa7	deduplicate subjects before adding to statement (#180 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-12-06 07:14:14 -08:00
dependabot[bot]	4cd38b497a	Bump csv-parse from 5.5.6 to 5.6.0 (#175 ) * Bump csv-parse from 5.5.6 to 5.6.0 Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.5.6 to 5.6.0. - [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md) - [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.6.0/packages/csv-parse) --- updated-dependencies: - dependency-name: csv-parse dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-11-27 13:59:01 -08:00
dependabot[bot]	b14bf545fc	Bump the npm-development group with 4 updates (#174 ) * Bump the npm-development group with 4 updates Bumps the npm-development group with 4 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint-plugin-github](https://github.com/github/eslint-plugin-github), [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) and [typescript](https://github.com/microsoft/TypeScript). Updates `@types/node` from 22.9.0 to 22.9.4 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint-plugin-github` from 5.0.2 to 5.1.2 - [Release notes](https://github.com/github/eslint-plugin-github/releases) - [Commits](https://github.com/github/eslint-plugin-github/compare/v5.0.2...v5.1.2) Updates `markdownlint-cli` from 0.42.0 to 0.43.0 - [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases) - [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.42.0...v0.43.0) Updates `typescript` from 5.6.3 to 5.7.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.6.3...v5.7.2) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: eslint-plugin-github dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: markdownlint-cli dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-11-27 13:58:08 -08:00
Brian DeHamer	a2d6fee37e	readme updates for v2 release (#173 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-21 12:53:27 -08:00
Brian DeHamer	85e94cb741	support multi-subject attestations (#164 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-05 09:16:07 -08:00
Brian DeHamer	b485edd412	bump @sigstore/oci from 0.3.7 to 0.4.0 (#163 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-04 09:41:46 -08:00
Brian DeHamer	dd499c2535	bump @actions/attest from 1.4.1 to 1.5.0 (#162 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-11-01 12:08:32 -07:00
dependabot[bot]	a1e57e5e7d	Bump the npm-development group with 2 updates (#149 ) * Bump the npm-development group with 2 updates Bumps the npm-development group with 2 updates: [@sigstore/mock](https://github.com/sigstore/sigstore-js) and [typescript](https://github.com/microsoft/TypeScript). Updates `@sigstore/mock` from 0.7.5 to 0.8.0 - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/mock@0.7.5...@sigstore/mock@0.8.0) Updates `typescript` from 5.6.2 to 5.6.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.6.2...v5.6.3) --- updated-dependencies: - dependency-name: "@sigstore/mock" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: Eugene <108841108+ejahnGithub@users.noreply.github.com>	2024-10-15 12:32:32 -07:00
dependabot[bot]	62269dcd0a	Bump @actions/core from 1.10.1 to 1.11.1 (#147 ) * Bump @actions/core from 1.10.1 to 1.11.1 Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.10.1 to 1.11.1. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) --- updated-dependencies: - dependency-name: "@actions/core" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-10-08 17:39:38 -07:00
dependabot[bot]	ca4c0d7bd2	Bump the npm-development group with 2 updates (#138 ) * Bump the npm-development group with 2 updates Bumps the npm-development group with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [@vercel/ncc](https://github.com/vercel/ncc). Updates `@types/node` from 22.5.5 to 22.6.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vercel/ncc` from 0.38.1 to 0.38.2 - [Release notes](https://github.com/vercel/ncc/releases) - [Commits](https://github.com/vercel/ncc/compare/0.38.1...0.38.2) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@vercel/ncc" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-09-25 14:30:55 -07:00
dependabot[bot]	f04a32dbbd	Bump the npm-development group across 1 directory with 4 updates (#130 ) * Bump the npm-development group across 1 directory with 4 updates Bumps the npm-development group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest), [nock](https://github.com/nock/nock) and [ts-jest](https://github.com/kulshekhar/ts-jest). Updates `@types/node` from 22.4.1 to 22.5.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint-plugin-jest` from 28.8.0 to 28.8.2 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.8.0...v28.8.2) Updates `nock` from 13.5.4 to 13.5.5 - [Release notes](https://github.com/nock/nock/releases) - [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md) - [Commits](https://github.com/nock/nock/compare/v13.5.4...v13.5.5) Updates `ts-jest` from 29.2.4 to 29.2.5 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.2.4...v29.2.5) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: eslint-plugin-jest dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: nock dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: ts-jest dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-09-04 10:01:51 +02:00
Brian DeHamer	67422f5511	Bump @actions/attest from 1.3.1 to 1.4.1 (#127 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-08-22 10:29:29 -07:00
dependabot[bot]	9a1607877e	Bump @actions/glob from 0.4.0 to 0.5.0 (#125 ) * Bump @actions/glob from 0.4.0 to 0.5.0 Bumps [@actions/glob](https://github.com/actions/toolkit/tree/HEAD/packages/glob) from 0.4.0 to 0.5.0. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/glob/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/glob) --- updated-dependencies: - dependency-name: "@actions/glob" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * regenerate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-08-20 13:10:31 -05:00
Brian DeHamer	2da0b13672	bump @actions/attest from 1.3.0 to 1.3.1 (#111 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-30 12:34:04 -07:00
Brian DeHamer	97f7cf8914	add show-summary input (#108 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-30 11:27:18 -07:00
Brian DeHamer	f1338058bc	format summary output as list (#105 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-24 14:31:01 -07:00
Brian DeHamer	68a047fd01	bugfix for glob exclude patterns (#100 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-07-09 07:55:19 -07:00
dependabot[bot]	7fc0e943d8	Bump the npm-development group across 1 directory with 4 updates (#99 ) * Bump the npm-development group across 1 directory with 4 updates Bumps the npm-development group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [typescript](https://github.com/Microsoft/TypeScript). Updates `@types/node` from 20.14.3 to 20.14.9 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@typescript-eslint/eslint-plugin` from 7.13.1 to 7.15.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 7.13.1 to 7.15.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/parser) Updates `typescript` from 5.4.5 to 5.5.3 - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.5...v5.5.3) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-07-02 12:31:24 -07:00
Brian DeHamer	8afbcf6e5e	increase timeout for OCI operations (#92 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-17 06:51:46 -07:00
Brian DeHamer	0fdba851bc	bump @sigstore/oci from 0.3.6 to 0.3.7 (#90 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-13 14:22:50 -07:00
Brian DeHamer	b24527d9cb	Bump @actions/attest from 1.2.1 to 1.3.0 (#89 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-12 13:17:25 -07:00
Brian DeHamer	65e3b8bbb5	bump @sigstore/oci to 0.3.6 (#88 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-12 11:27:41 -07:00
Brian DeHamer	4fa34e85c5	enforce 16MB limit on predicate size (#80 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-03 09:41:25 -07:00
Brian DeHamer	9e752e3d76	batch processing w/ exponential backoff (#79 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-06-03 07:56:25 -07:00
dependabot[bot]	a0652efe33	Bump the npm-development group with 5 updates (#75 ) * Bump the npm-development group with 5 updates Bumps the npm-development group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) \| `7.10.0` \| `7.11.0` \| \| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) \| `7.10.0` \| `7.11.0` \| \| [eslint-plugin-jsonc](https://github.com/ota-meshi/eslint-plugin-jsonc) \| `2.15.1` \| `2.16.0` \| \| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) \| `0.40.0` \| `0.41.0` \| \| [ts-jest](https://github.com/kulshekhar/ts-jest) \| `29.1.2` \| `29.1.3` \| Updates `@typescript-eslint/eslint-plugin` from 7.10.0 to 7.11.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.11.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 7.10.0 to 7.11.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.11.0/packages/parser) Updates `eslint-plugin-jsonc` from 2.15.1 to 2.16.0 - [Release notes](https://github.com/ota-meshi/eslint-plugin-jsonc/releases) - [Changelog](https://github.com/ota-meshi/eslint-plugin-jsonc/blob/master/CHANGELOG.md) - [Commits](https://github.com/ota-meshi/eslint-plugin-jsonc/compare/v2.15.1...v2.16.0) Updates `markdownlint-cli` from 0.40.0 to 0.41.0 - [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases) - [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.40.0...v0.41.0) Updates `ts-jest` from 29.1.2 to 29.1.3 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.2...v29.1.3) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: eslint-plugin-jsonc dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: markdownlint-cli dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: ts-jest dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-05-28 13:27:14 -07:00
Brian DeHamer	5b17eb7cb0	fix bug w/ private-signing input (#77 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-28 13:26:14 -07:00
Brian DeHamer	faa6467995	refactor core attestation logic (#73 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-28 11:00:03 -07:00
Brian DeHamer	3ff4eb4c69	centralize collection of action inputs (#72 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-24 11:01:44 -07:00
Brian DeHamer	074a7714de	bump @sigstore/oci from 0.3.3 to 0.3.4 (#71 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-23 08:32:51 -07:00
dependabot[bot]	72776582f8	Bump csv-parse from 5.5.5 to 5.5.6 in the npm-production group (#69 ) * --- updated-dependencies: - dependency-name: csv-parse dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-production ... Signed-off-by: dependabot[bot] <support@github.com> * regenerate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-05-23 08:18:25 -07:00
dependabot[bot]	e4e9a599b8	Bump the npm-development group with 4 updates (#68 ) * --- updated-dependencies: - dependency-name: "@sigstore/mock" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-05-23 08:13:06 -07:00
Brian DeHamer	80d9f23382	process subjects in batches (#67 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-22 07:55:00 -07:00
Brian DeHamer	12c083815e	Bump @sigstore/oci from 0.3.2 to 0.3.3 (#66 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-16 11:25:01 -07:00
Brian DeHamer	38ff958ab6	downcase subject name for OCI images (#63 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-14 08:11:10 -07:00
dependabot[bot]	32f49af665	Bump the npm-development group with 3 updates (#55 ) * Bump the npm-development group with 3 updates Bumps the npm-development group with 3 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) and [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli). Updates `@types/node` from 20.12.7 to 20.12.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint-plugin-jest` from 28.3.0 to 28.5.0 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.3.0...v28.5.0) Updates `markdownlint-cli` from 0.39.0 to 0.40.0 - [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases) - [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.39.0...v0.40.0) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: eslint-plugin-jest dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: markdownlint-cli dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * re-generate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-05-10 08:12:16 -07:00
Brian DeHamer	3f67a24e31	bump @sigstore/oci from 0.3.0 to 0.3.2 (#61 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-10 08:10:56 -07:00
Brian DeHamer	58fa41a101	send api errors to gha debug log (#59 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:34:14 -07:00
Brian DeHamer	b0d8b47eb7	include more detail in error logging (#58 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:34:01 -07:00
Brian DeHamer	9b22bf5c9f	bump @sigstore/sign from 2.3.0 to 2.3.1 (#57 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:33:44 -07:00
Brian DeHamer	d442d85e12	ensure subject globs match only files (#54 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:52:03 -07:00
Brian DeHamer	c58d52c41d	limit attestation subject count (#53 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:51:42 -07:00
Brian DeHamer	94082a9d2e	add list support for subjectPath input (#51 ) * add list support for subjectPath input Signed-off-by: Brian DeHamer <bdehamer@github.com> * bump package version to 1.1.0 Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 08:32:02 -07:00
Brian DeHamer	495f094150	tweak summary output (#43 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-26 13:23:19 -07:00
Brian DeHamer	a6dded75c9	bump @actions/attest from 1.1.0 to 1.2.1 (#41 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-25 11:03:54 -07:00
dependabot[bot]	6675b10a5b	Bump @sigstore/oci from 0.2.0 to 0.3.0 (#35 ) * Bump @sigstore/oci from 0.2.0 to 0.3.0 Bumps [@sigstore/oci](https://github.com/sigstore/sigstore-js) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/oci@0.2.0...@sigstore/oci@0.3.0) --- updated-dependencies: - dependency-name: "@sigstore/oci" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-04-25 07:46:14 -07:00
Brian DeHamer	fe2f1fbc42	update annotation scheme for OCI bundles (#29 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-22 09:41:18 -07:00

1 2

60 Commits