Bump github.com/sigstore/rekor from 1.0.1 to 1.3.6

[dependabot]

Bumps github.com/sigstore/rekor from 1.0.1 to 1.3.6.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.6

New Features

• Add support for IEEE P1363 encoded ECDSA signatures
• Add index performance script (#2042)
• Add support for ed25519ph user keys in hashedrekord (#1945)
• Add metrics for index insertion (#2015)
• Add TLS support for Redis Client implementation (#1998)

Bug Fixes

• fix typo in remoteIp and set full name for trace field

Full Changelog: sigstore/rekor@v1.3.5...v1.3.6

v1.3.5

Changelog

• 488eb97 v1.3.5 changelog (#1987)
• 19cd558 output trace in slog and override correlation header name (#1986)
• a0453d5 give log timestamps nanosecond precision (#1985)
• 907f2b5 bump trillian images to v1.6.0 (#1984)
• 134ef83 remove trillian images from release process (#1983)
• 9865ca9 Added support for sha384/sha512 hash algorithms in hashedrekords (#1959)
• fc28ac1 Change Redis value for locking mechanism (#1957)
• fa9ab50 Bump sigstore/sigstore version, fix deprecated func (#1936)
• 6020532 Fix panic for DSSE canonicalization (#1923)
• fe04993 Drop conditional when verifying entry checkpoint (#1917)
• a6c25cc Remove timestamp from checkpoint (#1888)
• 64ab435 Additional unique index correction (#1885)

Thanks for all contributors!

What's Changed

• Additional unique index correction by @​sabre1041 in sigstore/rekor#1885
• Remove timestamp from checkpoint by @​haydentherapper in sigstore/rekor#1888
• Drop conditional when verifying entry checkpoint by @​haydentherapper in sigstore/rekor#1917
• Fix panic for DSSE canonicalization by @​haydentherapper in sigstore/rekor#1923
• update builder to use go1.21 by @​cpanato in sigstore/rekor#1956
• Change Redis value for locking mechanism by @​haydentherapper in sigstore/rekor#1957
• remove trillian images from release process by @​bobcallaway in sigstore/rekor#1983
• bump trillian images to v1.6.0 by @​bobcallaway in sigstore/rekor#1984
• give log timestamps nanosecond precision by @​bobcallaway in sigstore/rekor#1985
• output trace in slog and override correlation header name by @​bobcallaway in sigstore/rekor#1986
• v1.3.5 changelog by @​bobcallaway in sigstore/rekor#1987

New Contributors

• @​ret2libc made their first contribution in sigstore/rekor#1959

Full Changelog: sigstore/rekor@v1.3.4...v1.3.5

... (truncated)

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.6

New Features

• Add support for IEEE P1363 encoded ECDSA signatures
• Add index performance script (#2042)
• Add support for ed25519ph user keys in hashedrekord (#1945)
• Add metrics for index insertion (#2015)
• Add TLS support for Redis Client implementation (#1998)

Bug Fixes

• fix typo in remoteIp and set full name for trace field

Contributors

• Bob Callaway
• Colleen Murphy
• cpanato
• Hayden B
• Mihkel Pärna
• Riccardo Schirone

v1.3.5

New Features

• output trace in slog and override correlation header name (#1986)
• give log timestamps nanosecond precision (#1985)
• Added support for sha384/sha512 hash algorithms in hashedrekords (#1959)
• Change Redis value for locking mechanism (#1957)

Bug Fixes

• Fix panic for DSSE canonicalization (#1923)
• Drop conditional when verifying entry checkpoint (#1917)
• Remove timestamp from checkpoint (#1888)
• Additional unique index correction (#1885)

Quality Enhancements

• bump trillian images to v1.6.0 (#1984)
• remove trillian images from release process (#1983)
• update builder to use go1.21

Contributors

• Andrew Block
• Bob Callaway
• Carlos Tadeu Panato Junior
• Hayden Blauzvern
• Riccardo Schirone

v1.3.4

... (truncated)

Commits

• a678856 Add 1.3.6 changelog, test IEEE P1363 sigs in DSSE (#2063)
• c0668d1 build(deps): Bump google/cloud-sdk from 469.0.0 to 470.0.0
• 6e94a72 build(deps): Bump google.golang.org/api from 0.171.0 to 0.172.0
• 55bd48a build(deps): Bump the all group with 7 updates
• 52e87d5 build(deps): Bump google.golang.org/api from 0.170.0 to 0.171.0
• a613ad3 build(deps): Bump golang.org/x/mod from 0.15.0 to 0.16.0
• e767e92 build(deps): Bump go.step.sm/crypto from 0.43.1 to 0.44.1
• 1571edc build(deps): Bump gocloud.dev from 0.36.0 to 0.37.0
• 64546c8 build(deps): Bump cloud.google.com/go/pubsub from 1.36.2 to 1.37.0
• 3ba13dd build(deps): Bump google/cloud-sdk from 468.0.0 to 469.0.0 (#2061)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)