Bump slsa-framework/slsa-verifier from 2.1.0 to 2.2.0

[dependabot]

Bumps slsa-framework/slsa-verifier from 2.1.0 to 2.2.0.

Release notes

Sourced from slsa-framework/slsa-verifier's releases.

v2.2.0

Summary

Support was added for the --source-tag and --source-versioned-tag flags for GCB container provenance verification.

What's Changed

• fix: Update references check by @​ianlewis in slsa-framework/slsa-verifier#533
• chore: update docs for release v2.1.0 by @​asraa in slsa-framework/slsa-verifier#530
• feat: verification for provenance by @​developer-guy in slsa-framework/slsa-verifier#537
• feat: GCB tag and versioned-tag support for containers by @​laurentsimon in slsa-framework/slsa-verifier#540
• chore(deps): update github-actions (major) by @​renovate-bot in slsa-framework/slsa-verifier#536
• fix(deps): update github.com/sigstore/protobuf-specs digest to c8a23a4 by @​renovate-bot in slsa-framework/slsa-verifier#528
• chore(deps): update github-actions by @​renovate-bot in slsa-framework/slsa-verifier#529
• chore: report scheduled release workflow failures by @​asraa in slsa-framework/slsa-verifier#543
• fix: Support pre-releases on trusted repos by @​ianlewis in slsa-framework/slsa-verifier#552
• chore(deps): update dependency typescript to v5 by @​renovate-bot in slsa-framework/slsa-verifier#545
• fix(deps): update github.com/sigstore/protobuf-specs digest to 4dbf10b by @​renovate-bot in slsa-framework/slsa-verifier#553
• chore(deps): update npm dev by @​renovate-bot in slsa-framework/slsa-verifier#534
• chore(deps): update github-actions by @​renovate-bot in slsa-framework/slsa-verifier#544
• docs: Update README.md by @​drewroengoogle in slsa-framework/slsa-verifier#541
• fix(deps): update npm by @​renovate-bot in slsa-framework/slsa-verifier#535

New Contributors

• @​developer-guy made their first contribution in slsa-framework/slsa-verifier#537
• @​drewroengoogle made their first contribution in slsa-framework/slsa-verifier#541

Full Changelog: slsa-framework/slsa-verifier@v2.1.0...v2.2.0

v2.2.0-rc.0

Summary

Support was added for the --source-tag and --source-versioned-tag flags for GCB container provenance verification.

What's Changed

• fix: Update references check by @​ianlewis in slsa-framework/slsa-verifier#533
• chore: update docs for release v2.1.0 by @​asraa in slsa-framework/slsa-verifier#530
• feat: verification for provenance by @​developer-guy in slsa-framework/slsa-verifier#537
• feat: GCB tag and versioned-tag support for containers by @​laurentsimon in slsa-framework/slsa-verifier#540
• chore(deps): update github-actions (major) by @​renovate-bot in slsa-framework/slsa-verifier#536
• fix(deps): update github.com/sigstore/protobuf-specs digest to c8a23a4 by @​renovate-bot in slsa-framework/slsa-verifier#528
• chore(deps): update github-actions by @​renovate-bot in slsa-framework/slsa-verifier#529
• chore: report scheduled release workflow failures by @​asraa in slsa-framework/slsa-verifier#543
• fix: Support pre-releases on trusted repos by @​ianlewis in slsa-framework/slsa-verifier#552
• chore(deps): update dependency typescript to v5 by @​renovate-bot in slsa-framework/slsa-verifier#545
• fix(deps): update github.com/sigstore/protobuf-specs digest to 4dbf10b by @​renovate-bot in slsa-framework/slsa-verifier#553
• chore(deps): update npm dev by @​renovate-bot in slsa-framework/slsa-verifier#534
• chore(deps): update github-actions by @​renovate-bot in slsa-framework/slsa-verifier#544
• docs: Update README.md by @​drewroengoogle in slsa-framework/slsa-verifier#541
• fix(deps): update npm by @​renovate-bot in slsa-framework/slsa-verifier#535

... (truncated)

Commits

• 623cf20 fix(deps): update npm (#535)
• e7279e8 docs: Update README.md (#541)
• 9c3152f chore(deps): update github-actions (#544)
• 84c3bbd chore(deps): update npm dev (#534)
• 6137b13 fix(deps): update github.com/sigstore/protobuf-specs digest to 4dbf10b (#553)
• 3c5abb6 chore(deps): update dependency typescript to v5 (#545)
• f96d91b fix: Support pre-releases on trusted repos (#552)
• b01cb9d chore: report scheduled release workflow failures (#543)
• ed7976a chore(deps): update github-actions (#529)
• a09c6aa fix(deps): update github.com/sigstore/protobuf-specs digest to c8a23a4 (#528)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #1649 (2c21ef5) into main (ed5c185) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #1649   +/-   ##
=======================================
  Coverage   72.07%   72.07%           
=======================================
  Files         120      120           
  Lines        9772     9772           
=======================================
  Hits         7043     7043           
  Misses       2010     2010           
  Partials      719      719           

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.