chore(deps): bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0
Open
Number: #20451
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Unknown
Comments: 1
dependabot[bot]Association: Unknown
Comments: 1
Created:
May 08, 2026 at 11:45 PM UTC
(23 days ago)
(23 days ago)
Updated:
May 08, 2026 at 11:59 PM UTC
(23 days ago)
(23 days ago)
Labels:
dependencies ci-all-qa-tests auto-merge auto-retest
dependencies ci-all-qa-tests auto-merge auto-retest
Description:
Bumps github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0.
Release notes
Sourced from github.com/in-toto/in-toto-golang's releases.
v0.11.0
What's Changed
- chore(deps): bump the all group with 2 updates by
@dependabot[bot] in in-toto/in-toto-golang#453- chore(deps): bump the all group across 1 directory with 2 updates by
@dependabot[bot] in in-toto/in-toto-golang#452- chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 by
@dependabot[bot] in in-toto/in-toto-golang#457- chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by
@dependabot[bot] in in-toto/in-toto-golang#459- match: Replace ^ with ! for negation in character classes by
@adityasakyin in-toto/in-toto-golang#462Full Changelog: https://github.com/in-toto/in-toto-golang/compare/v0.10.0...v0.11.0
v0.10.0
What's Changed
- chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by
@dependabot[bot] in in-toto/in-toto-golang#232- Update maintainers and governance by
@adityasakyin in-toto/in-toto-golang#233- chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by
@dependabot[bot] in in-toto/in-toto-golang#234- chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.3 to 2.1.5 by
@dependabot[bot] in in-toto/in-toto-golang#235- chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by
@dependabot[bot] in in-toto/in-toto-golang#236- Fix expired signature in test by
@adityasakyin in-toto/in-toto-golang#241- chore(deps): bump golang.org/x/sys from 0.8.0 to 0.9.0 by
@dependabot[bot] in in-toto/in-toto-golang#240- chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.6 by
@dependabot[bot] in in-toto/in-toto-golang#239- chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by
@dependabot[bot] in in-toto/in-toto-golang#242- chore(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by
@dependabot[bot] in in-toto/in-toto-golang#243- Update GitHub Actions workflows by
@adityasakyin in-toto/in-toto-golang#246- chore(deps): bump golang.org/x/sys from 0.9.0 to 0.10.0 by
@dependabot[bot] in in-toto/in-toto-golang#245- remove linters that are no longer supported and add to make file by
@pxp928in in-toto/in-toto-golang#249- Add match products feature by
@adityasakyin in-toto/in-toto-golang#237- Remove unfinished link on record stop by
@PradyumnaKrishnain in-toto/in-toto-golang#248- chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.2 by
@dependabot[bot] in in-toto/in-toto-golang#250- chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 by
@dependabot[bot] in in-toto/in-toto-golang#251- chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 by
@dependabot[bot] in in-toto/in-toto-golang#255- Add tests for coverage in envelope.go by
@adityasakyin in-toto/in-toto-golang#256- chore(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 by
@dependabot[bot] in in-toto/in-toto-golang#257- chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by
@dependabot[bot] in in-toto/in-toto-golang#258- chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by
@dependabot[bot] in in-toto/in-toto-golang#259- Fixes filepath pattern matching in windows by
@PradyumnaKrishnain in-toto/in-toto-golang#254- chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 by
@dependabot[bot] in in-toto/in-toto-golang#261- chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 by
@dependabot[bot] in in-toto/in-toto-golang#262- chore(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 by
@dependabot[bot] in in-toto/in-toto-golang#263- chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by
@dependabot[bot] in in-toto/in-toto-golang#264- chore(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by
@dependabot[bot] in in-toto/in-toto-golang#266- Deprecate Provenance v1 struct in favor of /attestation protobufs by
@marcelamelarain in-toto/in-toto-golang#267- chore(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2 by
@dependabot[bot] in in-toto/in-toto-golang#269- chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by
@dependabot[bot] in in-toto/in-toto-golang#270- Drop use of
anyfor hash objects by@adityasakyin in-toto/in-toto-golang#238- chore(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 by
@dependabot[bot] in in-toto/in-toto-golang#271- chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by
@dependabot[bot] in in-toto/in-toto-golang#273- chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by
@dependabot[bot] in in-toto/in-toto-golang#272- chore(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 by
@dependabot[bot] in in-toto/in-toto-golang#274- chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by
@dependabot[bot] in in-toto/in-toto-golang#275
... (truncated)
Commits
36d782fMerge pull request #462 from in-toto/fix-negation-character4a09e3bmatch: Replace ^ with ! for negation in character classesc3302e8Merge pull request #459 from in-toto/dependabot/go_modules/github.com/go-jose...016e87echore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.45b9df76Merge pull request #457 from in-toto/dependabot/go_modules/google.golang.org/...595b3fechore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3e396d24Merge pull request #452 from in-toto/dependabot/github_actions/all-502588e1ca142b779Merge pull request #453 from in-toto/dependabot/go_modules/all-d8ef5820aaf741bccchore(deps): bump the all group with 2 updatesc374dc9chore(deps): bump the all group across 1 directory with 2 updates- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
Package Dependencies
Package:
github.com/in-toto/in-toto-golang
Ecosystem:
go
go
Version Change:
0.9.0 → 0.11.0
Update Type:
Minor
Minor
Technical Details
| ID: | 15704916 |
| UUID: | 4410103354 |
| Node ID: | PR_kwDOGd6UEM7ZuWBe |
| Host: | GitHub |
| Repository: | stackrox/stackrox |