From 2360a2d01e308ab4820cb36a488b580e7eb8a6eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jul 2026 17:11:22 +0000 Subject: [PATCH] build(deps): bump sigstore from 4.1.0 to 4.1.1 Bumps [sigstore](https://github.com/sigstore/sigstore-js) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@4.1.0...sigstore@4.1.1) --- updated-dependencies: - dependency-name: sigstore dependency-version: 4.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 72 +++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 46 insertions(+), 26 deletions(-) diff --git a/yarn.lock b/yarn.lock index 3b09d53..caaf8c0 100644 --- a/yarn.lock +++ b/yarn.lock @@ -927,7 +927,7 @@ __metadata: languageName: node linkType: hard -"@gar/promise-retry@npm:^1.0.3": +"@gar/promise-retry@npm:^1.0.2, @gar/promise-retry@npm:^1.0.3": version: 1.0.3 resolution: "@gar/promise-retry@npm:1.0.3" checksum: 10/0d13ea3bb1025755e055648f6e290d2a7e0c87affaf552218f09f66b3fcd9ea9d5c9cc5fe2aa6e285e1530437768e40f9448fe9a86f4f3417b216dcf488d3d1a @@ -1666,7 +1666,7 @@ __metadata: languageName: node linkType: hard -"@sigstore/core@npm:^3.1.0": +"@sigstore/core@npm:^3.2.0, @sigstore/core@npm:^3.2.1": version: 3.2.1 resolution: "@sigstore/core@npm:3.2.1" checksum: 10/2f6c1ced55f8ed3f7fc705a668eb95db9471511dfb1f054927822bf97a051dd62228ecf6a9f1932d240c2c4ae69a3b5066550789e5ad8f4257839a4370e5a120 @@ -1687,27 +1687,27 @@ __metadata: languageName: node linkType: hard -"@sigstore/sign@npm:^4.1.0": - version: 4.1.0 - resolution: "@sigstore/sign@npm:4.1.0" +"@sigstore/sign@npm:^4.1.1": + version: 4.1.1 + resolution: "@sigstore/sign@npm:4.1.1" dependencies: + "@gar/promise-retry": "npm:^1.0.2" "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.1.0" + "@sigstore/core": "npm:^3.2.0" "@sigstore/protobuf-specs": "npm:^0.5.0" - make-fetch-happen: "npm:^15.0.3" + make-fetch-happen: "npm:^15.0.4" proc-log: "npm:^6.1.0" - promise-retry: "npm:^2.0.1" - checksum: 10/e5441d4cacf0f203f329e96bb7a3ca77682cfdf90d6448ad368344056fd8d55c01742e2b636545d55364490a87988f767f2b23168b2d9cc52ef3d8fe9e9496aa + checksum: 10/c9424813ed83ae26111dd3a190dbfd776901cfc245ebb9aa68e133a7ffcbf8fc053f01d999a451e44805a291921ba4d2dfe80e3fd41b20cd5becd26aae5f5e7c languageName: node linkType: hard -"@sigstore/tuf@npm:^4.0.1": - version: 4.0.1 - resolution: "@sigstore/tuf@npm:4.0.1" +"@sigstore/tuf@npm:^4.0.2": + version: 4.0.2 + resolution: "@sigstore/tuf@npm:4.0.2" dependencies: "@sigstore/protobuf-specs": "npm:^0.5.0" tuf-js: "npm:^4.1.0" - checksum: 10/1a9725aa95eba55badf24442fe8a71c6d68f8b7d17a6b2a5e4b5590117f0181881b3485cfa57ea375b7c3a38421dbffdfcbe86e6623d903e17e3a8359837e268 + checksum: 10/14882b8e71be4185ec417744b97a47392a50da00aafd4207a46bb74b40aa019ebf22d928052fd2d31a8da0da1efe7ebebac5a70898b31a74239a1ada997be754 languageName: node linkType: hard @@ -1721,14 +1721,14 @@ __metadata: languageName: node linkType: hard -"@sigstore/verify@npm:^3.1.0": - version: 3.1.0 - resolution: "@sigstore/verify@npm:3.1.0" +"@sigstore/verify@npm:^3.1.1": + version: 3.1.1 + resolution: "@sigstore/verify@npm:3.1.1" dependencies: "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.1.0" + "@sigstore/core": "npm:^3.2.1" "@sigstore/protobuf-specs": "npm:^0.5.0" - checksum: 10/c85713cc326236ef39608e4b061c1192306fd3edd7a1334237d5d53dbb132f04e3f9d3cfd4bb2d521bf0c95a9f98945a748c97ecb06e5f36cfd09488a0d3d73f + checksum: 10/4cb24b0e62b85ebf2b62698041e0dc212d152fd40a95c05c237357c992265a23e5789f86b138bea2eea0c5f6b994974d968f03dde9c692a514f96ae4b26f31a9 languageName: node linkType: hard @@ -4288,7 +4288,7 @@ __metadata: languageName: node linkType: hard -"make-fetch-happen@npm:^15.0.1, make-fetch-happen@npm:^15.0.3": +"make-fetch-happen@npm:^15.0.1": version: 15.0.4 resolution: "make-fetch-happen@npm:15.0.4" dependencies: @@ -4307,6 +4307,26 @@ __metadata: languageName: node linkType: hard +"make-fetch-happen@npm:^15.0.4": + version: 15.0.6 + resolution: "make-fetch-happen@npm:15.0.6" + dependencies: + "@gar/promise-retry": "npm:^1.0.0" + "@npmcli/agent": "npm:^4.0.0" + "@npmcli/redact": "npm:^4.0.0" + cacache: "npm:^20.0.1" + http-cache-semantics: "npm:^4.1.1" + minipass: "npm:^7.0.2" + minipass-fetch: "npm:^5.0.0" + minipass-flush: "npm:^1.0.5" + minipass-pipeline: "npm:^1.2.4" + negotiator: "npm:^1.0.0" + proc-log: "npm:^6.0.0" + ssri: "npm:^13.0.0" + checksum: 10/01bc13d8e851212d55bbf0510dd5f94b9f239f253dfbd84275e23d1798ba7323a08b3c16031b83676fe75381ad5c70d17542c7b6828c98ee6e0d3eacdaf83ebb + languageName: node + linkType: hard + "mimic-fn@npm:^2.1.0": version: 2.1.0 resolution: "mimic-fn@npm:2.1.0" @@ -5396,16 +5416,16 @@ __metadata: linkType: hard "sigstore@npm:^4.0.0": - version: 4.1.0 - resolution: "sigstore@npm:4.1.0" + version: 4.1.1 + resolution: "sigstore@npm:4.1.1" dependencies: "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.1.0" + "@sigstore/core": "npm:^3.2.1" "@sigstore/protobuf-specs": "npm:^0.5.0" - "@sigstore/sign": "npm:^4.1.0" - "@sigstore/tuf": "npm:^4.0.1" - "@sigstore/verify": "npm:^3.1.0" - checksum: 10/7312eed22f82bebcd80a897a163e220bb1df2c084c308d17fb431ff03ef28cf20e3b17312fd8024793dcefa27e794c31174d604a28fc85672a9d6d7f34bbd4a6 + "@sigstore/sign": "npm:^4.1.1" + "@sigstore/tuf": "npm:^4.0.2" + "@sigstore/verify": "npm:^3.1.1" + checksum: 10/8fb38bbdc3ee1e79b3f19e0015ebf35b7d7f890673722f182960ec88f02a52f2f631fc983e7f8bafa3a37653a760ddc00277721a8f9159ee6ee311159ca3dfbe languageName: node linkType: hard