Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package cosign for openSUSE:Factory checked 
in at 2022-07-28 20:59:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cosign (Old)
 and      /work/SRC/openSUSE:Factory/.cosign.new.1533 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "cosign"

Thu Jul 28 20:59:10 2022 rev:8 rq:991560 version:1.10.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/cosign/cosign.changes    2022-06-19 
21:11:13.502158345 +0200
+++ /work/SRC/openSUSE:Factory/.cosign.new.1533/cosign.changes  2022-07-28 
20:59:38.631747437 +0200
@@ -1,0 +2,42 @@
+Wed Jul 27 13:41:54 UTC 2022 - Marcus Meissner <meiss...@suse.com>
+
+- updated to 1.10.0
+  - replace gcr.io/distroless/ to use ghcr.io/distroless/ by @cpanato in #1961
+  - Separate RegExp matching of issuer/subject from strict by @vaikas in #1956
+  - tuf: improve TUF client concurrency and caching by @asraa in #1953
+  - Add Cloudsmith Container Registry to tested registry list by @ciaracarey 
in #1966
+  - feat(fulcioroots): singleton error pattern by @developer-guy in #1965
+  - Drop tuf client dependency on GCS client library by @imjasonh in #1967
+  - Add spdxjson predicate type for attestations by @jdolitsky in #1974
+  - Remove policy-controller now that it lives in sigstore/policy-controller 
by @vaikas in #1976
+  - cleanup: unexport kubernetes.Client method by @imjasonh in #1973
+  - cleanup ci job and remove policy-controller references by @cpanato in #1981
+  - fix/update post build job by @cpanato in #1983
+  - docs: updated Azure kms commands. by @JBrejnholt in #1972
+  - Add cyclonedx predicate type for attestations by @jdolitsky in #1977
+  - Route deprecated -version to version subcommand by @puerco in #1854
+  - docs(readme): add installation steps for container image for cosign binary 
by @developer-guy in #1986
+  - Add --platform flag to cosign sbom download by @puerco in #1975
+  - Use pkg/fulcioroots and pkg/tuf from sigstore/sigstore by @imjasonh in 
#1866
+  - Add --oidc-provider flag to specify which provider to use for ambient 
credentials by @priyawadhwa in #1998
+  - encrypt values to create the github action secret by @cpanato in #1990
+  - sign-blob: bundle should work independently and respect 
--output-certificate and --output-signature by @Dentrax in #2016
+  - Attempt to clean up pkg/cosign by @imjasonh in #2018
+  - public-key: fix command description by @Dentrax in #2024
+  - [NFC] specs: fix list formatting on SIGNATURE_SPEC by @woodruffw in #2030
+  - feat: cert-extensions verify by @developer-guy in #1626
+  - Fix #1378 create new attestation signature in replace mode if not existent 
by @Syquel in #2014
+  - Use cosign.ConfirmPrompt more consistently by @imjasonh in #2039
+  - chore: add a note about SIGSTORE_REKOR_PUBLIC_KEY var by @hectorj2f in 
#2040
+  - Fix OIDC test by @cpanato in #2050
+  - Add env subcommand. by @wlynch in #2051
+  - remove tests with 1.21 k8s cluster because it is deprecated and add 
v1.23/24 by @cpanato in #2055
+  - update ct/otel and etcd by @cpanato in #2054
+  - chore(deps): CycloneDX PredicateType changed to use in-toto-golang by 
@masahiro331 in #2067
+  - Remove replace directives in go.mod. by @wlynch in #2070
+  - update design doc link by @bobcallaway in #2077
+  - Remove hack/tools.go by @imjasonh in #2080
+  - fix missing quote by @cpanato in #2090
+- removed cosigned and webhook
+
+-------------------------------------------------------------------

Old:
----
  cosign-1.9.0.tar.gz

New:
----
  cosign-1.10.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ cosign.spec ++++++
--- /var/tmp/diff_new_pack.s5pnIU/_old  2022-07-28 20:59:40.867759030 +0200
+++ /var/tmp/diff_new_pack.s5pnIU/_new  2022-07-28 20:59:40.871759050 +0200
@@ -17,9 +17,9 @@
 
 
 Name:           cosign
-Version:        1.9.0
+Version:        1.10.0
 Release:        0
-%define revision a4cb262dc3d45a283a6a7513bb767a38a2d3f448
+%define revision 3a6088d03d7c053f9b3bd61ed07fba92133579cf
 Summary:        Container Signing, Verification and Storage in an OCI registry
 License:        Apache-2.0
 URL:            https://github.com/sigstore/cosign
@@ -52,7 +52,6 @@
 CLI_LDFLAGS="-X ${CLI_PKG}.gitVersion=%{version} -X 
${CLI_PKG}.gitCommit=%{revision} -X ${CLI_PKG}.gitTreeState=release -X 
${CLI_PKG}.buildDate=${BUILD_DATE}"
 
 go build -mod=vendor -buildmode=pie -ldflags "${CLI_LDFLAGS}" -o cosign 
./cmd/cosign
-go build -mod=vendor -buildmode=pie -ldflags "${CLI_LDFLAGS}" -o cosigned 
./cmd/cosign/webhook
 go build -mod=vendor -buildmode=pie -ldflags "${CLI_LDFLAGS}" -o sget 
./cmd/sget
 ./cosign version
 ./sget version
@@ -61,13 +60,11 @@
 %install
 install -D -m 0755 cosign %{buildroot}%{_bindir}/cosign
 install -D -m 0755 sget %{buildroot}%{_bindir}/sget
-install -D -m 0755 cosigned %{buildroot}%{_bindir}/cosigned
 
 %files
 %license LICENSE
 %doc *.md
 %{_bindir}/cosign
-%{_bindir}/cosigned
 %{_bindir}/sget
 
 %changelog

++++++ cosign-1.9.0.tar.gz -> cosign-1.10.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/cosign/cosign-1.9.0.tar.gz 
/work/SRC/openSUSE:Factory/.cosign.new.1533/cosign-1.10.0.tar.gz differ: char 
13, line 1

++++++ vendor.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/cosign/vendor.tar.bz2 
/work/SRC/openSUSE:Factory/.cosign.new.1533/vendor.tar.bz2 differ: char 1, line 
1

Reply via email to