From f1286382774780c07860ba49a25c5f38e9da9a8a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jul 2026 15:20:39 +0000 Subject: [PATCH] chore(deps): bump sigstore from 4.0.0 to 4.1.1 Bumps [sigstore](https://github.com/sigstore/sigstore-js) from 4.0.0 to 4.1.1. - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@4.0.0...sigstore@4.1.1) --- updated-dependencies: - dependency-name: sigstore dependency-version: 4.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 115 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 83 insertions(+), 32 deletions(-) diff --git a/yarn.lock b/yarn.lock index 968b62bc64..a4264328a8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3061,6 +3061,13 @@ __metadata: languageName: node linkType: hard +"@gar/promise-retry@npm:^1.0.0, @gar/promise-retry@npm:^1.0.2": + version: 1.0.3 + resolution: "@gar/promise-retry@npm:1.0.3" + checksum: 10c0/885b02c8b0d75b2d215da25f3b639158c4fbe8fefe0d79163304534b9a6d0710db4b7699f7cd3cc1a730792bff04cbe19f4850a62d3e105a663eaeec88f38332 + languageName: node + linkType: hard + "@gorhom/bottom-sheet@npm:5.2.9": version: 5.2.9 resolution: "@gorhom/bottom-sheet@npm:5.2.9" @@ -6428,10 +6435,10 @@ __metadata: languageName: node linkType: hard -"@sigstore/core@npm:^3.0.0": - version: 3.0.0 - resolution: "@sigstore/core@npm:3.0.0" - checksum: 10c0/8f42d50401c62e04320d330ee5b95b3c9041a338654df2f006569e990781749b1f6c32706e83573caa0debebba41194e7f2a5b3f508b63a8fd0471567996a91c +"@sigstore/core@npm:^3.2.0, @sigstore/core@npm:^3.2.1": + version: 3.2.1 + resolution: "@sigstore/core@npm:3.2.1" + checksum: 10c0/b7f7dadf07234b6fa110dfeedd8453c6d81fa0fc77731c097dc72b3fb9e0e8750e7b3fa82c33f4b9d8bdda1be634eda18231f5dad1679bdf31f204f855926f61 languageName: node linkType: hard @@ -6442,17 +6449,17 @@ __metadata: languageName: node linkType: hard -"@sigstore/sign@npm:^4.0.0": - version: 4.0.1 - resolution: "@sigstore/sign@npm:4.0.1" +"@sigstore/sign@npm:^4.1.1": + version: 4.1.1 + resolution: "@sigstore/sign@npm:4.1.1" dependencies: + "@gar/promise-retry": "npm:^1.0.2" "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.0.0" + "@sigstore/core": "npm:^3.2.0" "@sigstore/protobuf-specs": "npm:^0.5.0" - make-fetch-happen: "npm:^15.0.2" - proc-log: "npm:^5.0.0" - promise-retry: "npm:^2.0.1" - checksum: 10c0/1958b292af99a61d724c9888c0e7b7e4f07e057605ae442435ded75b33c0fa9686af21c5ec9c63eccdb218885d1e9724722fda135a42b570345efc0d529f30b1 + make-fetch-happen: "npm:^15.0.4" + proc-log: "npm:^6.1.0" + checksum: 10c0/88a6e5d2ce49477a52574d5dd5f4531cbb3472435fad29730969b77988efb23bdd5ce031a74f738da5b24c950f99030704b75b8cc65d5179b56ce9ede9711784 languageName: node linkType: hard @@ -6466,14 +6473,24 @@ __metadata: languageName: node linkType: hard -"@sigstore/verify@npm:^3.0.0": - version: 3.0.0 - resolution: "@sigstore/verify@npm:3.0.0" +"@sigstore/tuf@npm:^4.0.2": + version: 4.0.2 + resolution: "@sigstore/tuf@npm:4.0.2" + dependencies: + "@sigstore/protobuf-specs": "npm:^0.5.0" + tuf-js: "npm:^4.1.0" + checksum: 10c0/eb7ba5b9d4859948bfd5552a1c6d93f0d05b9482bf21dede53779ea429f833dcd13c3a52524596c556729d75d85326ce0a7d0857d3d23ef99784b0e94e948818 + languageName: node + linkType: hard + +"@sigstore/verify@npm:^3.1.1": + version: 3.1.1 + resolution: "@sigstore/verify@npm:3.1.1" dependencies: "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.0.0" + "@sigstore/core": "npm:^3.2.1" "@sigstore/protobuf-specs": "npm:^0.5.0" - checksum: 10c0/d4e4f117266974cc50d5f31715ca7a2a9641aa8020522e9947e3806fd0c18161e54edbb9d1e22442c3aec6e43bbf88a5b839754a71c5f95dc204af7c8d83dff4 + checksum: 10c0/3b8c0b224b23a0e215e90a60a03193b77f333d9fd6838671aec2aef1bc9e8d42b9cb5cf246d5fb31135705bef0384e919364c5ba7f749e2cb4c10c93ae856a5c languageName: node linkType: hard @@ -6784,6 +6801,16 @@ __metadata: languageName: node linkType: hard +"@tufjs/models@npm:4.1.0": + version: 4.1.0 + resolution: "@tufjs/models@npm:4.1.0" + dependencies: + "@tufjs/canonical-json": "npm:2.0.0" + minimatch: "npm:^10.1.1" + checksum: 10c0/0a4ab524061c97bb43ccd3ffaaaed224eb41469fa2b748f66599d298798f7556e7158a12a9cbdfb89476df0ae538ca562292ac10909e411aa17f81f72b3e8931 + languageName: node + linkType: hard + "@tybys/wasm-util@npm:^0.10.0": version: 0.10.2 resolution: "@tybys/wasm-util@npm:0.10.2" @@ -14791,7 +14818,7 @@ __metadata: languageName: node linkType: hard -"make-fetch-happen@npm:^15.0.0, make-fetch-happen@npm:^15.0.2, make-fetch-happen@npm:^15.0.3": +"make-fetch-happen@npm:^15.0.0, make-fetch-happen@npm:^15.0.3": version: 15.0.3 resolution: "make-fetch-happen@npm:15.0.3" dependencies: @@ -14810,6 +14837,26 @@ __metadata: languageName: node linkType: hard +"make-fetch-happen@npm:^15.0.1, make-fetch-happen@npm:^15.0.4": + version: 15.0.6 + resolution: "make-fetch-happen@npm:15.0.6" + dependencies: + "@gar/promise-retry": "npm:^1.0.0" + "@npmcli/agent": "npm:^4.0.0" + "@npmcli/redact": "npm:^4.0.0" + cacache: "npm:^20.0.1" + http-cache-semantics: "npm:^4.1.1" + minipass: "npm:^7.0.2" + minipass-fetch: "npm:^5.0.0" + minipass-flush: "npm:^1.0.5" + minipass-pipeline: "npm:^1.2.4" + negotiator: "npm:^1.0.0" + proc-log: "npm:^6.0.0" + ssri: "npm:^13.0.0" + checksum: 10c0/2c5805dee83efd1cd1d3f57505120ae98f4a328be72d82447e24b8f72b8e5475910d7dbc49d7da1c5bd96a62bf8ef6ffda88ebadfdfbec7c715cfde2459c9295 + languageName: node + linkType: hard + "makeerror@npm:1.0.12": version: 1.0.12 resolution: "makeerror@npm:1.0.12" @@ -17319,13 +17366,6 @@ __metadata: languageName: node linkType: hard -"proc-log@npm:^5.0.0": - version: 5.0.0 - resolution: "proc-log@npm:5.0.0" - checksum: 10c0/bbe5edb944b0ad63387a1d5b1911ae93e05ce8d0f60de1035b218cdcceedfe39dbd2c697853355b70f1a090f8f58fe90da487c85216bf9671f9499d1a897e9e3 - languageName: node - linkType: hard - "proc-log@npm:^6.0.0, proc-log@npm:^6.1.0": version: 6.1.0 resolution: "proc-log@npm:6.1.0" @@ -19191,16 +19231,16 @@ __metadata: linkType: hard "sigstore@npm:^4.0.0": - version: 4.0.0 - resolution: "sigstore@npm:4.0.0" + version: 4.1.1 + resolution: "sigstore@npm:4.1.1" dependencies: "@sigstore/bundle": "npm:^4.0.0" - "@sigstore/core": "npm:^3.0.0" + "@sigstore/core": "npm:^3.2.1" "@sigstore/protobuf-specs": "npm:^0.5.0" - "@sigstore/sign": "npm:^4.0.0" - "@sigstore/tuf": "npm:^4.0.0" - "@sigstore/verify": "npm:^3.0.0" - checksum: 10c0/918130a3ccb254c709692bb9c1c7eb3c98632bc90f7f3a7416695fff5be6abdd41d74ba6bf6920bc4a39b4fc4f32ed1fbcdf4fa38b45b4ef34e5c824fa8f91fa + "@sigstore/sign": "npm:^4.1.1" + "@sigstore/tuf": "npm:^4.0.2" + "@sigstore/verify": "npm:^3.1.1" + checksum: 10c0/8ebe0c2a7cb3cf9ed9fb775636ab2ae364cbdea9360ea256ab003d83b83dd5eeda8dd899cffcd3853fe711425c481fab2a74246772d75e3ecb9a9483f6700289 languageName: node linkType: hard @@ -20320,6 +20360,17 @@ __metadata: languageName: node linkType: hard +"tuf-js@npm:^4.1.0": + version: 4.1.0 + resolution: "tuf-js@npm:4.1.0" + dependencies: + "@tufjs/models": "npm:4.1.0" + debug: "npm:^4.4.3" + make-fetch-happen: "npm:^15.0.1" + checksum: 10c0/38330b0b2d16f7f58eccd49b3a6ff0f87dd20743d6f2c26c2621089d8d83d807808e0e660c5be891122538d32db250e3e88267da4421537253e7aa99a45e5800 + languageName: node + linkType: hard + "tunnel-agent@npm:^0.6.0": version: 0.6.0 resolution: "tunnel-agent@npm:0.6.0"