Skip to content

Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.5 and fixes golangci-lint #2713

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pratap0007 wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.5 and fixes golangci-lint #2713

pratap0007 wants to merge 2 commits into from

Conversation

@pratap0007
Copy link
Contributor

@pratap0007 pratap0007 commented Jan 30, 2026
edited
Loading

Changes

  • Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.5
  • Fix golangci-lint Go version mismatch in make lint-go
    • updates go version to 1.25.6 to fix CVE(CVE-2025-61729)
    • updates go version in tools/go.mod and sets GOTOOLCHAIN to auto
      in the Makefile and e2e test

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes tests (if functionality changed/added)
  • Run the code checkers with make check
  • Regenerate the manpages, docs and go formatting with make generated
  • Commit messages follow commit message best practices

See the contribution guide
for more details.

Release Notes

@dependabot
Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.5
05951ef 
Bumps [github.com/sigstore/fulcio](https://github.com/sigstore/fulcio) from 1.7.1 to 1.8.5.
- [Release notes](https://github.com/sigstore/fulcio/releases)
- [Changelog](https://github.com/sigstore/fulcio/blob/main/CHANGELOG.md)
- [Commits](sigstore/fulcio@v1.7.1...v1.8.5)

---
updated-dependencies:
- dependency-name: github.com/sigstore/fulcio
  dependency-version: 1.8.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@tekton-robot tekton-robot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Jan 30, 2026
@tekton-robot
Copy link
Contributor

tekton-robot commented Jan 30, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please ask for approval from pratap0007 after the PR has been reviewed.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Jan 30, 2026
@pratap0007
Copy link
Contributor Author

pratap0007 commented Jan 30, 2026

/retest

2 similar comments
@pratap0007
Copy link
Contributor Author

pratap0007 commented Jan 30, 2026

/retest

@pratap0007
Copy link
Contributor Author

pratap0007 commented Feb 1, 2026

/retest

@pratap0007 pratap0007 force-pushed the fix-2700 branch 2 times, most recently from bc60a37 to f37e298 Compare February 2, 2026 07:12
@pratap0007
Fix golangci-lint Go version mismatch in make lint-go
809cd12 
- updates go version to 1.25.6 to fix CVE(CVE-2025-61729)
- updates go version in tools/go.mod and sets GOTOOLCHAIN to auto
  in the Makefile and e2e test

Signed-off-by: Shiv Verma <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@divyansh42 divyansh42 Awaiting requested review from divyansh42

@pradeepitm12 pradeepitm12 Awaiting requested review from pradeepitm12

Assignees

No one assigned

Labels

release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pratap0007 @tekton-robot