sigstore: replace use of deprecated module go-tuf

2024-10-01 01:36:09 -04:00 · 2024-02-21 10:30:46 +01:00 · 2024-02-21 10:30:46 +01:00 · 8541365341
commit 8541365341
parent ffdf23e3f2
3 changed files with 4 additions and 4 deletions
--- a/go.mod
+++ b/go.mod
@ -120,7 +120,6 @@ require (
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.8.4
 	github.com/theupdateframework/go-tuf v0.7.0
 	github.com/tink-crypto/tink-go/v2 v2.0.0
 	github.com/vincent-petithory/dataurl v1.0.0
 	go.etcd.io/etcd/api/v3 v3.5.12
@ -332,11 +331,12 @@ require (
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/samber/lo v1.38.1 // indirect
 	github.com/sassoftware/relic v7.2.1+incompatible // indirect
-	github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect
+	github.com/secure-systems-lab/go-securesystemslib v0.8.0
 	github.com/shopspring/decimal v1.3.1 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/spf13/cast v1.6.0 // indirect
 	github.com/stretchr/objx v0.5.0 // indirect
 	github.com/theupdateframework/go-tuf v0.7.0 // indirect
 	github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
 	github.com/transparency-dev/merkle v0.0.2 // indirect
 	github.com/ulikunitz/xz v0.5.11 // indirect
--- a/internal/sigstore/BUILD.bazel
+++ b/internal/sigstore/BUILD.bazel
@ -12,6 +12,7 @@ go_library(
    importpath = "github.com/edgelesssys/constellation/v2/internal/sigstore",
    visibility = ["//:__subpackages__"],
    deps = [
        "@com_github_secure_systems_lab_go_securesystemslib//encrypted",
        "@com_github_sigstore_rekor//pkg/client",
        "@com_github_sigstore_rekor//pkg/generated/client",
        "@com_github_sigstore_rekor//pkg/generated/client/entries",
@ -21,7 +22,6 @@ go_library(
        "@com_github_sigstore_rekor//pkg/verify",
        "@com_github_sigstore_sigstore//pkg/cryptoutils",
        "@com_github_sigstore_sigstore//pkg/signature",
        "@com_github_theupdateframework_go_tuf//encrypted",
    ],
 )
--- a/internal/sigstore/sign.go
+++ b/internal/sigstore/sign.go
@ -17,8 +17,8 @@ import (
 	"errors"
 	"fmt"
 	"github.com/secure-systems-lab/go-securesystemslib/encrypted"
 	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/theupdateframework/go-tuf/encrypted"
 )
 const (