From 5244f438a685e361be1e30516ec210346e29843e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Aug 2024 11:15:49 +0200
Subject: [PATCH 1/2] Bump anchore/sbom-action from 0.17.1 to 0.17.2 in the ci
 group (#891)

Bumps the ci group with 1 update:
[anchore/sbom-action](https://github.com/anchore/sbom-action).

Updates `anchore/sbom-action` from 0.17.1 to 0.17.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.17.2</h2>
<h2>Changes in v0.17.2</h2>
<ul>
<li>Update Syft to v1.11.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/485">#485</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/anchore/sbom-action/commit/61119d458adab75f756bc0b9e4bde25725f86a7a"><code>61119d4</code></a>
chore(deps): update Syft to v1.11.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/485">#485</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/ab9d16d4b419c9d1a02df5213fa0ebe965ca5a57...61119d458adab75f756bc0b9e4bde25725f86a7a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.17.1&new-version=0.17.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hilmar Falkenberg <hilmar.falkenberg@sap.com>
---
 .github/workflows/release.yaml                 |  4 ++--
 docs/releasenotes/v0.14.0.md                   |  5 ++---
 examples/lib/tour/01-getting-started/README.md | 14 +++++++-------
 3 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index ed6ed00bf5..b3f9191562 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -143,7 +143,7 @@ jobs:
         check-latest: false
 
     - name: Setup Syft
-      uses: anchore/sbom-action/download-syft@ab9d16d4b419c9d1a02df5213fa0ebe965ca5a57 # v0.17.1
+      uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2
 
     - name: Setup Cosign
       uses: sigstore/cosign-installer@v3.6.0
@@ -193,7 +193,7 @@ jobs:
         v="${{env.RELEASE_VERSION}}"
         f="docs/releasenotes/$v.md"
         if [ ! -f "$f" ]; then
-          echo "Release ${{ env.RELEASE_VERSION }}" > "$f"
+          echo "# Release ${{ env.RELEASE_VERSION }}" > "$f"
           echo "$RELEASE_NOTES" | tail -n +2 >> "$f"
           echo "RELEASE_NOTES_FILE=$f" >> $GITHUB_ENV
           git add "$f"
diff --git a/docs/releasenotes/v0.14.0.md b/docs/releasenotes/v0.14.0.md
index 00291b1eee..dbdd09eac8 100644
--- a/docs/releasenotes/v0.14.0.md
+++ b/docs/releasenotes/v0.14.0.md
@@ -1,4 +1,4 @@
-Release v0.14.0
+# Release v0.14.0
 
 - move migrate tooling to 'hack' folder (#889)
 - feat: add npm input type (#886)
@@ -14,9 +14,8 @@ Release v0.14.0
 - ignore status error for reading pubsub config (#873)
 - introduce optional repository interface for resolvers (#867)
 - Bump anchore/sbom-action from 0.17.0 to 0.17.1 in the ci group (#875)
-- fix cli docu generation (#876)
+- fix cli documentation generation (#876)
 - Adjust workflow: check diff (#874)
 - Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 in the ci group (#868)
 - Bump the go group with 15 updates (#870)
 - Package restructuring (#784)
-
diff --git a/examples/lib/tour/01-getting-started/README.md b/examples/lib/tour/01-getting-started/README.md
index d1d524bea7..d98acf7b9d 100644
--- a/examples/lib/tour/01-getting-started/README.md
+++ b/examples/lib/tour/01-getting-started/README.md
@@ -168,32 +168,32 @@ differ, because the code always describes the latest version):
 
 ```text
 resources of the latest version:
-  version:  0.13.0
+  version:  0.14.0
   provider: ocm.software
    1: name:           ocmcli
       extra identity: "architecture"="amd64","os"="linux"
       resource type:  executable
-      access:         Local blob sha256:c02de4aa8801ee0300edd31749efc7ef1cb63f082fed67861fddc6ca0ace4545[]
+      access:         Local blob sha256:a2956cab68775be3e4e52da7eec4c2fded6bde932b5a21c28a64f0dbc70848dc[]
    2: name:           ocmcli
       extra identity: "architecture"="arm64","os"="linux"
       resource type:  executable
-      access:         Local blob sha256:7ac5a31e21214b533a6764c41f94703d9704a639a8c0119e6ece3070ba0e8988[]
+      access:         Local blob sha256:0ec7cb898d57b87b0b66eeebff7698bc9aaedd1dc8a4d3972b5696412f2cb489[]
    3: name:           ocmcli
       extra identity: "architecture"="arm64","os"="darwin"
       resource type:  executable
-      access:         Local blob sha256:63d4604711c55532882c8625a6214186e654558abb1b28861604ad856916c921[]
+      access:         Local blob sha256:e4939b6d6b777dc20103b8947046b842f47907c3f22b64a752f12b6ef53e4caa[]
    4: name:           ocmcli
       extra identity: "architecture"="amd64","os"="darwin"
       resource type:  executable
-      access:         Local blob sha256:09f676530a5c4782bc9d62df7c352ab0797970aa4851e1809b39b586a18eaf57[]
+      access:         Local blob sha256:fcdffe917dafcefdb3d39bf367dde7254537bb2cddb106fd746bdff2679d178a[]
    5: name:           ocmcli
       extra identity: "architecture"="amd64","os"="windows"
       resource type:  executable
-      access:         Local blob sha256:ed5a761031862f09b0851613802b9856e7a57410e52aa7a71d24a8118d0d6867[]
+      access:         Local blob sha256:e25d67c4e79205726c3d2b88add9189507fbd8a4f0c18c793486e7f97f3b7120[]
    6: name:           ocmcli-image
       extra identity: 
       resource type:  ociImage
-      access:         OCI artifact ghcr.io/open-component-model/ocm/ocm.software/ocmcli/ocmcli-image:0.13.0
+      access:         OCI artifact ghcr.io/open-component-model/ocm/ocm.software/ocmcli/ocmcli-image:0.14.0
 ```
 
 Resources have some metadata, like their identity and a resource type.

From af85d9759c0298806d76b0ca30a6c41d3e1bc6d0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Aug 2024 09:35:42 +0000
Subject: [PATCH 2/2] Bump the go group with 7 updates (#892)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps the go group with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
| `1.27.28` | `1.27.30` |
|
[github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2)
| `1.17.28` | `1.17.29` |
|
[github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2)
| `1.17.11` | `1.17.14` |
|
[github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2)
| `1.32.1` | `1.32.2` |
|
[github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2)
| `1.59.0` | `1.60.1` |
| [github.com/containers/image/v5](https://github.com/containers/image)
| `5.32.1` | `5.32.2` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.20.0`
| `2.20.1` |

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.28 to 1.27.30
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/87cea8b18abee02e2e7343827fcb88b1c80c2ba2"><code>87cea8b</code></a>
Release 2024-08-23</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/93f8d22fd394e268d7eff4bac86937a815c784d1"><code>93f8d22</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/bd44016700290f46dc6aa2ce6085f53a31794f06"><code>bd44016</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/097b04b54d639fdcff96d16870517a1d5e87569c"><code>097b04b</code></a>
Merge pull request <a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2761">#2761</a>
from aws/fix-dont-fail-test-if-credentials-set</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/c10d54316d559ac37a2e0bb7e63f3ec985a5270e"><code>c10d543</code></a>
Don't fail credentials unit tests if credentials are found on a
file</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/d1d210dd11afc2ef0efa2e980d6b6c09cac0f5cb"><code>d1d210d</code></a>
Release 2024-08-22</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/afb0408b5f2aff8e2b5e40e8f8abcfb82e989198"><code>afb0408</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/05f44921828cb1d34457ad682ece64a13cb6be85"><code>05f4492</code></a>
Update partitions file</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/600651a884fd9902b62f34bec4fbaab05438d23f"><code>600651a</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ebaae4054cb459d4988401e2f514d4e1515bef92"><code>ebaae40</code></a>
Update API model</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.28...config/v1.27.30">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.28 to
1.17.29
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/d1d210dd11afc2ef0efa2e980d6b6c09cac0f5cb"><code>d1d210d</code></a>
Release 2024-08-22</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/afb0408b5f2aff8e2b5e40e8f8abcfb82e989198"><code>afb0408</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/05f44921828cb1d34457ad682ece64a13cb6be85"><code>05f4492</code></a>
Update partitions file</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/600651a884fd9902b62f34bec4fbaab05438d23f"><code>600651a</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ebaae4054cb459d4988401e2f514d4e1515bef92"><code>ebaae40</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/38fe812f7abf976b6b1a5122c0c3bf303502cfc5"><code>38fe812</code></a>
Release 2024-08-21</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b5042114218829dd202359ca689f1cd56357852f"><code>b504211</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/02f304545f970b76f77b46543d71cb9bfcadaa3b"><code>02f3045</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/f7d2cf6ed8b48b201c35341d0b6f58cf24caa983"><code>f7d2cf6</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/4d361264c636ebc3906105bf272b9c0a72673d10"><code>4d36126</code></a>
Release 2024-08-20</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.17.28...credentials/v1.17.29">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.11
to 1.17.14
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/c964dbd88bc9424349a9225b044ec2322e07f4cb"><code>c964dbd</code></a>
Release 2024-05-15</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ce843953a9cb4c9d2dff75dd5a5c967655c4c8ef"><code>ce84395</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/8de91199530fabf1702a2cefab3cee6e065879bc"><code>8de9119</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/05fcf66f17486b8ce9b7372c19910ad68a85a730"><code>05fcf66</code></a>
internal: true up internal metrics collection for post-SRA middleware
(<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2642">#2642</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/114842762c6ffd78ebce1850e31a387992d10acf"><code>1148427</code></a>
reformat signer/v4 package doc (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2640">#2640</a>)</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b238d3fff478bcd2bbcc17bb36cb10757a09e5a9"><code>b238d3f</code></a>
Release 2024-05-14</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/85f8268a3440c70939ef041a3c44d366916a894a"><code>85f8268</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ebaee4cee8793c276e5933f09591869bed154dda"><code>ebaee4c</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/593b9667bb973de276cc9369c2e4046e3f811334"><code>593b966</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/bfb02f0947afa4f8fc15430eb4bc290e7ce55f5f"><code>bfb02f0</code></a>
Merge customizations for S3</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.17.11...credentials/v1.17.14">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.32.1 to 1.32.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/d1d210dd11afc2ef0efa2e980d6b6c09cac0f5cb"><code>d1d210d</code></a>
Release 2024-08-22</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/afb0408b5f2aff8e2b5e40e8f8abcfb82e989198"><code>afb0408</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/05f44921828cb1d34457ad682ece64a13cb6be85"><code>05f4492</code></a>
Update partitions file</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/600651a884fd9902b62f34bec4fbaab05438d23f"><code>600651a</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ebaae4054cb459d4988401e2f514d4e1515bef92"><code>ebaae40</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/38fe812f7abf976b6b1a5122c0c3bf303502cfc5"><code>38fe812</code></a>
Release 2024-08-21</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b5042114218829dd202359ca689f1cd56357852f"><code>b504211</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/02f304545f970b76f77b46543d71cb9bfcadaa3b"><code>02f3045</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/f7d2cf6ed8b48b201c35341d0b6f58cf24caa983"><code>f7d2cf6</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/4d361264c636ebc3906105bf272b9c0a72673d10"><code>4d36126</code></a>
Release 2024-08-20</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/service/emr/v1.32.1...service/ecr/v1.32.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.59.0 to 1.60.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/d1d210dd11afc2ef0efa2e980d6b6c09cac0f5cb"><code>d1d210d</code></a>
Release 2024-08-22</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/afb0408b5f2aff8e2b5e40e8f8abcfb82e989198"><code>afb0408</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/05f44921828cb1d34457ad682ece64a13cb6be85"><code>05f4492</code></a>
Update partitions file</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/600651a884fd9902b62f34bec4fbaab05438d23f"><code>600651a</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/ebaae4054cb459d4988401e2f514d4e1515bef92"><code>ebaae40</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/38fe812f7abf976b6b1a5122c0c3bf303502cfc5"><code>38fe812</code></a>
Release 2024-08-21</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/b5042114218829dd202359ca689f1cd56357852f"><code>b504211</code></a>
Regenerated Clients</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/02f304545f970b76f77b46543d71cb9bfcadaa3b"><code>02f3045</code></a>
Update endpoints model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/f7d2cf6ed8b48b201c35341d0b6f58cf24caa983"><code>f7d2cf6</code></a>
Update API model</li>
<li><a
href="https://github.com/aws/aws-sdk-go-v2/commit/4d361264c636ebc3906105bf272b9c0a72673d10"><code>4d36126</code></a>
Release 2024-08-20</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.59.0...service/s3/v1.60.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/containers/image/v5` from 5.32.1 to 5.32.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/containers/image/releases">github.com/containers/image/v5's
releases</a>.</em></p>
<blockquote>
<h2>v5.32.2</h2>
<p>This adds the ability to accept sigstore signatures signed by any key
from a set of several (<em>huge thanks</em> to <a
href="https://github.com/dcermak"><code>@​dcermak</code></a> and <a
href="https://github.com/danishprakash"><code>@​danishprakash</code></a>
for doing almost all the work), and Rekor log presence proofs signed by
any key from a set of several keys.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/containers/image/commit/0b425a43dfb2efcde567f3ac213a6038d4f4ca73"><code>0b425a4</code></a>
Release 5.32.2</li>
<li><a
href="https://github.com/containers/image/commit/2a87b21a851d435047cc20da7d124eb8837edf0d"><code>2a87b21</code></a>
Support accepting multiple Rekor public keys</li>
<li><a
href="https://github.com/containers/image/commit/95c0635e4c273c963c966173c482896cd4c37d60"><code>95c0635</code></a>
Add field <code>KeyPaths</code> and <code>KeyDatas</code> to
<code>prSigstoreSigned</code></li>
<li><a
href="https://github.com/containers/image/commit/d42de59cf66ca53257e8a6ee8e912c1a41b7689f"><code>d42de59</code></a>
Split verifySigstorePayloadBlobSignature from VerifySigstorePayload</li>
<li><a
href="https://github.com/containers/image/commit/a5ea0164e384f81fd2766e964bf4746f492d14e0"><code>a5ea016</code></a>
Use loadBytesFromConfigSources in
prSignedBy.isSignatureAuthorAccepted</li>
<li><a
href="https://github.com/containers/image/commit/03550b4d03eb697df6c26f4113818b6629ff5694"><code>03550b4</code></a>
Turn loadBytesFromDataOrPath into loadBytesFromConfigSources</li>
<li><a
href="https://github.com/containers/image/commit/c0c8d340d9e342de07041ff0f53c8a10ba7fc395"><code>c0c8d34</code></a>
Use InvalidPolicyFormatError for invalid sigstore options</li>
<li><a
href="https://github.com/containers/image/commit/4bcaca148abbcc255a7cd2f7c5cf3b9be0119cb5"><code>4bcaca1</code></a>
Merge pull request <a
href="https://redirect.github.com/containers/image/issues/2511">#2511</a>
from mtrmac/5.32-version</li>
<li><a
href="https://github.com/containers/image/commit/c94eadbdd26b6e794e49fd8793fd82c6c7687d73"><code>c94eadb</code></a>
Fix the version number</li>
<li><a
href="https://github.com/containers/image/commit/6a17c28e53b16899c886f9b0b5c700d96eefc273"><code>6a17c28</code></a>
Merge pull request <a
href="https://redirect.github.com/containers/image/issues/2508">#2508</a>
from mtrmac/5.32-zstd</li>
<li>Additional commits viewable in <a
href="https://github.com/containers/image/compare/v5.32.1...v5.32.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `github.com/onsi/ginkgo/v2` from 2.20.0 to 2.20.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/onsi/ginkgo/releases">github.com/onsi/ginkgo/v2's
releases</a>.</em></p>
<blockquote>
<h2>v2.20.1</h2>
<h2>2.20.1</h2>
<h3>Fixes</h3>
<ul>
<li>make BeSpecEvent duration matcher more forgiving [d6f9640]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md">github.com/onsi/ginkgo/v2's
changelog</a>.</em></p>
<blockquote>
<h2>2.20.1</h2>
<h3>Fixes</h3>
<ul>
<li>make BeSpecEvent duration matcher more forgiving [d6f9640]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/onsi/ginkgo/commit/4ef0afb9f28f241c352cad6ca9dae8b149e57bc4"><code>4ef0afb</code></a>
v2.20.1</li>
<li><a
href="https://github.com/onsi/ginkgo/commit/d6f96403bfb442abd624e26e92af2285dfaddd85"><code>d6f9640</code></a>
make BeSpecEvent duration matcher more forgiving</li>
<li>See full diff in <a
href="https://github.com/onsi/ginkgo/compare/v2.20.0...v2.20.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 flake.nix |  2 +-
 go.mod    | 16 ++++++++--------
 go.sum    | 32 ++++++++++++++++----------------
 3 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/flake.nix b/flake.nix
index b464edd38d..814a7be9af 100644
--- a/flake.nix
+++ b/flake.nix
@@ -34,7 +34,7 @@
             state = if (self ? rev) then "clean" else "dirty";
 
             # This vendorHash represents a dervative of all go.mod dependancies and needs to be adjusted with every change
-            vendorHash = "sha256-Kde02CTW2w3OoJS7QNfxggPV0pMLqw19ejIwWKC7zgY=";
+            vendorHash = "sha256-mrQfZ9MdDvNvmUL1GE+8j1Tcek+JwLatVbxxsD7fcvI=";
 
             src = ./.;
 
diff --git a/go.mod b/go.mod
index 0182bfcb62..2b16a99ed9 100644
--- a/go.mod
+++ b/go.mod
@@ -9,16 +9,16 @@ require (
 	github.com/InfiniteLoopSpace/go_S-MIME v0.0.0-20181221134359-3f58f9a4b2b6
 	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/aws/aws-sdk-go-v2 v1.30.4
-	github.com/aws/aws-sdk-go-v2/config v1.27.28
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.28
-	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.11
-	github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0
+	github.com/aws/aws-sdk-go-v2/config v1.27.30
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.29
+	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.14
+	github.com/aws/aws-sdk-go-v2/service/ecr v1.32.2
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.60.1
 	github.com/cloudflare/cfssl v1.6.5
 	github.com/containerd/containerd v1.7.20
 	github.com/containerd/errdefs v0.1.0
 	github.com/containerd/log v0.1.0
-	github.com/containers/image/v5 v5.32.1
+	github.com/containers/image/v5 v5.32.2
 	github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f
 	github.com/distribution/reference v0.6.0
 	github.com/docker/cli v27.1.2+incompatible
@@ -51,7 +51,7 @@ require (
 	github.com/mitchellh/copystructure v1.2.0
 	github.com/mittwald/go-helm-client v0.12.12
 	github.com/modern-go/reflect2 v1.0.2
-	github.com/onsi/ginkgo/v2 v2.20.0
+	github.com/onsi/ginkgo/v2 v2.20.1
 	github.com/onsi/gomega v1.34.1
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.0
@@ -138,7 +138,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.16 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.30.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 // indirect
 	github.com/aws/smithy-go v1.20.4 // indirect
 	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
diff --git a/go.sum b/go.sum
index 4c4c54b2d1..7f02a899e2 100644
--- a/go.sum
+++ b/go.sum
@@ -166,14 +166,14 @@ github.com/aws/aws-sdk-go-v2 v1.30.4 h1:frhcagrVNrzmT95RJImMHgabt99vkXGslubDaDag
 github.com/aws/aws-sdk-go-v2 v1.30.4/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4 h1:70PVAiL15/aBMh5LThwgXdSQorVr91L127ttckI9QQU=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4/go.mod h1:/MQxMqci8tlqDH+pjmoLu1i0tbWCUP1hhyMRuFxpQCw=
-github.com/aws/aws-sdk-go-v2/config v1.27.28 h1:OTxWGW/91C61QlneCtnD62NLb4W616/NM1jA8LhJqbg=
-github.com/aws/aws-sdk-go-v2/config v1.27.28/go.mod h1:uzVRVtJSU5EFv6Fu82AoVFKozJi2ZCY6WRCXj06rbvs=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.28 h1:m8+AHY/ND8CMHJnPoH7PJIRakWGa4gbfbxuY9TGTUXM=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.28/go.mod h1:6TF7dSc78ehD1SL6KpRIPKMA1GyyWflIkjqg+qmf4+c=
+github.com/aws/aws-sdk-go-v2/config v1.27.30 h1:AQF3/+rOgeJBQP3iI4vojlPib5X6eeOYoa/af7OxAYg=
+github.com/aws/aws-sdk-go-v2/config v1.27.30/go.mod h1:yxqvuubha9Vw8stEgNiStO+yZpP68Wm9hLmcm+R/Qk4=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.29 h1:CwGsupsXIlAFYuDVHv1nnK0wnxO0wZ/g1L8DSK/xiIw=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.29/go.mod h1:BPJ/yXV92ZVq6G8uYvbU0gSl8q94UB63nMT5ctNO38g=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12 h1:yjwoSyDZF8Jth+mUk5lSPJCkMC0lMy6FaCD51jm6ayE=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12/go.mod h1:fuR57fAgMk7ot3WcNQfb6rSEn+SUffl7ri+aa8uKysI=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.11 h1:FEDZD/Axt5tKSkPAs967KZ++MkvYdBqr0a+cetRbjLM=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.11/go.mod h1:dvlsbA32KfvCzqwTiX7maABgFek2RyUuYEJ3kyn/PmQ=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.14 h1:dQa4KkoEVgk3oLL9IeoW9qrXijyQ6lWa+DX6Vn32Lhw=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.14/go.mod h1:aRKW0B+zH8J6cz3FFiQ9JbUQc7UroLx6lwfvNqIsPOs=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.43/go.mod h1:auo+PiyLl0n1l8A0e8RIeR8tOzYPfZZH/JNlrJ8igTQ=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16 h1:TNyt/+X43KJ9IJJMjKfa3bNTiZbUP7DeCxfbTROESwY=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16/go.mod h1:2DwJF39FlNAUiX5pAc0UNeiz16lK2t7IaFcm0LFHEgc=
@@ -184,8 +184,8 @@ github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvK
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.16 h1:mimdLQkIX1zr8GIPY1ZtALdBQGxcASiBd2MOp8m/dMc=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.16/go.mod h1:YHk6owoSwrIsok+cAH9PENCOGoH5PU2EllX4vLtSrsY=
-github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1 h1:PxM8EHsv1sd9eWGamMQCvqBEjxytK5kAwjrxlfG3tac=
-github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1/go.mod h1:kdk+WJbHcGVbIlRQfSrKyuKkbWDdD8I9NScyS5vZ8eQ=
+github.com/aws/aws-sdk-go-v2/service/ecr v1.32.2 h1:2RjzMZp/8PXJUMqiKkDSp7RVj6inF5DpVel35THjV+I=
+github.com/aws/aws-sdk-go-v2/service/ecr v1.32.2/go.mod h1:kdk+WJbHcGVbIlRQfSrKyuKkbWDdD8I9NScyS5vZ8eQ=
 github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.18.2 h1:PpbXaecV3sLAS6rjQiaKw4/jyq3Z8gNzmoJupHAoBp0=
 github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.18.2/go.mod h1:fUHpGXr4DrXkEDpGAjClPsviWf+Bszeb0daKE0blxv8=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 h1:KypMCbLPPHEmf9DgMGw51jMj77VfGPAN2Kv4cfhlfgI=
@@ -198,14 +198,14 @@ github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.16 h1:jg16PhLPUiHIj
 github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.16/go.mod h1:Uyk1zE1VVdsHSU7096h/rwnXDzOzYQVl+FNPhPw7ShY=
 github.com/aws/aws-sdk-go-v2/service/kms v1.35.3 h1:UPTdlTOwWUX49fVi7cymEN6hDqCwe3LNv1vi7TXUutk=
 github.com/aws/aws-sdk-go-v2/service/kms v1.35.3/go.mod h1:gjDP16zn+WWalyaUqwCCioQ8gU8lzttCCc9jYsiQI/8=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0 h1:Cso4Ev/XauMVsbwdhYEoxg8rxZWw43CFqqaPB5w3W2c=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0/go.mod h1:BSPI0EfnYUuNHPS0uqIo5VrRwzie+Fp+YhQOUs16sKI=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.60.1 h1:mx2ucgtv+MWzJesJY9Ig/8AFHgoE5FwLXwUVgW/FGdI=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.60.1/go.mod h1:BSPI0EfnYUuNHPS0uqIo5VrRwzie+Fp+YhQOUs16sKI=
 github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 h1:zCsFCKvbj25i7p1u94imVoO447I/sFv8qq+lGJhRN0c=
 github.com/aws/aws-sdk-go-v2/service/sso v1.22.5/go.mod h1:ZeDX1SnKsVlejeuz41GiajjZpRSWR7/42q/EyA/QEiM=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 h1:SKvPgvdvmiTWoi0GAJ7AsJfOz3ngVkD/ERbs5pUnHNI=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5/go.mod h1:20sz31hv/WsPa3HhU3hfrIet2kxM4Pe0r20eBZ20Tac=
-github.com/aws/aws-sdk-go-v2/service/sts v1.30.4 h1:iAckBT2OeEK/kBDyN/jDtpEExhjeeA/Im2q4X0rJZT8=
-github.com/aws/aws-sdk-go-v2/service/sts v1.30.4/go.mod h1:vmSqFK+BVIwVpDAGZB3CoCXHzurt4qBE8lf+I/kRTh0=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 h1:OMsEmCyz2i89XwRwPouAJvhj81wINh+4UK+k/0Yo/q8=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.5/go.mod h1:vmSqFK+BVIwVpDAGZB3CoCXHzurt4qBE8lf+I/kRTh0=
 github.com/aws/smithy-go v1.15.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
 github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4=
 github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
@@ -292,8 +292,8 @@ github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpS
 github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
 github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU=
 github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk=
-github.com/containers/image/v5 v5.32.1 h1:fVa7GxRC4BCPGsfSRs4JY12WyeY26SUYQ0NuANaCFrI=
-github.com/containers/image/v5 v5.32.1/go.mod h1:v1l73VeMugfj/QtKI+jhYbwnwFCFnNGckvbST3rQ5Hk=
+github.com/containers/image/v5 v5.32.2 h1:SzNE2Y6sf9b1GJoC8qjCuMBXwQrACFp4p0RK15+4gmQ=
+github.com/containers/image/v5 v5.32.2/go.mod h1:v1l73VeMugfj/QtKI+jhYbwnwFCFnNGckvbST3rQ5Hk=
 github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA=
 github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY=
 github.com/containers/ocicrypt v1.2.0 h1:X14EgRK3xNFvJEfI5O4Qn4T3E25ANudSOZz/sirVuPM=
@@ -798,8 +798,8 @@ github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vv
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
 github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c=
-github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw=
-github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI=
+github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo=
+github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=