v0.14.0

Thanks to all contributors!

What's Changed

• Bump the gomod group across 1 directory with 5 updates by @dependabot[bot] in #665
• Bump github.com/coreos/go-oidc/v3 from 3.12.0 to 3.13.0 by @dependabot[bot] in #652
• Bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 by @dependabot[bot] in #667
• Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 by @dependabot[bot] in #669
• Bump golangci/golangci-lint-action from 6.5.2 to 7.0.0 by @dependabot[bot] in #662
• Bump github.com/go-git/go-git/v5 from 5.14.0 to 5.16.0 by @dependabot[bot] in #668
• Bump the actions group with 2 updates by @dependabot[bot] in #670
• Bump github.com/sigstore/fulcio from 1.6.6 to 1.7.0 by @dependabot[bot] in #666
• Bump the gomod group across 1 directory with 2 updates by @dependabot[bot] in #672
• Bump actions/attest-build-provenance from 2.2.3 to 2.3.0 in the actions group by @dependabot[bot] in #673
• Bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 by @dependabot[bot] in #674
• Bump actions/setup-go from 5.4.0 to 5.5.0 in the actions group by @dependabot[bot] in #678
• Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 by @dependabot[bot] in #677
• Bump golang.org/x/crypto from 0.37.0 to 0.38.0 by @dependabot[bot] in #676
• Bump anchore/sbom-action from 0.19.0 to 0.20.0 in the actions group by @dependabot[bot] in #680
• Bump github.com/sigstore/protobuf-specs from 0.4.1 to 0.4.2 in the gomod group by @dependabot[bot] in #679
• Bump golang.org/x/crypto from 0.38.0 to 0.39.0 by @dependabot[bot] in #682
• Bump github.com/go-git/go-git/v5 from 5.16.0 to 5.16.2 in the gomod group by @dependabot[bot] in #681
• Bump the actions group with 2 updates by @dependabot[bot] in #683
• Bump the gomod group with 3 updates by @dependabot[bot] in #684
• update cosign to v2.5.2 by @k4leung4 in #685
• Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 in the actions group by @dependabot[bot] in #686
• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in the go_modules group by @dependabot[bot] in #688
• Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 in the actions group by @dependabot[bot] in #689
• Bump anchore/sbom-action from 0.20.1 to 0.20.2 in the actions group by @dependabot[bot] in #690
• Bump golang.org/x/crypto from 0.39.0 to 0.40.0 by @dependabot[bot] in #692
• Bump github.com/sigstore/protobuf-specs from 0.4.3 to 0.5.0 by @dependabot[bot] in #691
• Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 in the actions group by @dependabot[bot] in #694
• Bump the gomod group with 2 updates by @dependabot[bot] in #695
• Bump anchore/sbom-action from 0.20.2 to 0.20.4 in the actions group by @dependabot[bot] in #696
• Bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.15.0 by @dependabot[bot] in #697
• Bump github.com/sigstore/rekor from 1.3.10 to 1.4.0 by @dependabot[bot] in #698
• Bump github.com/secure-systems-lab/go-securesystemslib from 0.9.0 to 0.9.1 in the gomod group by @dependabot[bot] in #699
• Bump golang.org/x/crypto from 0.40.0 to 0.41.0 by @dependabot[bot] in #702
• Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 in the gomod group by @dependabot[bot] in #701
• Bump the actions group with 2 updates by @dependabot[bot] in #700
• Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #704
• Bump the actions group with 2 updates by @dependabot[bot] in #703
• Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in the go_modules group by @dependabot[bot] in #705
• Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 in the gomod group by @dependabot[bot] in #706
• Bump github.com/coreos/go-systemd/v22 from 22.5.0 to 22.6.0 by @dependabot[bot] in #707
• Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in #713
• Bump golang.org/x/oauth2 from 0.30.0 to 0.31.0 by @dependabot[bot] in #711
• Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #709
• Bump the actions group across 1 directory with 2 updates by @dependabot[bot] in #717
• Fix e2e ci by @puerco in #738
• Update gitsign to latest versions of sigstore tooling by @adityasaky in #733
• Bump github.com/sigstore/cosign/v3 from 3.0.3 to 3.0.4 by @dependabot[bot] in #739
• Bump the actions group across 1 directory with 3 updates by @dependabot[bot] in #732
• Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by @dependabot[bot] in #708
• Bump github.com/sigstore/fulcio from 1.7.1 to 1.8.5 by @dependabot[bot] in #735
• ci clean and general updates by @cpanato in #740
• Expose predicate builder by @puerco in #737
• Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.4.1 by @dependabot[bot] in #755
• Bump golangci/golangci-lint-action from 8.0.0 to 9.2.0 by @dependabot[bot] in #742
• Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.10.0 by @dependabot[bot] in #753
• Bump actions/checkout from 5.0.0 to 6.0.2 by @dependabot[bot] in #754
• Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 by @dependabot[bot] in #750
• Bump golang.org/x/crypto from 0.46.0 to 0.47.0 by @dependabot[bot] in #746
• Bump actions/cache from 4.2.4 to 5.0.2 by @dependabot[bot] in #744
• (fix): gosec, staticcheck, errcheck fixes by @sampras343 in #724
• Redirect browser stdout/err to TTY out. by @wlynch in #757

New Contributors

• @puerco made their first contribution in #738
• @sampras343 made their first contribution in #724

Full Changelog: v0.13.0...v0.14.0