build(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.10.0

[dependabot]

Bumps github.com/in-toto/in-toto-golang from 0.9.0 to 0.10.0.

Release notes

Sourced from github.com/in-toto/in-toto-golang's releases.

v0.10.0

What's Changed

• chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @​dependabot[bot] in in-toto/in-toto-golang#232
• Update maintainers and governance by @​adityasaky in in-toto/in-toto-golang#233
• chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @​dependabot[bot] in in-toto/in-toto-golang#234
• chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.3 to 2.1.5 by @​dependabot[bot] in in-toto/in-toto-golang#235
• chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @​dependabot[bot] in in-toto/in-toto-golang#236
• Fix expired signature in test by @​adityasaky in in-toto/in-toto-golang#241
• chore(deps): bump golang.org/x/sys from 0.8.0 to 0.9.0 by @​dependabot[bot] in in-toto/in-toto-golang#240
• chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.6 by @​dependabot[bot] in in-toto/in-toto-golang#239
• chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @​dependabot[bot] in in-toto/in-toto-golang#242
• chore(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @​dependabot[bot] in in-toto/in-toto-golang#243
• Update GitHub Actions workflows by @​adityasaky in in-toto/in-toto-golang#246
• chore(deps): bump golang.org/x/sys from 0.9.0 to 0.10.0 by @​dependabot[bot] in in-toto/in-toto-golang#245
• remove linters that are no longer supported and add to make file by @​pxp928 in in-toto/in-toto-golang#249
• Add match products feature by @​adityasaky in in-toto/in-toto-golang#237
• Remove unfinished link on record stop by @​PradyumnaKrishna in in-toto/in-toto-golang#248
• chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.2 by @​dependabot[bot] in in-toto/in-toto-golang#250
• chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 by @​dependabot[bot] in in-toto/in-toto-golang#251
• chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 by @​dependabot[bot] in in-toto/in-toto-golang#255
• Add tests for coverage in envelope.go by @​adityasaky in in-toto/in-toto-golang#256
• chore(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 by @​dependabot[bot] in in-toto/in-toto-golang#257
• chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @​dependabot[bot] in in-toto/in-toto-golang#258
• chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot[bot] in in-toto/in-toto-golang#259
• Fixes filepath pattern matching in windows by @​PradyumnaKrishna in in-toto/in-toto-golang#254
• chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot[bot] in in-toto/in-toto-golang#261
• chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot[bot] in in-toto/in-toto-golang#262
• chore(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 by @​dependabot[bot] in in-toto/in-toto-golang#263
• chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by @​dependabot[bot] in in-toto/in-toto-golang#264
• chore(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by @​dependabot[bot] in in-toto/in-toto-golang#266
• Deprecate Provenance v1 struct in favor of /attestation protobufs by @​marcelamelara in in-toto/in-toto-golang#267
• chore(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2 by @​dependabot[bot] in in-toto/in-toto-golang#269
• chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot[bot] in in-toto/in-toto-golang#270
• Drop use of any for hash objects by @​adityasaky in in-toto/in-toto-golang#238
• chore(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 by @​dependabot[bot] in in-toto/in-toto-golang#271
• chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @​dependabot[bot] in in-toto/in-toto-golang#273
• chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @​dependabot[bot] in in-toto/in-toto-golang#272
• chore(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 by @​dependabot[bot] in in-toto/in-toto-golang#274
• chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @​dependabot[bot] in in-toto/in-toto-golang#275
• chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot[bot] in in-toto/in-toto-golang#276
• Trigger workflow on pushes only to master branch by @​adityasaky in in-toto/in-toto-golang#280
• chore(deps): bump golang.org/x/sys from 0.13.0 to 0.14.0 by @​dependabot[bot] in in-toto/in-toto-golang#278
• chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @​dependabot[bot] in in-toto/in-toto-golang#277
• add openssf scorecard by @​viveksahu26 in in-toto/in-toto-golang#281
• chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @​dependabot[bot] in in-toto/in-toto-golang#282
• Fix coveralls, use action by @​adityasaky in in-toto/in-toto-golang#285
• Secure System Lab Sign/Verify by @​Forrin in in-toto/in-toto-golang#279
• chore(deps): bump golang.org/x/sys from 0.14.0 to 0.15.0 by @​dependabot[bot] in in-toto/in-toto-golang#287
• chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @​dependabot[bot] in in-toto/in-toto-golang#289
• chore(deps): bump google.golang.org/grpc from 1.59.0 to 1.60.0 by @​dependabot[bot] in in-toto/in-toto-golang#290

... (truncated)

Commits

• db554e2 Merge pull request #450 from in-toto/dependabot/go_modules/all-e2678a00b5
• b2ea0f2 chore(deps): bump golang.org/x/sys in the all group
• acc2f33 Merge pull request #448 from in-toto/dependabot/go_modules/github.com/secure-...
• 313b1d6 Merge pull request #449 from in-toto/dependabot/github_actions/all-2ed24f8e11
• d9a60af chore(deps): bump github.com/secure-systems-lab/go-securesystemslib
• e7783d5 chore(deps): bump the all group with 3 updates
• 7a1798a Merge pull request #447 from in-toto/fix-ci
• b6af1a7 Modernize CI and automation
• ad67645 Merge pull request #446 from in-toto/dependabot/go_modules/google.golang.org/...
• b63fd33 chore(deps): bump google.golang.org/grpc from 1.74.2 to 1.78.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)