Skip to content

build(deps): bump @sigstore/tuf from 4.0.2 to 5.0.0#1160

Merged
crazy-max merged 1 commit into
mainfrom
dependabot/npm_and_yarn/sigstore/tuf-5.0.0
Jun 29, 2026
Merged

build(deps): bump @sigstore/tuf from 4.0.2 to 5.0.0#1160
crazy-max merged 1 commit into
mainfrom
dependabot/npm_and_yarn/sigstore/tuf-5.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor

Bumps @sigstore/tuf from 4.0.2 to 5.0.0.

Release notes

Sourced from @​sigstore/tuf's releases.

@​sigstore/tuf@​5.0.0

Major Changes

  • 46c00b3: Drop support for Node 20

Patch Changes

  • 7db2666: Update TUF seed files
  • 74eda7a: Bump tuf-js from 4.x to 5.0.1
  • 46c00b3: Bump tuf-js from 5.0.1 to 6.0.0
Commits

Bumps [@sigstore/tuf](https://github.com/sigstore/sigstore-js) from 4.0.2 to 5.0.0.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/tuf@4.0.2...@sigstore/tuf@5.0.0)

---
updated-dependencies:
- dependency-name: "@sigstore/tuf"
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/sigstore/tuf-5.0.0 branch from 82efa8b to 4560db4 Compare June 29, 2026 10:03
@crazy-max crazy-max merged commit 320a052 into main Jun 29, 2026
116 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/sigstore/tuf-5.0.0 branch June 29, 2026 13:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant