dependabot[bot] opened a new pull request, #28568: URL: https://github.com/apache/flink/pull/28568
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) to 3.2.1 and updates ancestor dependency [@angular/cli](https://github.com/angular/angular-cli). These dependencies need to be updated together. Updates `@sigstore/core` from 2.0.0 to 3.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/sigstore-js/releases">@sigstore/core's releases</a>.</em></p> <blockquote> <h2><code>@sigstore/core</code><a href="https://github.com/3"><code>@3</code></a>.2.1</h2> <h3>Patch Changes</h3> <ul> <li>b5aa4f1: Apply UTF-8 encoding to payload type during PAE calculation</li> </ul> <h2><code>@sigstore/core</code><a href="https://github.com/3"><code>@3</code></a>.2.0</h2> <h3>Minor Changes</h3> <ul> <li>8f736ef: Update the <code>createPublicKey</code> function to support base64-encoded keys</li> </ul> <h2><code>@sigstore/core</code><a href="https://github.com/3"><code>@3</code></a>.0.0</h2> <h3>Major Changes</h3> <ul> <li>383e200: Drop support for node 18</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/sigstore-js/commit/c1dc7d4778a450787fc72b083f2490ad02b714c6"><code>c1dc7d4</code></a> Version Packages (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1607">#1607</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/f074710a91ea9260a9ac2142345634579843a3cd"><code>f074710</code></a> reject integratedTime w/o inclusionPromise (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1659">#1659</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/7845532f9d17f6f765363dbee82b01bd159fb52b"><code>7845532</code></a> OID certificate extension verification (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1658">#1658</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/b5aa4f1f8d2db0a9dfa6430fb114d9c2f1c304f7"><code>b5aa4f1</code></a> proper utf-8 encoding in DSSE PAE (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1657">#1657</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/c7a34e0e9514f4573f8daf980c0987a4120a7183"><code>c7a34e0</code></a> clarify cert ID matching (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1656">#1656</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/9858bd7fc535ff01755c8dd5842ef7171b0fafeb"><code>9858bd7</code></a> Upgrade TypeScript to 6.x (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1655">#1655</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/8cef20d0069abd3ff03f2afb9ca320a76ddf6d4b"><code>8cef20d</code></a> bump qs from 6.15.1 to 6.15.2 (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1654">#1654</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/aca341b56aa561af4d74ad07fda4acd12c417beb"><code>aca341b</code></a> bump <code>@sigstore/mock</code> deps (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1653">#1653</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/0855acac119ae9f9dc21413356ce36eade2a51f8"><code>0855aca</code></a> Pin all <code>@swc/core</code> platform binaries as optionalDependencies (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1652">#1652</a>)</li> <li><a href="https://github.com/sigstore/sigstore-js/commit/44a374d63107b25d11f880a8427e2e27d45965d8"><code>44a374d</code></a> Pin all <code>@swc/core</code> platform binaries as optionalDependencies (<a href="https://redirect.github.com/sigstore/sigstore-js/issues/1650">#1650</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/sigstore-js/compare/@sigstore/[email protected]...@sigstore/[email protected]">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for <code>@sigstore/core</code> since your current version.</p> </details> <br /> Updates `@angular/cli` from 20.1.3 to 20.3.30 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/angular/angular-cli/releases">@angular/cli's releases</a>.</em></p> <blockquote> <h2>20.3.30</h2> <h3><code>@angular/build</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/36adca99ce72d59e5909709f53e239b1e79d703e"><img src="https://img.shields.io/badge/36adca99c-fix-green" alt="fix - 36adca99c" /></a></td> <td>bump <code>@babel/core</code> to 7.29.7</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/7f236cfea9023a77c6ccaf1648f388678017ce1e"><img src="https://img.shields.io/badge/7f236cfea-fix-green" alt="fix - 7f236cfea" /></a></td> <td>bump esbuild to 0.28.1</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/94fb3c122a14a3a8540a24e22f2f8ff87d130cb5"><img src="https://img.shields.io/badge/94fb3c122-fix-green" alt="fix - 94fb3c122" /></a></td> <td>bump piscina to 5.2.0</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/1f283a41c921b194c67c5bca05d4b5cff1d91857"><img src="https://img.shields.io/badge/1f283a41c-fix-green" alt="fix - 1f283a41c" /></a></td> <td>bump vite to 7.3.5</td> </tr> </tbody> </table> <h2>20.3.29</h2> <h3><code>@angular/cli</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/5f7c0328c3fe1a003ade44861d9aac98f485f014"><img src="https://img.shields.io/badge/5f7c0328c-fix-green" alt="fix - 5f7c0328c" /></a></td> <td>update pacote to 21.5.1</td> </tr> </tbody> </table> <h3><code>@angular/ssr</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/a75d78e681b10436971d8071450b8cfd93b2d72a"><img src="https://img.shields.io/badge/a75d78e68-fix-green" alt="fix - a75d78e68" /></a></td> <td>prioritize options over environment variables in AngularNodeAppEngine</td> </tr> </tbody> </table> <h2>20.3.28</h2> <h3><code>@angular/cli</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/e3d5646679215d9b73a72e04d87aa7848f2c01d2"><img src="https://img.shields.io/badge/e3d564667-fix-green" alt="fix - e3d564667" /></a></td> <td>fallback to deprecated versions when resolving ranges if no non-deprecated version is found</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/f12e17025a262f9432afd58971c47aec7dbfab25"><img src="https://img.shields.io/badge/f12e17025-fix-green" alt="fix - f12e17025" /></a></td> <td>remove forceAuth and unscoped credential parsing</td> </tr> </tbody> </table> <h2>20.3.27</h2> <h3><code>@angular/ssr</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/07c6c96baf2901f44322beb70b77c32dc0824e45"><img src="https://img.shields.io/badge/07c6c96ba-fix-green" alt="fix - 07c6c96ba" /></a></td> <td>add support for configuring trusted proxy headers via environment variable</td> </tr> </tbody> </table> <h2>20.3.26</h2> <h3><code>@angular/ssr</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/7cc1871ee50d123853ddf6bd89857b354d647462"><img src="https://img.shields.io/badge/7cc1871ee-fix-green" alt="fix - 7cc1871ee" /></a></td> <td>allow all hosts in common engine rendering options to prevent validation errors</td> </tr> </tbody> </table> <h2>20.3.25</h2> <h3><code>@angular-devkit/build-angular</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/5e01ef40eb87deda79d18654fc696b64d18bf889"><img src="https://img.shields.io/badge/5e01ef40e-fix-green" alt="fix - 5e01ef40e" /></a></td> <td>upgrade postcss to 8.5.12</td> </tr> </tbody> </table> <h3><code>@angular/ssr</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/6686848d946ca157f9b92b84db377e912266395e"><img src="https://img.shields.io/badge/6686848d9-fix-green" alt="fix - 6686848d9" /></a></td> <td>introduce trustProxyHeaders option to safely validate and sanitize proxy headers</td> </tr> </tbody> </table> <h2>20.3.24</h2> <h3><code>@angular/build</code></h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/angular/angular-cli/blob/main/CHANGELOG.md">@angular/cli's changelog</a>.</em></p> <blockquote> <h1>20.3.30 (2026-06-24)</h1> <h3><code>@angular/build</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Type</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/36adca99ce72d59e5909709f53e239b1e79d703e">36adca99c</a></td> <td>fix</td> <td>bump <code>@babel/core</code> to 7.29.7</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/7f236cfea9023a77c6ccaf1648f388678017ce1e">7f236cfea</a></td> <td>fix</td> <td>bump esbuild to 0.28.1</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/94fb3c122a14a3a8540a24e22f2f8ff87d130cb5">94fb3c122</a></td> <td>fix</td> <td>bump piscina to 5.2.0</td> </tr> <tr> <td><a href="https://github.com/angular/angular-cli/commit/1f283a41c921b194c67c5bca05d4b5cff1d91857">1f283a41c</a></td> <td>fix</td> <td>bump vite to 7.3.5</td> </tr> </tbody> </table> <!-- raw HTML omitted --> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h1>22.0.3 (2026-06-18)</h1> <h3><code>@schematics/angular</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Type</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/0eddea898d3bf4da8c9c5c27ec2ee79916e8be87">0eddea898</a></td> <td>fix</td> <td>remove default workspace vscode mcp.json configuration</td> </tr> </tbody> </table> <!-- raw HTML omitted --> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h1>21.2.16 (2026-06-17)</h1> <h3><code>@angular/cli</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Type</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/77c9047acdf4b69ec6dd399af2dff7278e8014c7">77c9047ac</a></td> <td>fix</td> <td>update pacote to 21.5.1</td> </tr> </tbody> </table> <h3><code>@angular/ssr</code></h3> <table> <thead> <tr> <th>Commit</th> <th>Type</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/angular/angular-cli/commit/d052e97dafe2e85fbc072fd11025c803ebb80ef1">d052e97da</a></td> <td>fix</td> <td>prioritize options over environment variables in AngularNodeAppEngine</td> </tr> </tbody> </table> <!-- raw HTML omitted --> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h1>20.3.29 (2026-06-17)</h1> <h3><code>@angular/cli</code></h3> <p>| Commit | Type | Description |</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/angular/angular-cli/commit/41d34b5325ddbab53549c52c669a9cd335d88b4e"><code>41d34b5</code></a> release: cut the v20.3.30 release</li> <li><a href="https://github.com/angular/angular-cli/commit/94fb3c122a14a3a8540a24e22f2f8ff87d130cb5"><code>94fb3c1</code></a> fix(<code>@angular/build</code>): bump piscina to 5.2.0</li> <li><a href="https://github.com/angular/angular-cli/commit/36adca99ce72d59e5909709f53e239b1e79d703e"><code>36adca9</code></a> fix(<code>@angular/build</code>): bump <code>@babel/core</code> to 7.29.7</li> <li><a href="https://github.com/angular/angular-cli/commit/7f236cfea9023a77c6ccaf1648f388678017ce1e"><code>7f236cf</code></a> fix(<code>@angular/build</code>): bump esbuild to 0.28.1</li> <li><a href="https://github.com/angular/angular-cli/commit/1f283a41c921b194c67c5bca05d4b5cff1d91857"><code>1f283a4</code></a> fix(<code>@angular/build</code>): bump vite to 7.3.5</li> <li><a href="https://github.com/angular/angular-cli/commit/a19c3a76c387bc42d0196a6b8568d4f077222be1"><code>a19c3a7</code></a> release: cut the v20.3.29 release</li> <li><a href="https://github.com/angular/angular-cli/commit/b89b772db877c7f4ef68f7e938288c2c88913748"><code>b89b772</code></a> build: update dependency webpack-dev-server to 5.2.5</li> <li><a href="https://github.com/angular/angular-cli/commit/5f7c0328c3fe1a003ade44861d9aac98f485f014"><code>5f7c032</code></a> fix(<code>@angular/cli</code>): update pacote to 21.5.1</li> <li><a href="https://github.com/angular/angular-cli/commit/a75d78e681b10436971d8071450b8cfd93b2d72a"><code>a75d78e</code></a> fix(<code>@angular/ssr</code>): prioritize options over environment variables in AngularNo...</li> <li><a href="https://github.com/angular/angular-cli/commit/9eba41c3289f715e2fc3a11660a4ef500d1257d8"><code>9eba41c</code></a> release: cut the v20.3.28 release</li> <li>Additional commits viewable in <a href="https://github.com/angular/angular-cli/compare/20.1.3...v20.3.30">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/flink/network/alerts). </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
