Bump github.com/google/certificate-transparency-go from 1.1.2 to 1.1.3

[dependabot]

Bumps github.com/google/certificate-transparency-go from 1.1.2 to 1.1.3.

Release notes

Sourced from github.com/google/certificate-transparency-go's releases.

v1.1.3

New features

• #867: Add package for (un)marshalling the loglist3 schema
• #927: Add readonly logs mode to CTFE configuration
• Add experimental (not exported from the Go module) implementation of CT witness. Running witnesses by multiple independent organisations allows detecting and preventing split-view attacks.

Improvements / bug fixes

• #852: migrillian: Return error if context was canceled
• #896: jsonclient: retry POSTs after getting HTTP 429
• #901: ctclient: Use Cobra library for command-line tools
• #920: Set is_master metric to 0 for when starting up
• #928: Do not print context canceled errors

Slightly breaking changes

• #881: Terminate hammer early if the context is cancelled
• #903, #921: Move PEMCertPool from CTFE package to x509util

Dependency updates

• Switch Merkle tree code to use github.com/transparency-dev/merkle@v0.0.1 [cobra prints usage on errors #874, ..., #924]
• Trillian: v1.4.0 -> v1.4.1 #924
• Replace juju/ratelimit with x/time/rate #800
• protoc: v3.12.4 -> v3.20.1 #923
• github.com/fullstorydev/grpcurl: 1.8.2->1.8.6 [make COSIGN_REPOSITORY use explicit again #860, #891]
• github.com/google/go-cmp: 0.5.6->0.5.8 [Bump github.com/go-piv/piv-go from 1.8.0 to 1.9.0 #879, #917]
• github.com/mattn/go-sqlite3: 1.14.8->1.14.10 #873
• github.com/rs/cors: 1.8.0->1.8.2 #872
• go.etcd.io/etcd/v3: 3.5.0->3.5.4 [conversation starter on what we want standard flags to look like inside of cosign #859, #887, #913]
• google.golang.org/grpc: v1.40.0 -> v1.46.0 #914

Full Changelog: google/certificate-transparency-go@v1.1.2...v1.1.3

Changelog

Sourced from github.com/google/certificate-transparency-go's changelog.

CERTIFICATE-TRANSPARENCY-GO Changelog

HEAD

Integration

• Breaking change to API for integration.HammerCTLog:
  • Added ctx as first argument, and terminate loop if it becomes cancelled

JSONClient

• PostAndParseWithRetry now does backoff-and-retry upon receiving HTTP 429.

Cleanup

• WithBalancerName is deprecated and removed, using the recommended way
• ctfe.PEMCertPool type has been moved to x509util.PEMCertPool to reduce dependencies (#903).

Misc

• update google.golang.org/grpc to v1.46.0
• ctclient tool now uses Cobra for better CLI experience (#901).
• #800: Remove dependency from ratelimit.
• #927: Add read-only mode to CTFE config.

Commits

• 5162ff6 Update to the latest released Trillian and Merkle (#924)
• 810a97f ctfe: Add readonly mode (#927)
• cacf311 Do not print context canceled errors. (#928)
• 81944ab ctclient fails if any unexpected arguments are found (#926)
• 6cdb42a Update protoc to v3.20.1 (#923)
• 88227ce x509util: Break dependency from ctfe (#921)
• ae7d4b7 Set is_master metric to 0 for when starting up. (#920)
• 242386d Update dependency on Trillian (#919)
• 357507b Update dependency on merkle (#918)
• a1d2ce3 Bump github.com/google/go-cmp from 0.5.7 to 0.5.8 (#917)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cpanato]

@dependabot rebase

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.