chore: bump github.com/in-toto/go-witness from 0.2.3 to 0.3.1

[dependabot]

Bumps github.com/in-toto/go-witness from 0.2.3 to 0.3.1.

Release notes

Sourced from github.com/in-toto/go-witness's releases.

v0.3.1

What's Changed

• Add Tom as an official maintainer by @​jkjell in in-toto/go-witness#156
• chore: bump testifysec/witness-run-action from 0.1.3 to 0.1.5 by @​dependabot in in-toto/go-witness#166
• chore: bump actions/dependency-review-action from 4.0.0 to 4.1.1 by @​dependabot in in-toto/go-witness#165
• chore: bump fossas/fossa-action from 1.3.1 to 1.3.3 by @​dependabot in in-toto/go-witness#164
• chore: bump actions/download-artifact from 4.1.1 to 4.1.2 by @​dependabot in in-toto/go-witness#163
• chore: bump github.com/aws/aws-sdk-go-v2/service/kms from 1.20.4 to 1.20.12 by @​dependabot in in-toto/go-witness#157
• chore: bump cloud.google.com/go/kms from 1.15.2 to 1.15.7 by @​dependabot in in-toto/go-witness#158
• chore: bump github.com/aws/aws-sdk-go-v2/config from 1.18.14 to 1.18.45 by @​dependabot in in-toto/go-witness#160
• chore: bump k8s.io/apimachinery from 0.26.13 to 0.26.14 by @​dependabot in in-toto/go-witness#161
• chore: bump github/codeql-action from 3.24.0 to 3.24.3 by @​dependabot in in-toto/go-witness#162
• chore: bump github/codeql-action from 3.24.3 to 3.24.5 by @​dependabot in in-toto/go-witness#169
• chore: bump actions/dependency-review-action from 4.1.1 to 4.1.3 by @​dependabot in in-toto/go-witness#170
• chore: bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @​dependabot in in-toto/go-witness#171
• fix: reset verifier each iteration while loading pub keys from policy by @​mikhailswift in in-toto/go-witness#173
• #168 support all fulcio cert extensions by @​jkjell in in-toto/go-witness#174

Full Changelog: in-toto/go-witness@v0.3.0...v0.3.1

v0.3.0

What's Changed

• Improved the search to be concurrent by @​naveensrinivasan in in-toto/go-witness#62
• Adding policy intermediates option to verify function by @​ChaosInTheCRD in in-toto/go-witness#138
• refactor: move gitoid code to cyrptoutil, use digestvalue everywhere by @​mikhailswift in in-toto/go-witness#139
• chore: bump actions/upload-artifact from 4.2.0 to 4.3.0 by @​dependabot in in-toto/go-witness#142
• chore: bump github/codeql-action from 3.23.1 to 3.23.2 by @​dependabot in in-toto/go-witness#143
• Adding job to auto cut releases by @​ChaosInTheCRD in in-toto/go-witness#141
• fixing error in github actions workflow by @​ChaosInTheCRD in in-toto/go-witness#147
• RunAttestors refactor by @​ChaosInTheCRD in in-toto/go-witness#131
• Adding workaround due to failing workflows by @​ChaosInTheCRD in in-toto/go-witness#145
• Checking policy signature against cert constraints by @​ChaosInTheCRD in in-toto/go-witness#144
• [StepSecurity] ci: Harden GitHub Actions by @​step-security-bot in in-toto/go-witness#148
• chore: bump github/codeql-action from 3.23.2 to 3.24.0 by @​dependabot in in-toto/go-witness#150
• chore: bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in in-toto/go-witness#155
• chore: bump actions/upload-artifact from 4.3.0 to 4.3.1 by @​dependabot in in-toto/go-witness#154
• chore: bump step-security/harden-runner from 2.6.1 to 2.7.0 by @​dependabot in in-toto/go-witness#152
• chore: bump actions/checkout from 3.6.0 to 4.1.1 by @​dependabot in in-toto/go-witness#151
• fix: vault warnings are an array, not a string by @​mikhailswift in in-toto/go-witness#153
• KMS Support by @​ChaosInTheCRD in in-toto/go-witness#120

Full Changelog: in-toto/go-witness@v0.2.2...v0.3.0

Commits

• 2604d61 168 support all fulcio cert extensions (#174)
• b6f3a56 fix: reset verifier each iteration while loading pub keys from policy (#173)
• 0d420e0 chore: bump google.golang.org/grpc from 1.61.0 to 1.61.1 (#171)
• a7362f4 chore: bump actions/dependency-review-action from 4.1.1 to 4.1.3 (#170)
• f0456d7 chore: bump github/codeql-action from 3.24.3 to 3.24.5 (#169)
• 9835718 chore: bump github/codeql-action from 3.24.0 to 3.24.3 (#162)
• ac08584 chore: bump k8s.io/apimachinery from 0.26.13 to 0.26.14 (#161)
• c260796 chore: bump github.com/aws/aws-sdk-go-v2/config from 1.18.14 to 1.18.45 (#160)
• 7dbbdbd chore: bump cloud.google.com/go/kms from 1.15.2 to 1.15.7 (#158)
• 8278d00 chore: bump github.com/aws/aws-sdk-go-v2/service/kms from 1.20.4 to 1.20.12 (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)