chore(deps): update module github.com/sigstore/sigstore to v1.10.8

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/sigstore/sigstore	v1.10.6 → v1.10.8

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

sigstore/sigstore (github.com/sigstore/sigstore)

v1.10.8

Compare Source

What's Changed

• Support standard PKCS#8 encrypted private key decryption in #​2333

Full Changelog: sigstore/sigstore@v1.10.7...v1.10.8

v1.10.7

Compare Source

What's Changed

• add functional options to DSSE to improve memory usage, validation in #​2326
• Extend PEM private key unmarshalling to support legacy format in #​2332

Full Changelog: sigstore/sigstore@v1.10.6...v1.10.7

---

Configuration

📅 Schedule: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[red-hat-konflux]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated

Details:

Package	Change
github.com/secure-systems-lab/go-securesystemslib	v0.10.0 -> v0.11.0

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 694e1807-a3ae-40e2-b9ef-796bd9c88a54

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/v1.x/github.com-sigstore-sigstore-1.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-merge-bot]

/retest-required

Remaining retests: 0 against base HEAD 84f4486 and 2 for PR HEAD 4596795 in total

[openshift-ci]

New changes are detected. LGTM label has been removed.

[openshift-ci]

@red-hat-konflux[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/ocp422-images	ffc1d59	link	true	/test ocp422-images
ci/prow/ocp419-images	ffc1d59	link	true	/test ocp419-images
ci/prow/ocp420-images	ffc1d59	link	true	/test ocp420-images
ci/prow/ocp421-images	ffc1d59	link	true	/test ocp421-images
ci/prow/ocp416-images	ffc1d59	link	true	/test ocp416-images
ci/prow/images	ffc1d59	link	true	/test images
ci/prow/ocp417-e2e-gcp	ffc1d59	link	true	/test ocp417-e2e-gcp
ci/prow/ocp420-e2e-gcp	ffc1d59	link	true	/test ocp420-e2e-gcp
ci/prow/ocp419-e2e-azure	ffc1d59	link	true	/test ocp419-e2e-azure
ci/prow/ocp422-e2e-gcp	ffc1d59	link	true	/test ocp422-e2e-gcp
ci/prow/ocp418-e2e-azure	ffc1d59	link	true	/test ocp418-e2e-azure
ci/prow/ocp421-e2e-gcp	ffc1d59	link	true	/test ocp421-e2e-gcp
ci/prow/ocp416-e2e-gcp	ffc1d59	link	true	/test ocp416-e2e-gcp

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.