Bump dev.sigstore:sigstore-java from 2.1.0 to 2.2.0

[dependabot]

Bumps dev.sigstore:sigstore-java from 2.1.0 to 2.2.0.

Release notes

Sourced from dev.sigstore:sigstore-java's releases.

v2.2.0

See CHANGELOG.md for more details.

What's Changed

• Update versions and changelog after 2.1.0 release by @​aaronlew02 in sigstore/sigstore-java#1191
• Allow testing token to reference the new gcp token by @​loosebazooka in sigstore/sigstore-java#1195
• Pipe algorithm registry into verifiers by @​loosebazooka in sigstore/sigstore-java#1196
• Make version scripts macOS-compatible by @​aaronlew02 in sigstore/sigstore-java#1192
• Update actions/setup-go action to v6.4.0 by @​renovate[bot] in sigstore/sigstore-java#1181
• Update dependency org.junit:junit-bom to v5.14.4 by @​renovate[bot] in sigstore/sigstore-java#1179
• Make algorithm registry more central to system by @​loosebazooka in sigstore/sigstore-java#1197
• Support more hash/signing algorithms by @​loosebazooka in sigstore/sigstore-java#1198
• remove accidental test resources by @​loosebazooka in sigstore/sigstore-java#1200
• Ts algo reg by @​loosebazooka in sigstore/sigstore-java#1201
• use hashedrekord as only type in rekor v2 paths by @​loosebazooka in sigstore/sigstore-java#1202
• Update jetty monorepo to v12.1.10 by @​renovate[bot] in sigstore/sigstore-java#1178
• Update dependency com.github.vlsi.gradle-extensions:com.github.vlsi.gradle-extensions.gradle.plugin to v3.0.2 by @​renovate[bot] in sigstore/sigstore-java#1193
• ci: declare contents:read on gradle-wrapper-validation workflow by @​arpitjain099 in sigstore/sigstore-java#1188
• ci: declare contents: read permissions on cifuzz workflow by @​arpitjain099 in sigstore/sigstore-java#1194
• Add SIGSTORE_JAVA_ID_TOKEN for passing id token by @​loosebazooka in sigstore/sigstore-java#1204

New Contributors

• @​arpitjain099 made their first contribution in sigstore/sigstore-java#1188

Full Changelog: sigstore/sigstore-java@v2.1.0...v2.2.0

Changelog

Sourced from dev.sigstore:sigstore-java's changelog.

Changelog

All notable changes to sigstore-java will be documented in this file. For a full list of changes, see the changelog in Releases.

The format is based on Keep a Changelog.

All versions prior to 1.0.0 are untracked

[Unreleased]

Commits

• 55eec24 Merge pull request #1204 from sigstore/token-from-env
• 80faad5 Merge pull request #1194 from arpitjain099/chore/cifuzz-perms
• 7093d0b Add SIGSTORE_JAVA_ID_TOKEN for passing id token
• ec147e7 ci: declare contents: read permissions on cifuzz workflow
• 67503fc Merge pull request #1188 from arpitjain099/chore/declare-workflow-perms
• d59fe48 Merge pull request #1193 from sigstore/renovate/com.github.vlsi.gradle-extens...
• c04b6d2 Merge pull request #1178 from sigstore/renovate/jetty-monorepo
• a52fc64 Update jetty monorepo to v12.1.10
• fde64e4 Update dependency com.github.vlsi.gradle-extensions:com.github.vlsi.gradle-ex...
• ef3f101 Merge pull request #1202 from sigstore/dsseXhashedrekord
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)