1. in-toto-golang v0.11.0 Security Release Fixes Inconsistent Negation Behavior in Artifact Rules
A security-focused dependency update has been issued for in-toto-golang, advancing the module from v0.10.0 to v0.11.0 to address a vulnerability identified as GHSA-pmwq-pjrm-6p5r. The patch targets inconsistent negation behavior between the Go and Python implementations of the in-toto supply chain security framework, a...