From 9bf95549484b2075c647ad6e3c5cb2ecdf988ac0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 20:52:27 +0000 Subject: [PATCH] Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 4 ++-- .github/workflows/trivy.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 85dd1f5..d2b3c65 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -86,7 +86,7 @@ jobs: uses: actions/checkout@v4 - name: Install Cosign - uses: sigstore/cosign-installer@v3.4.0 + uses: sigstore/cosign-installer@v3.5.0 - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -137,7 +137,7 @@ jobs: uses: actions/checkout@v4 - name: Install Cosign - uses: sigstore/cosign-installer@v3.4.0 + uses: sigstore/cosign-installer@v3.5.0 - name: Set up QEMU uses: docker/setup-qemu-action@v3 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 95c43a9..6c176b2 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -68,7 +68,7 @@ jobs: echo "BASE_SHA=$(git merge-base --fork-point main)" | tee -a $GITHUB_ENV - name: Install Cosign - uses: sigstore/cosign-installer@v3.4.0 + uses: sigstore/cosign-installer@v3.5.0 - name: Generate docker-compliant image name run: |