From c3c5b08ce6afd1333e1f4106726624573732904f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Apr 2026 17:35:04 +0100 Subject: [PATCH] build(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.1 (#6226) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/push-docker-base.yml | 2 +- .github/workflows/push-docker.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push-docker-base.yml b/.github/workflows/push-docker-base.yml index 649b4ee36..bfaebd120 100644 --- a/.github/workflows/push-docker-base.yml +++ b/.github/workflows/push-docker-base.yml @@ -100,7 +100,7 @@ jobs: sbom: true - name: Install cosign - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 with: cosign-release: "v2.4.1" diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml index 629df2d4e..92bd2d21c 100644 --- a/.github/workflows/push-docker.yml +++ b/.github/workflows/push-docker.yml @@ -76,13 +76,13 @@ jobs: - name: Install cosign if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 + uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 with: cosign-release: "v2.4.1" - name: Install cosign if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 + uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 with: cosign-release: "v2.4.1"