Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump cosign to v2.2.1 #148

Merged
merged 1 commit into from
Nov 7, 2023
Merged

bump cosign to v2.2.1 #148

merged 1 commit into from
Nov 7, 2023

Conversation

cpanato
Copy link
Member

@cpanato cpanato commented Nov 7, 2023

Summary

  • bump cosign to v2.2.1

Signed-off-by: cpanato <[email protected]>
@bobcallaway
Copy link
Member

you beat me!

@cpanato
Copy link
Member Author

cpanato commented Nov 7, 2023

i was awake, cannot sleep :/

@cpanato cpanato merged commit 9ce7d60 into sigstore:main Nov 7, 2023
25 checks passed
@cpanato cpanato deleted the bump branch November 7, 2023 13:54
renovate bot referenced this pull request in rsturla/eternal-main Nov 7, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.1.2` -> `v3.2.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

#### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/rsturla/eternal-main).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
scottames referenced this pull request in scottames/ublue Nov 11, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.1.2` -> `v3.2.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

##### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

##### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 4pm on friday" in timezone
America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/scottames/ublue).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6ImxpdmUifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159 referenced this pull request in zarf-dev/zarf Dec 19, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | major | `v2.8.1` -> `v3.3.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

#### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

###
[`v3.1.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

#### What's Changed

- Fix build and push step Readme missing id by
[@&#8203;hbenali](https://togithub.com/hbenali) in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/142](https://togithub.com/sigstore/cosign-installer/pull/142)

#### New Contributors

- [@&#8203;hbenali](https://togithub.com/hbenali) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.1.2

###
[`v3.1.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)

#### What's Changed

- default cosign to v2.1.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/137](https://togithub.com/sigstore/cosign-installer/pull/137)

**Full Changelog**:
sigstore/cosign-installer@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0)

#### What's Changed

- update job to use latest action release by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/130](https://togithub.com/sigstore/cosign-installer/pull/130)
- Update action example for keyless signing as xarg is not required by
[@&#8203;jbtrystram](https://togithub.com/jbtrystram) in
[https://github.com/sigstore/cosign-installer/pull/132](https://togithub.com/sigstore/cosign-installer/pull/132)
- update examples by [@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/133](https://togithub.com/sigstore/cosign-installer/pull/133)
- bump cosign to default to release v2.1.0 and update docs by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/136](https://togithub.com/sigstore/cosign-installer/pull/136)

#### New Contributors

- [@&#8203;jbtrystram](https://togithub.com/jbtrystram) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/132](https://togithub.com/sigstore/cosign-installer/pull/132)

**Full Changelog**:
sigstore/cosign-installer@v3.0.5...v3.1.0

###
[`v3.0.5`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.5)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5)

#### What's Changed

- download cosign releases from GitHub rather than GCS by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/126](https://togithub.com/sigstore/cosign-installer/pull/126)

**Full Changelog**:
sigstore/cosign-installer@v3.0.4...v3.0.5

###
[`v3.0.4`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.4)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.3...v3.0.4)

- Include fix for
[https://github.com/sigstore/cosign-installer/pull/124](https://togithub.com/sigstore/cosign-installer/pull/124)
- changes download URL for `cosign` binary to github.com instead of GCS

###
[`v3.0.3`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.3)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3)

##### What's Changed

- bump to cosign v2.0.2 by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/119](https://togithub.com/sigstore/cosign-installer/pull/119)
- changes download URL for `cosign` binary to github.com instead of GCS

**Full Changelog**:
sigstore/cosign-installer@v3.0.2...v3.0.3

###
[`v3.0.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.1...v3.0.2)

##### What's Changed

- add --yes to example workflow by
[@&#8203;sebhoss](https://togithub.com/sebhoss) in
[https://github.com/sigstore/cosign-installer/pull/110](https://togithub.com/sigstore/cosign-installer/pull/110)
- Fix aarch64 action run by
[@&#8203;ananos](https://togithub.com/ananos) in
[https://github.com/sigstore/cosign-installer/pull/113](https://togithub.com/sigstore/cosign-installer/pull/113)
- Bump actions/checkout from 3.3.0 to 3.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/115](https://togithub.com/sigstore/cosign-installer/pull/115)
- Bump actions/setup-go from 3.5.0 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/114](https://togithub.com/sigstore/cosign-installer/pull/114)
- Bump actions/checkout from 3.4.0 to 3.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/116](https://togithub.com/sigstore/cosign-installer/pull/116)
- default cosign to v2.0.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/117](https://togithub.com/sigstore/cosign-installer/pull/117)
- changes download URL for `cosign` binary to github.com instead of GCS

##### New Contributors

- [@&#8203;sebhoss](https://togithub.com/sebhoss) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/110](https://togithub.com/sigstore/cosign-installer/pull/110)
- [@&#8203;ananos](https://togithub.com/ananos) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/113](https://togithub.com/sigstore/cosign-installer/pull/113)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.0.2

###
[`v3.0.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1)

##### What's Changed

- make cosign v2.0.0 default version by
[@&#8203;developer-guy](https://togithub.com/developer-guy) in
[https://github.com/sigstore/cosign-installer/pull/109](https://togithub.com/sigstore/cosign-installer/pull/109)
- changes download URL for `cosign` binary to github.com instead of GCS

**Full Changelog**:
sigstore/cosign-installer@v3.0.0...v3.0.1

###
[`v3.0.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.0)

##### Breaking change

Cosign v2 has some breaking changes. Please check those:
https://blog.sigstore.dev/cosign-2-0-released/

##### What's Changed

- test: add logs when downloading the public keys by
[@&#8203;hectorj2f](https://togithub.com/hectorj2f) in
[https://github.com/sigstore/cosign-installer/pull/106](https://togithub.com/sigstore/cosign-installer/pull/106)
- Add support to install v2 and any other cosign release candidate by
[@&#8203;hectorj2f](https://togithub.com/hectorj2f) in
[https://github.com/sigstore/cosign-installer/pull/105](https://togithub.com/sigstore/cosign-installer/pull/105)
- v2.0.0 release by [@&#8203;sabre1041](https://togithub.com/sabre1041)
in
[https://github.com/sigstore/cosign-installer/pull/108](https://togithub.com/sigstore/cosign-installer/pull/108)
- changes download URL for `cosign` binary to github.com instead of GCS

##### New Contributors

- [@&#8203;hectorj2f](https://togithub.com/hectorj2f) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/106](https://togithub.com/sigstore/cosign-installer/pull/106)
- [@&#8203;sabre1041](https://togithub.com/sabre1041) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/108](https://togithub.com/sigstore/cosign-installer/pull/108)

**Full Changelog**:
sigstore/cosign-installer@v2...v3.0.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM3Ljg3LjIiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
JoelDewey pushed a commit to JoelDewey/rhel-wireguard that referenced this pull request Jan 23, 2024
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | action | minor | `v3.1.1` -> `v3.3.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

### [`v3.3.0`](https://github.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare Source](sigstore/cosign-installer@v3.2.0...v3.3.0)

#### What's Changed

-   Bump actions/setup-go from 4.1.0 to 5.0.0 by [@&#8203;dependabot](https://github.com/dependabot) in sigstore/cosign-installer#152
-   update action to use latest cosign v2.2.2 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#153

**Full Changelog**: sigstore/cosign-installer@v3.2.0...v3.3.0

### [`v3.2.0`](https://github.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare Source](sigstore/cosign-installer@v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in this [Github Security Advisory](GHSA-vfp6-jrw2-99g9). Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

-   Support the runner context of gitea act by [@&#8203;josedev-union](https://github.com/josedev-union) in sigstore/cosign-installer#147
-   bump cosign to v2.2.1 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#148
-   test with latest go version by [@&#8203;bobcallaway](https://github.com/bobcallaway) in sigstore/cosign-installer#150

#### New Contributors

-   [@&#8203;josedev-union](https://github.com/josedev-union) made their first contribution in sigstore/cosign-installer#147

**Full Changelog**: sigstore/cosign-installer@v3...v3.2.0

### [`v3.1.2`](https://github.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare Source](sigstore/cosign-installer@v3.1.1...v3.1.2)

#### What's Changed

-   Fix build and push step Readme missing id by [@&#8203;hbenali](https://github.com/hbenali) in sigstore/cosign-installer#138
-   bump cosign to v2.2.0 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#142

#### New Contributors

-   [@&#8203;hbenali](https://github.com/hbenali) made their first contribution in sigstore/cosign-installer#138

**Full Changelog**: sigstore/cosign-installer@v3...v3.1.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE0MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.int.magicalinternetbox.net/joel/rhel-wireguard/pulls/9
Co-authored-by: Renovate Bot <[email protected]>
Co-committed-by: Renovate Bot <[email protected]>
charithe referenced this pull request in cerbos/cerbos Feb 5, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[bufbuild/buf-setup-action](https://togithub.com/bufbuild/buf-setup-action)
| action | minor | `v1.28.1` -> `v1.29.0` |
|
[google-github-actions/setup-gcloud](https://togithub.com/google-github-actions/setup-gcloud)
| action | minor | `v2.0.1` -> `v2.1.0` |
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.1.1` -> `v3.4.0` |

---

### Release Notes

<details>
<summary>bufbuild/buf-setup-action (bufbuild/buf-setup-action)</summary>

###
[`v1.29.0`](https://togithub.com/bufbuild/buf-setup-action/releases/tag/v1.29.0)

[Compare
Source](https://togithub.com/bufbuild/buf-setup-action/compare/v1.28.1...v1.29.0)

Release v1.29.0

</details>

<details>
<summary>google-github-actions/setup-gcloud
(google-github-actions/setup-gcloud)</summary>

###
[`v2.1.0`](https://togithub.com/google-github-actions/setup-gcloud/releases/tag/v2.1.0)

[Compare
Source](https://togithub.com/google-github-actions/setup-gcloud/compare/v2.0.1...v2.1.0)

##### What's Changed

- Update deps by [@&#8203;sethvargo](https://togithub.com/sethvargo) in
[https://github.com/google-github-actions/setup-gcloud/pull/677](https://togithub.com/google-github-actions/setup-gcloud/pull/677)
- Release: v2.1.0 by
[@&#8203;google-github-actions-bot](https://togithub.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/setup-gcloud/pull/678](https://togithub.com/google-github-actions/setup-gcloud/pull/678)

**Full Changelog**:
google-github-actions/setup-gcloud@v2...v2.1.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.4.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.4.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0)

#### What's Changed

- Use examples that work with multiple tags by
[@&#8203;jkreileder](https://togithub.com/jkreileder) in
[https://github.com/sigstore/cosign-installer/pull/155](https://togithub.com/sigstore/cosign-installer/pull/155)
- default cosign install to release v2.2.3 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/156](https://togithub.com/sigstore/cosign-installer/pull/156)

#### New Contributors

- [@&#8203;jkreileder](https://togithub.com/jkreileder) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/155](https://togithub.com/sigstore/cosign-installer/pull/155)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.4.0

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

#### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

###
[`v3.1.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

#### What's Changed

- Fix build and push step Readme missing id by
[@&#8203;hbenali](https://togithub.com/hbenali) in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/142](https://togithub.com/sigstore/cosign-installer/pull/142)

#### New Contributors

- [@&#8203;hbenali](https://togithub.com/hbenali) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.1.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cerbos/cerbos).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE3MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants