Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump actions/setup-go from 4.1.0 to 5.0.0 #152

Merged
merged 1 commit into from
Dec 11, 2023
Merged

Bump actions/setup-go from 4.1.0 to 5.0.0 #152

merged 1 commit into from
Dec 11, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2023

Bumps actions/setup-go from 4.1.0 to 5.0.0.

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: actions/setup-go@v4...v5.0.0

Commits
  • 0c52d54 Update dependencies for node20 (#445)
  • bfd2fb3 Merge pull request #421 from chenrui333/node20-runtime
  • 3d65fa5 feat: bump to use actions/checkout@v4
  • 8a505c9 feat: bump to use node20 runtime
  • 883490d Merge pull request #417 from artemgavrilov/main
  • d45ebba Rephrase sentence
  • 317c661 Replace wildcards term with globs.
  • f90673a Merge pull request #1 from artemgavrilov/caching-docs-improvement
  • 8018234 Improve documentation regarding dependencies cachin
  • d085b4f Merge pull request #411 from galargh/fix/windows-hostedtoolcache
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump actions/setup-go from 4.1.0 to 5.0.0
f739e90 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@93397be...0c52d54)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 11, 2023
@cpanato cpanato merged commit c81cf06 into main Dec 11, 2023
25 checks passed
@cpanato cpanato deleted the dependabot/github_actions/actions/setup-go-5.0.0 branch December 11, 2023 09:18
renovate bot referenced this pull request in rsturla/eternal-main Dec 11, 2023
@renovate
chore(deps): update sigstore/cosign-installer action to v3.3.0 (#63)
b2408a0 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.2.0` -> `v3.3.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/rsturla/eternal-main).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44Ny4yIiwidXBkYXRlZEluVmVyIjoiMzcuODcuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
scottames referenced this pull request in scottames/ublue Dec 16, 2023
@renovate
chore(deps): update sigstore/cosign-installer action to v3.3.0 (#34)
ff71b06 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.2.0` -> `v3.3.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 4pm on friday" in timezone
America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/scottames/ublue).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6ImxpdmUifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159 referenced this pull request in zarf-dev/zarf Dec 19, 2023
@renovate
chore(deps): update sigstore/cosign-installer action to v3 (#1400)
b43064c 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | major | `v2.8.1` -> `v3.3.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

#### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

###
[`v3.1.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

#### What's Changed

- Fix build and push step Readme missing id by
[@&#8203;hbenali](https://togithub.com/hbenali) in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/142](https://togithub.com/sigstore/cosign-installer/pull/142)

#### New Contributors

- [@&#8203;hbenali](https://togithub.com/hbenali) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.1.2

###
[`v3.1.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)

#### What's Changed

- default cosign to v2.1.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/137](https://togithub.com/sigstore/cosign-installer/pull/137)

**Full Changelog**:
sigstore/cosign-installer@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0)

#### What's Changed

- update job to use latest action release by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/130](https://togithub.com/sigstore/cosign-installer/pull/130)
- Update action example for keyless signing as xarg is not required by
[@&#8203;jbtrystram](https://togithub.com/jbtrystram) in
[https://github.com/sigstore/cosign-installer/pull/132](https://togithub.com/sigstore/cosign-installer/pull/132)
- update examples by [@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/133](https://togithub.com/sigstore/cosign-installer/pull/133)
- bump cosign to default to release v2.1.0 and update docs by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/136](https://togithub.com/sigstore/cosign-installer/pull/136)

#### New Contributors

- [@&#8203;jbtrystram](https://togithub.com/jbtrystram) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/132](https://togithub.com/sigstore/cosign-installer/pull/132)

**Full Changelog**:
sigstore/cosign-installer@v3.0.5...v3.1.0

###
[`v3.0.5`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.5)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5)

#### What's Changed

- download cosign releases from GitHub rather than GCS by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/126](https://togithub.com/sigstore/cosign-installer/pull/126)

**Full Changelog**:
sigstore/cosign-installer@v3.0.4...v3.0.5

###
[`v3.0.4`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.4)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.3...v3.0.4)

- Include fix for
[https://github.com/sigstore/cosign-installer/pull/124](https://togithub.com/sigstore/cosign-installer/pull/124)
- changes download URL for `cosign` binary to github.com instead of GCS

###
[`v3.0.3`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.3)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3)

##### What's Changed

- bump to cosign v2.0.2 by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/119](https://togithub.com/sigstore/cosign-installer/pull/119)
- changes download URL for `cosign` binary to github.com instead of GCS

**Full Changelog**:
sigstore/cosign-installer@v3.0.2...v3.0.3

###
[`v3.0.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.1...v3.0.2)

##### What's Changed

- add --yes to example workflow by
[@&#8203;sebhoss](https://togithub.com/sebhoss) in
[https://github.com/sigstore/cosign-installer/pull/110](https://togithub.com/sigstore/cosign-installer/pull/110)
- Fix aarch64 action run by
[@&#8203;ananos](https://togithub.com/ananos) in
[https://github.com/sigstore/cosign-installer/pull/113](https://togithub.com/sigstore/cosign-installer/pull/113)
- Bump actions/checkout from 3.3.0 to 3.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/115](https://togithub.com/sigstore/cosign-installer/pull/115)
- Bump actions/setup-go from 3.5.0 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/114](https://togithub.com/sigstore/cosign-installer/pull/114)
- Bump actions/checkout from 3.4.0 to 3.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/116](https://togithub.com/sigstore/cosign-installer/pull/116)
- default cosign to v2.0.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/117](https://togithub.com/sigstore/cosign-installer/pull/117)
- changes download URL for `cosign` binary to github.com instead of GCS

##### New Contributors

- [@&#8203;sebhoss](https://togithub.com/sebhoss) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/110](https://togithub.com/sigstore/cosign-installer/pull/110)
- [@&#8203;ananos](https://togithub.com/ananos) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/113](https://togithub.com/sigstore/cosign-installer/pull/113)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.0.2

###
[`v3.0.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1)

##### What's Changed

- make cosign v2.0.0 default version by
[@&#8203;developer-guy](https://togithub.com/developer-guy) in
[https://github.com/sigstore/cosign-installer/pull/109](https://togithub.com/sigstore/cosign-installer/pull/109)
- changes download URL for `cosign` binary to github.com instead of GCS

**Full Changelog**:
sigstore/cosign-installer@v3.0.0...v3.0.1

###
[`v3.0.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.0)

##### Breaking change

Cosign v2 has some breaking changes. Please check those:
https://blog.sigstore.dev/cosign-2-0-released/

##### What's Changed

- test: add logs when downloading the public keys by
[@&#8203;hectorj2f](https://togithub.com/hectorj2f) in
[https://github.com/sigstore/cosign-installer/pull/106](https://togithub.com/sigstore/cosign-installer/pull/106)
- Add support to install v2 and any other cosign release candidate by
[@&#8203;hectorj2f](https://togithub.com/hectorj2f) in
[https://github.com/sigstore/cosign-installer/pull/105](https://togithub.com/sigstore/cosign-installer/pull/105)
- v2.0.0 release by [@&#8203;sabre1041](https://togithub.com/sabre1041)
in
[https://github.com/sigstore/cosign-installer/pull/108](https://togithub.com/sigstore/cosign-installer/pull/108)
- changes download URL for `cosign` binary to github.com instead of GCS

##### New Contributors

- [@&#8203;hectorj2f](https://togithub.com/hectorj2f) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/106](https://togithub.com/sigstore/cosign-installer/pull/106)
- [@&#8203;sabre1041](https://togithub.com/sabre1041) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/108](https://togithub.com/sigstore/cosign-installer/pull/108)

**Full Changelog**:
sigstore/cosign-installer@v2...v3.0.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM3Ljg3LjIiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
JoelDewey pushed a commit to JoelDewey/rhel-wireguard that referenced this pull request Jan 23, 2024
@JoelDewey
Update sigstore/cosign-installer action to v3.3.0 (#9)
f2c1b78 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | action | minor | `v3.1.1` -> `v3.3.0` |

---

### Release Notes

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

### [`v3.3.0`](https://github.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare Source](sigstore/cosign-installer@v3.2.0...v3.3.0)

#### What's Changed

-   Bump actions/setup-go from 4.1.0 to 5.0.0 by [@&#8203;dependabot](https://github.com/dependabot) in sigstore/cosign-installer#152
-   update action to use latest cosign v2.2.2 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#153

**Full Changelog**: sigstore/cosign-installer@v3.2.0...v3.3.0

### [`v3.2.0`](https://github.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare Source](sigstore/cosign-installer@v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in this [Github Security Advisory](GHSA-vfp6-jrw2-99g9). Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

-   Support the runner context of gitea act by [@&#8203;josedev-union](https://github.com/josedev-union) in sigstore/cosign-installer#147
-   bump cosign to v2.2.1 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#148
-   test with latest go version by [@&#8203;bobcallaway](https://github.com/bobcallaway) in sigstore/cosign-installer#150

#### New Contributors

-   [@&#8203;josedev-union](https://github.com/josedev-union) made their first contribution in sigstore/cosign-installer#147

**Full Changelog**: sigstore/cosign-installer@v3...v3.2.0

### [`v3.1.2`](https://github.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare Source](sigstore/cosign-installer@v3.1.1...v3.1.2)

#### What's Changed

-   Fix build and push step Readme missing id by [@&#8203;hbenali](https://github.com/hbenali) in sigstore/cosign-installer#138
-   bump cosign to v2.2.0 by [@&#8203;cpanato](https://github.com/cpanato) in sigstore/cosign-installer#142

#### New Contributors

-   [@&#8203;hbenali](https://github.com/hbenali) made their first contribution in sigstore/cosign-installer#138

**Full Changelog**: sigstore/cosign-installer@v3...v3.1.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE0MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.int.magicalinternetbox.net/joel/rhel-wireguard/pulls/9
Co-authored-by: Renovate Bot <[email protected]>
Co-committed-by: Renovate Bot <[email protected]>
charithe referenced this pull request in cerbos/cerbos Feb 5, 2024
@renovate
chore(deps): Update github actions deps (#1973)
5574e85 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[bufbuild/buf-setup-action](https://togithub.com/bufbuild/buf-setup-action)
| action | minor | `v1.28.1` -> `v1.29.0` |
|
[google-github-actions/setup-gcloud](https://togithub.com/google-github-actions/setup-gcloud)
| action | minor | `v2.0.1` -> `v2.1.0` |
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | minor | `v3.1.1` -> `v3.4.0` |

---

### Release Notes

<details>
<summary>bufbuild/buf-setup-action (bufbuild/buf-setup-action)</summary>

###
[`v1.29.0`](https://togithub.com/bufbuild/buf-setup-action/releases/tag/v1.29.0)

[Compare
Source](https://togithub.com/bufbuild/buf-setup-action/compare/v1.28.1...v1.29.0)

Release v1.29.0

</details>

<details>
<summary>google-github-actions/setup-gcloud
(google-github-actions/setup-gcloud)</summary>

###
[`v2.1.0`](https://togithub.com/google-github-actions/setup-gcloud/releases/tag/v2.1.0)

[Compare
Source](https://togithub.com/google-github-actions/setup-gcloud/compare/v2.0.1...v2.1.0)

##### What's Changed

- Update deps by [@&#8203;sethvargo](https://togithub.com/sethvargo) in
[https://github.com/google-github-actions/setup-gcloud/pull/677](https://togithub.com/google-github-actions/setup-gcloud/pull/677)
- Release: v2.1.0 by
[@&#8203;google-github-actions-bot](https://togithub.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/setup-gcloud/pull/678](https://togithub.com/google-github-actions/setup-gcloud/pull/678)

**Full Changelog**:
google-github-actions/setup-gcloud@v2...v2.1.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.4.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.4.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0)

#### What's Changed

- Use examples that work with multiple tags by
[@&#8203;jkreileder](https://togithub.com/jkreileder) in
[https://github.com/sigstore/cosign-installer/pull/155](https://togithub.com/sigstore/cosign-installer/pull/155)
- default cosign install to release v2.2.3 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/156](https://togithub.com/sigstore/cosign-installer/pull/156)

#### New Contributors

- [@&#8203;jkreileder](https://togithub.com/jkreileder) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/155](https://togithub.com/sigstore/cosign-installer/pull/155)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.4.0

###
[`v3.3.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

#### What's Changed

- Bump actions/setup-go from 4.1.0 to 5.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/152](https://togithub.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/153](https://togithub.com/sigstore/cosign-installer/pull/153)

**Full Changelog**:
sigstore/cosign-installer@v3.2.0...v3.3.0

###
[`v3.2.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

#### What's Changed

- Support the runner context of gitea act by
[@&#8203;josedev-union](https://togithub.com/josedev-union) in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/148](https://togithub.com/sigstore/cosign-installer/pull/148)
- test with latest go version by
[@&#8203;bobcallaway](https://togithub.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/150](https://togithub.com/sigstore/cosign-installer/pull/150)

#### New Contributors

- [@&#8203;josedev-union](https://togithub.com/josedev-union) made their
first contribution in
[https://github.com/sigstore/cosign-installer/pull/147](https://togithub.com/sigstore/cosign-installer/pull/147)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.2.0

###
[`v3.1.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

#### What's Changed

- Fix build and push step Readme missing id by
[@&#8203;hbenali](https://togithub.com/hbenali) in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/142](https://togithub.com/sigstore/cosign-installer/pull/142)

#### New Contributors

- [@&#8203;hbenali](https://togithub.com/hbenali) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.1.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cerbos/cerbos).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE3MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpanato cpanato cpanato approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cpanato