Merge pull request #941 from kubewarden/dependabot/github_actions/sigstore/cosign-installer-3.7.0

jvanz · web-flow · commit 822fe8436f0a · 2024-10-07T15:02:24.000-03:00
build(deps): bump sigstore/cosign-installer from 3.6.0 to 3.7.0
diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
@@ -25,7 +25,7 @@ jobs:
         uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
+        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
 
       - name: Install the syft command
         uses: kubewarden/github-actions/syft-installer@d94509d260ee11a92b4f65bc0acd297feec24d7f # v3.3.5
diff --git a/.github/workflows/sign-image.yml b/.github/workflows/sign-image.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Install cosign
-        uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
+        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
