build(deps): bump the all group across 1 directory with 3 updates

[dependabot]

Bumps the all group with 3 updates in the / directory: actions/setup-go, sigstore/cosign-installer and chainguard-dev/actions.

Updates actions/setup-go from 6.2.0 to 6.3.0

Release notes

Sourced from actions/setup-go's releases.

v6.3.0

What's Changed

• Update default Go module caching to use go.mod by @​priyagupta108 in actions/setup-go#705
• Fix golang download url to go.dev by @​178inaba in actions/setup-go#469

Full Changelog: actions/setup-go@v6...v6.3.0

Commits

• 4b73464 Fix golang download url to go.dev (#469)
• a5f9b05 Update default Go module caching to use go.mod (#705)
• See full diff in compare view

Updates sigstore/cosign-installer from 4.0.0 to 4.1.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v4.1.0

What's Changed

We recommend updating as soon as possible as this includes bug fixes for Cosign. We also recommend removing with: cosign-release and strongly discourage using cosign-release unless you have a specific reason to use an older version of Cosign.

• Bump cosign to 3.0.5 in sigstore/cosign-installer#220
• fix: add retry to curl downloads for transient network failures in sigstore/cosign-installer#210

Full Changelog: sigstore/cosign-installer@v4.0.0...v4.1.0

Commits

• ba7bc0a fix: add retry to curl downloads for transient network failures (#210)
• 5a292e1 Bump cosign to 3.0.5 (#220)
• 351ea76 Bump actions/checkout from 6.0.1 to 6.0.2 (#217)
• c17565f test with go 1.26 too (#221)
• a6fdd19 Bump actions/setup-go from 6.1.0 to 6.3.0 (#218)
• 430b6a7 docs: fix registry from gcr.io to ghcr.io (#213)
• 4d14d7f feat: update to v3.0.3 (#212)
• f148005 fix: use env vars for template expansions; show curl errors (#207)
• c3f2d79 Bump actions/checkout from 6.0.0 to 6.0.1 (#208)
• b9a9af4 drop tests with go1.24 as it cant build (#211)
• Additional commits viewable in compare view

Updates chainguard-dev/actions from 1.6.3 to 1.6.8

Release notes

Sourced from chainguard-dev/actions's releases.

v1.6.8

What's Changed

• feat(setup-kind): add ARM64 support by @​egibs in chainguard-dev/actions#798

Full Changelog: chainguard-dev/actions@v1.6.7...v1.6.8

v1.6.7

What's Changed

• Make setup-kind more reliable. by @​mattmoor in chainguard-dev/actions#797

Full Changelog: chainguard-dev/actions@v1.6.6...v1.6.7

v1.6.6

What's Changed

• build(deps): bump actions/setup-go from 6.2.0 to 6.3.0 in /setup-melange by @​dependabot[bot] in chainguard-dev/actions#780
• build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 in /kind-diag by @​dependabot[bot] in chainguard-dev/actions#781
• build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 in /nodiff by @​dependabot[bot] in chainguard-dev/actions#779
• build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 in /k8s-diag by @​dependabot[bot] in chainguard-dev/actions#778
• build(deps): bump actions/setup-go from 6.2.0 to 6.3.0 by @​dependabot[bot] in chainguard-dev/actions#776
• build(deps): bump actions/setup-go from 6.2.0 to 6.3.0 in /boilerplate by @​dependabot[bot] in chainguard-dev/actions#777
• Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 by @​dependabot[bot] in chainguard-dev/actions#760
• build(deps): bump hashicorp/setup-terraform from 3.1.2 to 4.0.0 in /setup-terraform by @​dependabot[bot] in chainguard-dev/actions#775
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 by @​dependabot[bot] in chainguard-dev/actions#782
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /gofmt by @​dependabot[bot] in chainguard-dev/actions#783
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /melange-build by @​dependabot[bot] in chainguard-dev/actions#786
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /inky-build-pkg by @​dependabot[bot] in chainguard-dev/actions#785
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /wolfi-build-pkg by @​dependabot[bot] in chainguard-dev/actions#787
• build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /goimports by @​dependabot[bot] in chainguard-dev/actions#784
• build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 in /githubapp-token by @​dependabot[bot] in chainguard-dev/actions#788
• fix(hugo2confluence): replace confluence markdown converter [ENG-4650] by @​stevebeattie in chainguard-dev/actions#789

Full Changelog: chainguard-dev/actions@v1.6.5...v1.6.6

v1.6.5

What's Changed

• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 in /wolfi-build-pkg by @​dependabot[bot] in chainguard-dev/actions#773
• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 in /melange-build by @​dependabot[bot] in chainguard-dev/actions#772
• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 in /gofmt by @​dependabot[bot] in chainguard-dev/actions#769
• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 in /inky-build-pkg by @​dependabot[bot] in chainguard-dev/actions#771
• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 in /goimports by @​dependabot[bot] in chainguard-dev/actions#770
• build(deps): bump chainguard-dev/actions from 1.6.3 to 1.6.4 by @​dependabot[bot] in chainguard-dev/actions#768
• build(deps): bump step-security/harden-runner from 2.14.2 to 2.15.0 by @​dependabot[bot] in chainguard-dev/actions#774

Full Changelog: chainguard-dev/actions@v1.6.4...v1.6.5

v1.6.4

... (truncated)

Commits

• 7440e20 feat(setup-kind): add ARM64 support (#798)
• 5e84f02 Make setup-kind more reliable. (#797)
• e9290fa fix(hugo2confluence): replace confluence markdown converter [ENG-4650] (#789)
• 97b3a1b build(deps): bump actions/setup-node in /githubapp-token (#788)
• fc20451 build(deps): bump chainguard-dev/actions in /goimports (#784)
• 0578790 build(deps): bump chainguard-dev/actions in /wolfi-build-pkg (#787)
• 95f6175 build(deps): bump chainguard-dev/actions in /inky-build-pkg (#785)
• 1897f6f build(deps): bump chainguard-dev/actions in /melange-build (#786)
• aab57d2 build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 in /gofmt (#783)
• 8255ec7 build(deps): bump chainguard-dev/actions from 1.6.4 to 1.6.5 (#782)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.