From 77756b19f72513f5bf4f9edbc21da2230a97b333 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 02:33:37 +0000 Subject: [PATCH] build(deps): bump the all group across 1 directory with 3 updates Bumps the all group with 3 updates in the / directory: [actions/setup-go](https://github.com/actions/setup-go), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [chainguard-dev/actions](https://github.com/chainguard-dev/actions). Updates `actions/setup-go` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5...4b73464bb391d4059bd26b0524d20df3927bd417) Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/faadad0cce49287aee09b3a48701e75088a2c6ad...ba7bc0a3fef59531c69a25acd34668d6d3fe6f22) Updates `chainguard-dev/actions` from 1.6.3 to 1.6.8 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Commits](https://github.com/chainguard-dev/actions/compare/4ed96e952ef2982fe89a50f3c40e9643bb9fe803...7440e20e3e0bb180a2f6e330bcd53504e2ac8980) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: sigstore/cosign-installer dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: chainguard-dev/actions dependency-version: 1.6.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/container-build.yml | 4 ++-- .github/workflows/e2e.yml | 2 +- .github/workflows/main.yml | 2 +- .github/workflows/verify-k8s.yml | 8 ++++---- .github/workflows/verify.yml | 6 +++--- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 091b1f010..f0605db8a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -48,7 +48,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: ${{ env.GOVERSION }} check-latest: true diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml index 783a832de..72ca2ee9f 100644 --- a/.github/workflows/container-build.yml +++ b/.github/workflows/container-build.yml @@ -37,12 +37,12 @@ jobs: with: persist-credentials: false - - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index c088b6903..088ae1ea1 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -36,7 +36,7 @@ jobs: - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9 - - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 - name: Start Fulcio services run: | diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e27f441f1..03178bee1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -36,7 +36,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: ${{ env.GOVERSION }} check-latest: true diff --git a/.github/workflows/verify-k8s.yml b/.github/workflows/verify-k8s.yml index d2c95550f..1032b2393 100644 --- a/.github/workflows/verify-k8s.yml +++ b/.github/workflows/verify-k8s.yml @@ -32,7 +32,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true @@ -76,7 +76,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true @@ -84,7 +84,7 @@ jobs: - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9 - name: Setup Cluster - uses: chainguard-dev/actions/setup-kind@4ed96e952ef2982fe89a50f3c40e9643bb9fe803 # v1.6.3 + uses: chainguard-dev/actions/setup-kind@7440e20e3e0bb180a2f6e330bcd53504e2ac8980 # v1.6.8 with: k8s-version: 1.31.x registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }} @@ -219,4 +219,4 @@ jobs: - name: Collect diagnostics and upload if: ${{ failure() }} - uses: chainguard-dev/actions/kind-diag@4ed96e952ef2982fe89a50f3c40e9643bb9fe803 # v1.6.3 + uses: chainguard-dev/actions/kind-diag@7440e20e3e0bb180a2f6e330bcd53504e2ac8980 # v1.6.8 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 5d8d96c30..f2725f32a 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -36,7 +36,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true @@ -64,7 +64,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true @@ -85,7 +85,7 @@ jobs: - name: Extract version of Go to use run: echo "GOVERSION=$(awk -F'[:@]' '/FROM golang/{print $2; exit}' Dockerfile)" >> $GITHUB_ENV - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '${{ env.GOVERSION }}' check-latest: true