New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 #12689
chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 #12689
Conversation
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## master #12689 +/- ##
=======================================
Coverage 47.78% 47.78%
=======================================
Files 246 246
Lines 41944 41944
=======================================
Hits 20045 20045
Misses 19898 19898
Partials 2001 2001 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We explicitly use cosign version v1.13.1. The new default of this action uses v2.0.0 if a version is not specified. lgtm!
/cherry-pick release-2.6 |
/cherry-pick release-2.5 |
/cherry-pick release-2.4 |
Cherry-pick failed with |
Cherry-pick failed with |
Cherry-pick failed with |
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Cherry-picked onto release-2.6, release-2.5, and release-2.4. |
…proj#12689) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@9becc61...c3667d9) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps sigstore/cosign-installer from 2.8.1 to 3.0.1.
Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
c3667d9
make cosign v2.0.0 default version (#109)77560e3
v2.0.0 release (#108)4079ad3
Bump actions/checkout from 3.2.0 to 3.3.0 (#107)55fd288
Add support to install v2 and any other cosign release candidate (#105)651c379
test: add logs when downloading the public keys (#106)df6c89e
Bump actions/checkout from 3.1.0 to 3.2.0 (#102)31f2644
Bump actions/setup-go from 3.4.0 to 3.5.0 (#103)b6757d8
Bump actions/setup-go from 3.3.1 to 3.4.0 (#101)7bca8b4
Bump actions/setup-go from 3.3.0 to 3.3.1 (#99)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)