🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 #2253

dependabot · 2022-09-12T08:16:26Z

Bumps sigstore/cosign-installer from 2.5.1 to 2.6.0.

Release notes

Sourced from sigstore/cosign-installer's releases.

v2.6.0

What's Changed

update action to default cosign to v1.11.0 release by @cpanato in sigstore/cosign-installer#89

cleanup dependabot by @cpanato in sigstore/cosign-installer#90

default cosign to v1.11.1 by @cpanato in sigstore/cosign-installer#91

Bump actions/setup-go from 3.2.1 to 3.3.0 by @dependabot in sigstore/cosign-installer#92

Full Changelog: sigstore/cosign-installer@v2.5.1...v2.6.0

Commits

f3c664d Bump actions/setup-go from 3.2.1 to 3.3.0 (#92)
14d4334 default cosign to v1.11.1 (#91)
8d0fee4 cleanup dependabot (#90)
716fc02 update action to default cosign to v1.11.0 release (#89)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@b3413d4...f3c664d) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

codecov · 2022-09-12T08:26:47Z

Codecov Report

Merging #2253 (850e55c) into main (11657e4) will increase coverage by 4.74%.
The diff coverage is n/a.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2253      +/-   ##
==========================================
+ Coverage   42.35%   47.10%   +4.74%     
==========================================
  Files          95       95              
  Lines        7990     7987       -3     
==========================================
+ Hits         3384     3762     +378     
+ Misses       4344     3953     -391     
- Partials      262      272      +10

github-actions · 2022-09-12T08:46:36Z

Integration tests success for
[850e55c]
(https://github.com/ossf/scorecard/actions/runs/3035689627)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@b3413d4...f3c664d) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@b3413d4...f3c664d) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: nathaniel.wert <nathaniel.wert@kudelskisecurity.com>

dependabot bot requested review from azeemshaikh38, justaugustus, laurentsimon and naveensrinivasan as code owners September 12, 2022 08:16

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Sep 12, 2022

dependabot bot temporarily deployed to integration-test September 12, 2022 08:20 Inactive

naveensrinivasan approved these changes Sep 12, 2022

View reviewed changes

naveensrinivasan merged commit 856d2dd into main Sep 12, 2022

naveensrinivasan deleted the dependabot/github_actions/sigstore/cosign-installer-2.6.0 branch September 12, 2022 12:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 #2253

🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 #2253

dependabot bot commented on behalf of github Sep 12, 2022

codecov bot commented Sep 12, 2022 •

edited

github-actions bot commented Sep 12, 2022

🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 #2253

🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 #2253

Conversation

dependabot bot commented on behalf of github Sep 12, 2022

v2.6.0

What's Changed

codecov bot commented Sep 12, 2022 • edited

Codecov Report

github-actions bot commented Sep 12, 2022

codecov bot commented Sep 12, 2022 •

edited