From 04fc1311c3f2ed01482c880bd641a88d024296ba Mon Sep 17 00:00:00 2001
From: chainguardian <101908552+chainguardian@users.noreply.github.com>
Date: Sat, 9 Mar 2024 07:04:19 +0000
Subject: [PATCH] melange/0.6.9-r1: fix GHSA-c5q2-7r4c-mv6g

---
 melange.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/melange.yaml b/melange.yaml
index 5b9feb4b24..0a1cc0f999 100644
--- a/melange.yaml
+++ b/melange.yaml
@@ -2,7 +2,7 @@
 package:
   name: melange
   version: 0.6.9
-  epoch: 1
+  epoch: 2
   description: build APKs from source code
   copyright:
     - license: Apache-2.0
@@ -26,6 +26,10 @@ pipeline:
       repository: https://github.com/chainguard-dev/melange
       tag: v${{package.version}}
 
+  - uses: go/bump
+    with:
+      deps: gopkg.in/go-jose/go-jose.v2@v2.6.3
+
   - runs: |
       make melange
       install -m755 -D ./melange "${{targets.destdir}}"/usr/bin/melange