From af3085583dc8f562f17fe3d9661cd3d0506268a1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Feb 2025 12:31:57 +0000
Subject: [PATCH] ci: bump the github-actions group with 2 updates

Bumps the github-actions group with 2 updates: [python-semantic-release/python-semantic-release](https://github.com/python-semantic-release/python-semantic-release) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `python-semantic-release/python-semantic-release` from 9.17.0 to 9.19.0
- [Release notes](https://github.com/python-semantic-release/python-semantic-release/releases)
- [Changelog](https://github.com/python-semantic-release/python-semantic-release/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/python-semantic-release/python-semantic-release/compare/v9.17.0...v9.19.0)

Updates `sigstore/cosign-installer` from 3.7.0 to 3.8.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.7.0...v3.8.0)

---
updated-dependencies:
- dependency-name: python-semantic-release/python-semantic-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/release.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 78e91c1..9c81a2a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -70,7 +70,7 @@ jobs:
 
           - name: Semantic Release
             id: semantic
-            uses: python-semantic-release/python-semantic-release@v9.17.0
+            uses: python-semantic-release/python-semantic-release@v9.19.0
             with:
                 github_token: ${{ steps.app-token.outputs.token }}
             env:
@@ -105,7 +105,7 @@ jobs:
 
           - name: Install CoSign
             if: github.event_name != 'pull_request'
-            uses: sigstore/cosign-installer@v3.7.0
+            uses: sigstore/cosign-installer@v3.8.0
             with:
                 cosign-release: 'v2.4.0'