From 525d4b8cff69f103516dc0c00a0b506138aa6994 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 12:18:08 +0000 Subject: [PATCH] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [anchore/sbom-action](https://github.com/anchore/sbom-action) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `anchore/sbom-action` from 0.15.5 to 0.15.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](https://github.com/anchore/sbom-action/compare/24b0d5238516480139aa8bc6f92eeb7b54a9eb0a...b6a39da80722a2cb0ef5d197531764a89b5d48c3) Updates `sigstore/cosign-installer` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/9614fae9e5c5eddabb09f90a270fcb487c9f7149...e1523de7571e31dbe865fd2e80c5c7c23ae71eb4) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 63423e7..bcae4b8 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -111,7 +111,7 @@ jobs: check-latest: true go-version: ${{ env.GO_VERSION }} - - uses: anchore/sbom-action/download-syft@24b0d5238516480139aa8bc6f92eeb7b54a9eb0a # v0.15.5 + - uses: anchore/sbom-action/download-syft@b6a39da80722a2cb0ef5d197531764a89b5d48c3 # v0.15.8 - name: Run GoReleaser uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 @@ -153,8 +153,8 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0 - - uses: anchore/sbom-action/download-syft@24b0d5238516480139aa8bc6f92eeb7b54a9eb0a # v0.15.5 + - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + - uses: anchore/sbom-action/download-syft@b6a39da80722a2cb0ef5d197531764a89b5d48c3 # v0.15.8 - name: Run GoReleaser uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0