build(deps): Bump the ci-dependencies group across 1 directory with 3…

… updates Bumps the ci-dependencies group with 3 updates in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [docker/build-push-action](https://github.com/docker/build-push-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `sigstore/cosign-installer` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@59acb62...4959ce0) Updates `docker/build-push-action` from 6.5.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@5176d81...5cd11c3) Updates `actions/upload-artifact` from 4.3.4 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b2256b...5076954) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>
vipyrsec · Sep 1, 2024 · 6a63ae2 · 6a63ae2
1 parent a2a30cf
commit 6a63ae2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/container-build-push.yaml b/.github/workflows/container-build-push.yaml
@@ -44,7 +44,7 @@ jobs:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20  # v3.5.0
+        uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382  # v3.6.0
 
       - name: Setup Docker Buildx
         id: buildx
@@ -106,7 +106,7 @@ jobs:
 
       - name: Build and push Docker image
         id: docker_build_push
-        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445  # v6.5.0
+        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85  # v6.7.0
         with:
           builder: ${{ steps.buildx.outputs.name }}
           build-args: |
@@ -147,7 +147,7 @@ jobs:
 
       - name: Upload digest
         if: ${{ github.ref == 'refs/heads/main' || startswith(github.event.ref, 'refs/tags/v') }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b  # v4.3.4
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874  # v4.4.0
         with:
           if-no-files-found: error
           name: digests

diff --git a/.github/workflows/yara.yaml b/.github/workflows/yara.yaml
@@ -55,7 +55,7 @@ jobs:
         if: steps.cache-yara.outputs.cache-hit != 'true' && runner.os == 'Linux'
 
       - name: Upload YARA
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b  # v4.3.4
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874  # v4.4.0
         with:
           if-no-files-found: error
           name: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}