Merge pull request #1985 from intel/dependabot/github_actions/sigstore/cosign-installer-3.8.0

tkatila · web-flow · commit 33d55f7eb8a0 · 2025-02-10T09:15:19.000+02:00
build(deps): bump sigstore/cosign-installer from 3.7.0 to 3.8.0
diff --git a/.github/workflows/lib-publish.yaml b/.github/workflows/lib-publish.yaml
@@ -113,7 +113,7 @@ jobs:
           echo "image_sha=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }})" >> $GITHUB_OUTPUT
       - name: Install cosign
         if: ${{ inputs.image_tag != 'devel' }}
-        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da #v3.7.0
+        uses: sigstore/cosign-installer@c56c2d3e59e4281cc41dea2217323ba5694b171e #v3.8.0
       - name: Keyless image sign
         if: ${{ inputs.image_tag != 'devel' }}
         run: |
