chore(deps): bump the actions group across 1 directory with 2 updates

Bumps the actions group with 2 updates in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `sigstore/cosign-installer` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@v3.5.0...v3.6.0) Updates `anchore/sbom-action` from 0.17.0 to 0.17.1 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@v0.17.0...v0.17.1) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
gnolang · Aug 14, 2024 · ac0de17 · ac0de17
1 parent ff0c177
commit ac0de17
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/.github/workflows/nightlies.yml b/.github/workflows/nightlies.yml
@@ -23,8 +23,8 @@ jobs:
           go-version: "1.22.x"
           cache: true
 
-      - uses: sigstore/cosign-installer@v3.5.0
-      - uses: anchore/sbom-action/download-syft@v0.17.0
+      - uses: sigstore/cosign-installer@v3.6.0
+      - uses: anchore/sbom-action/download-syft@v0.17.1
 
       - uses: docker/login-action@v3
         with:

diff --git a/.github/workflows/releaser-master.yml b/.github/workflows/releaser-master.yml
@@ -24,8 +24,8 @@ jobs:
           go-version: "1.22.x"
           cache: true
 
-      - uses: sigstore/cosign-installer@v3.5.0
-      - uses: anchore/sbom-action/download-syft@v0.17.0
+      - uses: sigstore/cosign-installer@v3.6.0
+      - uses: anchore/sbom-action/download-syft@v0.17.1
 
       - uses: docker/login-action@v3
         with:

diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml
@@ -23,8 +23,8 @@ jobs:
           go-version: "1.22.x"
           cache: true
 
-      - uses: sigstore/cosign-installer@v3.5.0
-      - uses: anchore/sbom-action/download-syft@v0.17.0
+      - uses: sigstore/cosign-installer@v3.6.0
+      - uses: anchore/sbom-action/download-syft@v0.17.1
 
       - uses: docker/login-action@v3
         with: