Skip to content

ci(deps): bump sigstore/cosign-installer from 3.7.0 to 3.10.1 in the github-actions group across 1 directory#12

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-ff9997e93d
Closed

ci(deps): bump sigstore/cosign-installer from 3.7.0 to 3.10.1 in the github-actions group across 1 directory#12
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-ff9997e93d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 1 update in the / directory: sigstore/cosign-installer.

Updates sigstore/cosign-installer from 3.7.0 to 3.10.1

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.10.1

What's Changed?

Note: cosign-installer v3.x cannot be used to install Cosign v3.x. You must upgrade to cosign-installer v4 in order to use Cosign v3.

Note: This is planned to be the final release of Cosign v2, though we will cut new releases for any critical security or bug fixes. We recommend transitioning to Cosign v3.

  • Bump default Cosign to v2.6.1 (#203)

v3.10.0

What's Changed

Full Changelog: sigstore/cosign-installer@v3.9.2...v3.10.0

v3.9.2

What's Changed

Full Changelog: sigstore/cosign-installer@v3.9.1...v3.9.2

v3.9.1

What's Changed

Full Changelog: sigstore/cosign-installer@v3.9.0...v3.9.1

v3.9.0

What's Changed

Full Changelog: sigstore/cosign-installer@v3...v3.9.0

v3.8.2

What's Changed

Full Changelog: sigstore/cosign-installer@v3...v3.8.2

v3.8.1

What's Changed

... (truncated)

Commits

@dependabot dependabot Bot added ci CI/CD dependencies Dependency updates labels Jun 28, 2026
@dependabot dependabot Bot requested a review from CardSorting as a code owner June 28, 2026 13:24
@dependabot dependabot Bot added dependencies Dependency updates ci CI/CD labels Jun 28, 2026
@github-actions

Copy link
Copy Markdown

Thanks for your first pull request to LUMI!

Please read CONTRIBUTING.md and ensure:

  • PR title uses Conventional Commits (feat:, fix:, docs:, …) — Dependabot PRs are exempt
  • CI is green (Tests, E2E, CodeQL)
  • Governed-execution changes preserve projection invariants (see PR template)

@github-actions github-actions Bot added size/size/XS and removed dependencies Dependency updates labels Jun 28, 2026
Bumps the github-actions group with 1 update in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from 3.7.0 to 3.10.1
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@dc72c7d...7e8b541)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title ci(deps): bump sigstore/cosign-installer from 3.7.0 to 3.10.1 in the github-actions group ci(deps): bump sigstore/cosign-installer from 3.7.0 to 3.10.1 in the github-actions group across 1 directory Jul 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-ff9997e93d branch from ca32ca7 to 23a4a07 Compare July 1, 2026 02:36
@dependabot @github

dependabot Bot commented on behalf of github Jul 5, 2026

Copy link
Copy Markdown
Contributor Author

Looks like sigstore/cosign-installer is updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 5, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-ff9997e93d branch July 5, 2026 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants