mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-11 10:50:35 -05:00
[PR #2656] [MERGED] Bump sigstore/cosign-installer from 4.0.0 to 4.1.0 #22326
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/fosrl/pangolin/pull/2656
Author: @dependabot[bot]
Created: 3/16/2026
Status: ✅ Merged
Merged: 3/18/2026
Merged by: @oschwartz10612
Base:
main← Head:dependabot/github_actions/sigstore/cosign-installer-4.1.0📝 Commits (1)
1034993Bump sigstore/cosign-installer from 4.0.0 to 4.1.0📊 Changes
2 files changed (+2 additions, -2 deletions)
View changed files
📝
.github/workflows/cicd.yml(+1 -1)📝
.github/workflows/mirror.yaml(+1 -1)📄 Description
Bumps sigstore/cosign-installer from 4.0.0 to 4.1.0.
Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
ba7bc0afix: add retry to curl downloads for transient network failures (#210)5a292e1Bump cosign to 3.0.5 (#220)351ea76Bump actions/checkout from 6.0.1 to 6.0.2 (#217)c17565ftest with go 1.26 too (#221)a6fdd19Bump actions/setup-go from 6.1.0 to 6.3.0 (#218)430b6a7docs: fix registry from gcr.io to ghcr.io (#213)4d14d7ffeat: update to v3.0.3 (#212)f148005fix: use env vars for template expansions; show curl errors (#207)c3f2d79Bump actions/checkout from 6.0.0 to 6.0.1 (#208)b9a9af4drop tests with go1.24 as it cant build (#211)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.