chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.1 in the ci-dependencies group
Closed
Number: #7
Type: Pull Request
State: Closed
Type: Pull Request
State: Closed
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: None
Comments: 1
dependabot[bot]Association: None
Comments: 1
Created:
June 24, 2025 at 01:24 AM UTC
(4 months ago)
(4 months ago)
Updated:
August 05, 2025 at 12:03 AM UTC
(3 months ago)
(3 months ago)
Closed:
August 05, 2025 at 12:03 AM UTC
(3 months ago)
(3 months ago)
Time to Close:
about 1 month
Labels:
dependencies github_actions
dependencies github_actions
Description:
Bumps the ci-dependencies group with 1 update: sigstore/cosign-installer.
Updates sigstore/cosign-installer from 3.8.2 to 3.9.1
Release notes
Sourced from sigstore/cosign-installer's releases.
v3.9.1
What's Changed
- default action install to use release v2.5.1 by
@cpanatoin sigstore/cosign-installer#193- default cosign to v2.5.2 by
@cpanatoin sigstore/cosign-installer#194Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1
v3.9.0
What's Changed
- Bump actions/setup-go from 5.4.0 to 5.5.0 by
@dependabotin sigstore/cosign-installer#189- bump cosign install to use release v2.5.0 as default by
@cpanatoin sigstore/cosign-installer#191Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3...v3.9.0
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
Pull Request Statistics
Commits:
1
1
Files Changed:
1
1
Additions:
+1
+1
Deletions:
-1
-1
Package Dependencies
Package:
sigstore/cosign-installer
Ecosystem:
actions
actions
Version Change:
3.8.2 → 3.9.1
Update Type:
Minor
Minor
Path:
the ci-dependencies group
Technical Details
| ID: | 2128547 |
| UUID: | 2613193486 |
| Node ID: | PR_kwDOOo3TXs6bwisO |
| Host: | GitHub |
| Repository: | Pavan-Notes/pavan-notes.github.io |
| Mergeable: | Yes |
| Merge State: | Clean |
| Rebaseable: | Yes |