ci(deps): Bump sigstore/cosign-installer from f713795cb21599bc4e5c4b58cbad1da852d7eeb9 to 398d4b0eeef1380460a10c8013a76f728fb906ac in the sigstore group#51
Conversation
Bumps the sigstore group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `sigstore/cosign-installer` from f713795cb21599bc4e5c4b58cbad1da852d7eeb9 to 398d4b0eeef1380460a10c8013a76f728fb906ac - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@f713795...398d4b0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 398d4b0eeef1380460a10c8013a76f728fb906ac dependency-type: direct:production dependency-group: sigstore ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Closing as obsolete — the OpenSSF Scorecard hardening pass in PR #61 (commit |
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
1 participant
Bumps the sigstore group with 1 update: sigstore/cosign-installer.
Updates
sigstore/cosign-installerfrom f713795cb21599bc4e5c4b58cbad1da852d7eeb9 to 398d4b0eeef1380460a10c8013a76f728fb906acCommits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions