chore(deps): update dependency sigstore/cosign to v3.0.4

2026-02-03 20:05:36 +00:00
2 changed files with 3 additions and 3 deletions
--- a/.gitea/workflows/artifacthub-metadata.yaml
+++ b/.gitea/workflows/artifacthub-metadata.yaml
@@ -13,7 +13,7 @@ jobs:
    - uses: actions/checkout@v6.0.2
    - uses: sigstore/cosign-installer@v4.0.0
      with:
-        cosign-release: "v3.0.3" # renovate: datasource=github-tags depName=sigstore/cosign
+        cosign-release: "v3.0.4" # renovate: datasource=github-tags depName=sigstore/cosign
    - uses: docker/login-action@v3.7.0
      with:
        registry: git.cryptic.systems
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -19,7 +19,7 @@ jobs:
      run: apt-get update && apt-get install --yes curl
    - name: Install syft
      env:
-        SYFT_VERSION: "1.41.2" # renovate: datasource=github-releases depName=anchore/syft
+        SYFT_VERSION: "1.41.1" # renovate: datasource=github-releases depName=anchore/syft
      run: |
        OS="$(uname | tr '[:upper:]' '[:lower:]')"
        ARCH="$(dpkg --print-architecture)"
@@ -33,7 +33,7 @@ jobs:
        rm syft_${SYFT_VERSION}_${OS}_${ARCH}.deb
    - uses: sigstore/cosign-installer@v4.0.0
      with:
-        cosign-release: "v2.6.2" # renovate: datasource=github-tags depName=sigstore/cosign
+        cosign-release: "v3.0.4" # renovate: datasource=github-tags depName=sigstore/cosign
    - uses: docker/setup-qemu-action@v3.7.0
    - uses: docker/setup-buildx-action@v3.12.0
    - uses: actions/setup-go@v6.2.0