dependabot[bot]
118f564cf3
chore(deps): bump actions/cache from 4.2.3 to 4.2.4 ( #4119 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](5a3ec84eff...0400d5f644
2025-08-07 10:47:40 -04:00
dependabot[bot]
b59c902996
chore(deps): bump actions/cache in /.github/actions/bootstrap ( #4120 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](5a3ec84eff...0400d5f644
2025-08-07 10:47:25 -04:00
dependabot[bot]
801b21bb37
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 ( #4096 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.4 to 3.29.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4e828ff8d4...51f77329af
2025-07-30 14:29:07 -04:00
Alex Goodman
8a7302c5cf
migrate to get.anchore.io ( #4095 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-07-30 10:54:22 -04:00
dependabot[bot]
8b2c4a134e
chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 ( #4080 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.3 to 3.29.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d6bbdef45e...4e828ff8d4
2025-07-24 15:17:49 -04:00
dependabot[bot]
a192787d44
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 ( #4074 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.2 to 3.29.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](181d5eefc2...d6bbdef45e
2025-07-22 09:49:43 -04:00
dependabot[bot]
d5a562c368
chore(deps): bump anchore/sbom-action from 0.20.2 to 0.20.4 ( #4073 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.2 to 0.20.4.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](cee1b8e05a...7b36ad622f
2025-07-22 09:49:40 -04:00
Christopher Angelo Phillips
6f36b586ba
chore: update release workflow to persist credentials for git tag step ( #4069 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-07-21 19:23:14 +00:00
dependabot[bot]
af787d685c
chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 ( #4066 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](398d4b0eee...d58896d6a1
2025-07-21 13:06:59 -04:00
dependabot[bot]
0e5db45aad
chore(deps): bump marocchino/sticky-pull-request-comment ( #4063 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.3 to 2.9.4.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](d2ad0de260...773744901b
2025-07-17 09:27:02 -04:00
Will Murphy
9cda2de2ad
chore: lint gh actions with zizmor ( #4062 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-07-16 17:12:38 -04:00
dependabot[bot]
9cbd52bdd7
chore(deps): bump anchore/sbom-action from 0.20.1 to 0.20.2 ( #4048 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](9246b90769...cee1b8e05a
2025-07-03 15:00:51 -04:00
dependabot[bot]
b0b10acb40
chore(deps): bump marocchino/sticky-pull-request-comment ( #4019 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.2 to 2.9.3.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](67d0dec7b0...d2ad0de260
2025-06-30 17:58:32 -04:00
dependabot[bot]
b90028bd1f
chore(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.1 ( #4022 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.9.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-30 17:58:23 -04:00
dependabot[bot]
ba59f57bfe
chore(deps): bump github/codeql-action from 3.29.0 to 3.29.2 ( #4039 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.0 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ce28f5bb42...181d5eefc2
2025-06-30 17:17:20 -04:00
dependabot[bot]
b52b13c03c
chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0 ( #4015 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.2...v3.9.0 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.9.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-17 11:34:58 -04:00
dependabot[bot]
0b57d03958
chore(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1 ( #4008 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](e11c554f70...9246b90769
2025-06-16 11:15:37 -04:00
dependabot[bot]
c19558dd73
chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0 ( #4000 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.19 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](fca7ace96b...ce28f5bb42
2025-06-12 10:37:53 -04:00
Michael Briley
868a6a7584
Harden Container Runtime with Non-Root User ( #3941 )
...
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update .goreleaser.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update .goreleaser.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* use distroless/static-debian12:nonroot directly
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep manual manifest curation
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove qemu usage
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add smoke test for snapshot
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* split up manifests section with comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* correct ci step name
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix arch condition
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep path prefix
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-06-05 12:36:23 -04:00
dependabot[bot]
bb50f1650d
chore(deps): bump github/codeql-action from 3.28.18 to 3.28.19 ( #3952 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.18 to 3.28.19.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ff0a06e83c...fca7ace96b
2025-06-03 10:20:24 -04:00
Alex Goodman
2d4fe513ec
remove benchmark workflow ( #3906 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-16 11:08:43 -04:00
dependabot[bot]
945893847f
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 ( #3905 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.17 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](60168efe1c...ff0a06e83c
2025-05-16 14:16:11 +00:00
dependabot[bot]
5e25d52845
chore(deps): bump anchore/sbom-action from 0.19.0 to 0.20.0 ( #3899 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](9f73021414...e11c554f70
2025-05-15 10:23:20 -04:00
dependabot[bot]
99ef5accc7
chore(deps): bump actions/setup-go from 5.4.0 to 5.5.0 ( #3867 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0aaccfd150...d35c59abb0
2025-05-08 14:27:08 -04:00
dependabot[bot]
d634f1438b
chore(deps): bump actions/setup-go in /.github/actions/bootstrap ( #3868 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0aaccfd150...d35c59abb0
2025-05-08 14:26:57 -04:00
Alex Goodman
d47a6c3a6d
Improve support for cataloging nix package relationships ( #3837 )
...
* add nix DB cataloger
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add derivation path to nix store pkg metadata
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* go mod tidy
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* allow for derivation path to be optional
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* repin build image and disable syscall filtering
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump storage capacity
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* track nix derivation details on packages
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* image fixture should have derivation examples
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-05 15:35:13 +00:00
dependabot[bot]
3faf43d592
chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17 ( #3846 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.16 to 3.28.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-05 10:23:08 -04:00
dependabot[bot]
22d8b30813
chore(deps): bump anchore/sbom-action from 0.18.0 to 0.19.0 ( #3832 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](f325610c9f...9f73021414
2025-04-25 11:29:24 -04:00
dependabot[bot]
273d414b6b
chore(deps): bump sigstore/cosign-installer from 3.8.1 to 3.8.2 ( #3818 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.1...v3.8.2 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-23 11:27:08 -04:00
dependabot[bot]
0a0c2963f4
chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 ( #3819 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.15 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](45775bd823...28deaeda66
2025-04-23 11:25:42 -04:00
dependabot[bot]
2a409488a0
chore(deps): bump marocchino/sticky-pull-request-comment ( #3788 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.1 to 2.9.2.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](52423e0164...67d0dec7b0
2025-04-11 12:43:11 -04:00
dependabot[bot]
3b3943d2d6
chore(deps): bump github/codeql-action from 3.28.13 to 3.28.15 ( #3786 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.13 to 3.28.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...45775bd823
2025-04-08 14:03:06 -04:00
Alex Goodman
d033ad7de6
unpin go version in ci ( #3773 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-01 13:27:15 +00:00
dependabot[bot]
6d792aa9dd
chore(deps): bump 8398a7/action-slack from 3.16.2 to 3.18.0 ( #3767 )
...
Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack ) from 3.16.2 to 3.18.0.
- [Release notes](https://github.com/8398a7/action-slack/releases )
- [Commits](28ba43ae48...1750b5085f
2025-03-31 10:43:47 -04:00
Alex Goodman
ad9928cb2a
Merge the .NET deps.json and PE binary catalogers ( #3563 )
...
* add combined deps.json + pe binary cataloger
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* deprecate pe and deps standalone catalogers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* parse resource names + add tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix integration and CLI tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add some helpful code comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* allow for dropping Dep packages that are missing DLLs
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* migrate json schema changes to 24
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep application configuration
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* correct config help
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* [wip] detect claims of dlls within deps.json
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* [wip] fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add assembly repack detection
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* .net package count is lower due to dll claim requirement
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-03-27 14:38:16 -04:00
dependabot[bot]
dbe29ed4ab
chore(deps): bump github/codeql-action from 3.28.12 to 3.28.13 ( #3758 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.12 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5f8171a638...1b549b9259
2025-03-24 14:28:25 -04:00
dependabot[bot]
35d666b27d
chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2 ( #3750 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](4cec3d8aa0...ea165f8d65
2025-03-20 10:02:50 -04:00
dependabot[bot]
f1bc8f8a2a
chore(deps): bump actions/cache from 4.2.2 to 4.2.3 ( #3751 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](d4323d4df1...5a3ec84eff
2025-03-20 10:02:21 -04:00
dependabot[bot]
e986750cbc
chore(deps): bump actions/cache in /.github/actions/bootstrap ( #3752 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](d4323d4df1...5a3ec84eff
2025-03-20 10:02:05 -04:00
dependabot[bot]
be0959cabf
chore(deps): bump actions/setup-go in /.github/actions/bootstrap ( #3742 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f111f3307d...0aaccfd150
2025-03-19 13:46:54 -04:00
dependabot[bot]
78dc6f7546
chore(deps): bump actions/setup-go from 5.3.0 to 5.4.0 ( #3743 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f111f3307d...0aaccfd150
2025-03-19 13:46:51 -04:00
dependabot[bot]
071948f58e
chore(deps): bump github/codeql-action from 3.28.11 to 3.28.12 ( #3744 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.11 to 3.28.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](6bb031afdd...5f8171a638
2025-03-19 13:46:47 -04:00
dependabot[bot]
ae878f7dfd
chore(deps): bump docker/login-action from 3.3.0 to 3.4.0 ( #3733 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](9780b0c442...74a5d14239
2025-03-14 11:47:51 -04:00
Keith Zantow
9a2c2ad401
chore: upload individual binaries as artifacts ( #3714 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2025-03-13 12:15:13 -04:00
dependabot[bot]
c613476347
chore(deps): bump github/codeql-action from 3.28.10 to 3.28.11 ( #3716 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.10 to 3.28.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b56ba49b26...6bb031afdd
2025-03-11 14:08:54 -04:00
Keith Zantow
7571f8dfba
chore: updates for go 1.24.1 ( #3712 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2025-03-06 15:35:26 +00:00
dependabot[bot]
6e0cc6fe04
chore(deps): bump actions/cache from 4.2.1 to 4.2.2 ( #3698 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0c907a75c2...d4323d4df1
2025-03-06 09:03:48 -05:00
dependabot[bot]
2251b83315
chore(deps): bump actions/cache in /.github/actions/bootstrap ( #3699 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0c907a75c2...d4323d4df1
2025-03-06 09:03:44 -05:00
dependabot[bot]
705e59b107
chore(deps): bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 ( #3706 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.7 to 7.0.8.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](dd2324fc52...271a8d0340
2025-03-04 11:10:24 -05:00
dependabot[bot]
f44b709542
chore(deps): bump sigstore/cosign-installer from 3.8.0 to 3.8.1 ( #3675 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.0...v3.8.1 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-24 10:04:27 -05:00
