Bump golang from 1.25-alpine to 1.26-alpine in the minor-updates group

Bumps the minor-updates group with 1 update: golang. Updates `golang` from 1.25-alpine to 1.26-alpine --- updated-dependencies: - dependency-name: golang dependency-version: 1.26-alpine dependency-type: direct:production dependency-group: minor-updates ... Signed-off-by: dependabot[bot] <support@github.com>
2026-03-10 12:46:40 +00:00 · 2026-02-11 21:07:01 +00:00
3 changed files with 3 additions and 3 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -108,7 +108,7 @@ jobs:

      - name: Install cosign
        # cosign is used to sign and verify container images (key and keyless)
-        uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0

      - name: Dual-sign and verify (GHCR & Docker Hub)
        # Sign each image by digest using keyless (OIDC) and key-based signing,
--- a/.github/workflows/mirror.yaml
+++ b/.github/workflows/mirror.yaml
@@ -23,7 +23,7 @@ jobs:
          skopeo --version

      - name: Install cosign
-        uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0

      - name: Input check
        run: |
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM golang:1.25-alpine AS builder
+FROM golang:1.26-alpine AS builder

 # Set the working directory inside the container
 WORKDIR /app