pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-19 00:56:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2656 from fosrl/dependabot/github_actions/sigstore/cosign-installer-4.1.0

Browse Source 
Bump sigstore/cosign-installer from 4.0.0 to 4.1.0
This commit is contained in:
Owen Schwartz
2026-03-18 15:25:31 -07:00
committed by GitHub
parent eb98374566 10349932f4
commit 67fab1928d
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/cicd.yml vendored
View File

@@ -415,7 +415,7 @@ jobs:
- name: Install cosign
# cosign is used to sign and verify container images (key and keyless)
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
- name: Dual-sign and verify (GHCR & Docker Hub)
# Sign each image by digest using keyless (OIDC) and key-based signing,

2
.github/workflows/mirror.yaml vendored
View File

@@ -23,7 +23,7 @@ jobs:
skopeo --version
- name: Install cosign
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
- name: Input check
run: |