chore(actions): update sigstore/cosign-installer action (v4.0.0 → v4.1.0) (#508 )

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
chore(actions): update anchore/sbom-action action (v0.20.0 → v0.23.1) (#507 )
2026-03-11 14:57:49 +00:00 · 2026-03-11 03:57:33 +00:00 · 2026-03-11 01:34:03 +02:00
2 changed files with 2 additions and 2 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -54,7 +54,7 @@ jobs:
      contents: write
    steps:
      - uses: actions/checkout@71cf2267d89c5cb81562390fa70a37fa40b1305e # v6-beta
-      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
+      - uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
        with:
          format: cyclonedx-json
          output-file: sbom.cdx.json
--- a/docker-build/action.yml
+++ b/docker-build/action.yml
@@ -563,7 +563,7 @@ runs:
    - name: Install Cosign
      if: inputs.sign-image == 'true' && inputs.push == 'true' && inputs.dry-run != 'true'
-      uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+      uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
    - name: Sign Image
      id: sign