sigstore/cosign-installer (sigstore/cosign-installer)
### [`v3.7.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.7.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0)
#### What's Changed
- Bump actions/checkout from 4.1.7 to 4.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/172](https://redirect.github.com/sigstore/cosign-installer/pull/172)
- bump for latest cosign v2.4.1 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/173](https://redirect.github.com/sigstore/cosign-installer/pull/173)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0
### [`v3.6.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.6.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.5.0...v3.6.0)
#### What's Changed
- Bump actions/checkout from 4.1.2 to 4.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/161](https://redirect.github.com/sigstore/cosign-installer/pull/161)
- Bump actions/checkout from 4.1.3 to 4.1.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/162](https://redirect.github.com/sigstore/cosign-installer/pull/162)
- Bump actions/setup-go from 5.0.0 to 5.0.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/163](https://redirect.github.com/sigstore/cosign-installer/pull/163)
- Bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/164](https://redirect.github.com/sigstore/cosign-installer/pull/164)
- Bump actions/checkout from 4.1.5 to 4.1.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/165](https://redirect.github.com/sigstore/cosign-installer/pull/165)
- Bump actions/checkout from 4.1.6 to 4.1.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/166](https://redirect.github.com/sigstore/cosign-installer/pull/166)
- Bump actions/setup-go from 5.0.1 to 5.0.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/167](https://redirect.github.com/sigstore/cosign-installer/pull/167)
- pin public key used for verification by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/169](https://redirect.github.com/sigstore/cosign-installer/pull/169)
- bump default version to v2.4.0 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/168](https://redirect.github.com/sigstore/cosign-installer/pull/168)
- update readme for new release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/170](https://redirect.github.com/sigstore/cosign-installer/pull/170)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.6.0
### [`v3.5.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.5.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0)
#### What's Changed
- Bump actions/checkout from 4.1.1 to 4.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/157](https://redirect.github.com/sigstore/cosign-installer/pull/157)
- use go 1.22 now by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/160](https://redirect.github.com/sigstore/cosign-installer/pull/160)
- bump default version to v2.2.4, prep for v3.5.0 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/159](https://redirect.github.com/sigstore/cosign-installer/pull/159)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0
### [`v3.4.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.4.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0)
#### What's Changed
- Use examples that work with multiple tags by [@jkreileder](https://redirect.github.com/jkreileder) in [https://github.com/sigstore/cosign-installer/pull/155](https://redirect.github.com/sigstore/cosign-installer/pull/155)
- default cosign install to release v2.2.3 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/156](https://redirect.github.com/sigstore/cosign-installer/pull/156)
#### New Contributors
- [@jkreileder](https://redirect.github.com/jkreileder) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/155](https://redirect.github.com/sigstore/cosign-installer/pull/155)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.4.0
### [`v3.3.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.3.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)
#### What's Changed
- Bump actions/setup-go from 4.1.0 to 5.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/152](https://redirect.github.com/sigstore/cosign-installer/pull/152)
- update action to use latest cosign v2.2.2 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/153](https://redirect.github.com/sigstore/cosign-installer/pull/153)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0
### [`v3.2.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.2.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)
**Note: This release comes with a fix for CVE-2023-46737 described in this [Github Security Advisory](https://redirect.github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9). Please upgrade to this release ASAP**
see https://github.com/sigstore/cosign/releases/tag/v2.2.1
#### What's Changed
- Support the runner context of gitea act by [@josedev-union](https://redirect.github.com/josedev-union) in [https://github.com/sigstore/cosign-installer/pull/147](https://redirect.github.com/sigstore/cosign-installer/pull/147)
- bump cosign to v2.2.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/148](https://redirect.github.com/sigstore/cosign-installer/pull/148)
- test with latest go version by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/150](https://redirect.github.com/sigstore/cosign-installer/pull/150)
#### New Contributors
- [@josedev-union](https://redirect.github.com/josedev-union) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/147](https://redirect.github.com/sigstore/cosign-installer/pull/147)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0
### [`v3.1.2`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.2)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)
#### What's Changed
- Fix build and push step Readme missing id by [@hbenali](https://redirect.github.com/hbenali) in [https://github.com/sigstore/cosign-installer/pull/138](https://redirect.github.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/142](https://redirect.github.com/sigstore/cosign-installer/pull/142)
#### New Contributors
- [@hbenali](https://redirect.github.com/hbenali) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/138](https://redirect.github.com/sigstore/cosign-installer/pull/138)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.1.2
### [`v3.1.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.1)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)
#### What's Changed
- default cosign to v2.1.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/137](https://redirect.github.com/sigstore/cosign-installer/pull/137)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1
### [`v3.1.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0)
#### What's Changed
- update job to use latest action release by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/130](https://redirect.github.com/sigstore/cosign-installer/pull/130)
- Update action example for keyless signing as xarg is not required by [@jbtrystram](https://redirect.github.com/jbtrystram) in [https://github.com/sigstore/cosign-installer/pull/132](https://redirect.github.com/sigstore/cosign-installer/pull/132)
- update examples by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/133](https://redirect.github.com/sigstore/cosign-installer/pull/133)
- bump cosign to default to release v2.1.0 and update docs by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/136](https://redirect.github.com/sigstore/cosign-installer/pull/136)
#### New Contributors
- [@jbtrystram](https://redirect.github.com/jbtrystram) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/132](https://redirect.github.com/sigstore/cosign-installer/pull/132)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0
### [`v3.0.5`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.5)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5)
#### What's Changed
- download cosign releases from GitHub rather than GCS by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/126](https://redirect.github.com/sigstore/cosign-installer/pull/126)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5
### [`v3.0.4`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.4)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.3...v3.0.4)
- Include fix for [https://github.com/sigstore/cosign-installer/pull/124](https://redirect.github.com/sigstore/cosign-installer/pull/124)
- changes download URL for `cosign` binary to github.com instead of GCS
### [`v3.0.3`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.3)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3)
#### What's Changed
- bump to cosign v2.0.2 by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/119](https://redirect.github.com/sigstore/cosign-installer/pull/119)
- changes download URL for `cosign` binary to github.com instead of GCS
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3
### [`v3.0.2`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.2)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.1...v3.0.2)
#### What's Changed
- add --yes to example workflow by [@sebhoss](https://redirect.github.com/sebhoss) in [https://github.com/sigstore/cosign-installer/pull/110](https://redirect.github.com/sigstore/cosign-installer/pull/110)
- Fix aarch64 action run by [@ananos](https://redirect.github.com/ananos) in [https://github.com/sigstore/cosign-installer/pull/113](https://redirect.github.com/sigstore/cosign-installer/pull/113)
- Bump actions/checkout from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/115](https://redirect.github.com/sigstore/cosign-installer/pull/115)
- Bump actions/setup-go from 3.5.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/114](https://redirect.github.com/sigstore/cosign-installer/pull/114)
- Bump actions/checkout from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/116](https://redirect.github.com/sigstore/cosign-installer/pull/116)
- default cosign to v2.0.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/117](https://redirect.github.com/sigstore/cosign-installer/pull/117)
- changes download URL for `cosign` binary to github.com instead of GCS
#### New Contributors
- [@sebhoss](https://redirect.github.com/sebhoss) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/110](https://redirect.github.com/sigstore/cosign-installer/pull/110)
- [@ananos](https://redirect.github.com/ananos) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/113](https://redirect.github.com/sigstore/cosign-installer/pull/113)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.0.2
### [`v3.0.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.1)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1)
#### What's Changed
- make cosign v2.0.0 default version by [@developer-guy](https://redirect.github.com/developer-guy) in [https://github.com/sigstore/cosign-installer/pull/109](https://redirect.github.com/sigstore/cosign-installer/pull/109)
- changes download URL for `cosign` binary to github.com instead of GCS
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1
### [`v3.0.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.0)
### Breaking change
Cosign v2 has some breaking changes. Please check those: https://blog.sigstore.dev/cosign-2-0-released/
#### What's Changed
- test: add logs when downloading the public keys by [@hectorj2f](https://redirect.github.com/hectorj2f) in [https://github.com/sigstore/cosign-installer/pull/106](https://redirect.github.com/sigstore/cosign-installer/pull/106)
- Add support to install v2 and any other cosign release candidate by [@hectorj2f](https://redirect.github.com/hectorj2f) in [https://github.com/sigstore/cosign-installer/pull/105](https://redirect.github.com/sigstore/cosign-installer/pull/105)
- v2.0.0 release by [@sabre1041](https://redirect.github.com/sabre1041) in [https://github.com/sigstore/cosign-installer/pull/108](https://redirect.github.com/sigstore/cosign-installer/pull/108)
- changes download URL for `cosign` binary to github.com instead of GCS
#### New Contributors
- [@hectorj2f](https://redirect.github.com/hectorj2f) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/106](https://redirect.github.com/sigstore/cosign-installer/pull/106)
- [@sabre1041](https://redirect.github.com/sabre1041) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/108](https://redirect.github.com/sigstore/cosign-installer/pull/108)
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0
### [`v2.8.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v2.8.1)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.8.0...v2.8.1)
#### What's Changed
- bump cosign install to use release v1.13.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/98](https://redirect.github.com/sigstore/cosign-installer/pull/98)
- changes download URL for `cosign` binary to github.com instead of GCS
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1
### [`v2.8.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v2.8.0)
[Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0)
#### What's Changed
- bump cosign to v1.13.0 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/95](https://redirect.github.com/sigstore/cosign-installer/pull/95)
- changes download URL for `cosign` binary to github.com instead of GCS
**Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v2.7.0->v3.7.0Release Notes
sigstore/cosign-installer (sigstore/cosign-installer)
### [`v3.7.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.7.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0) #### What's Changed - Bump actions/checkout from 4.1.7 to 4.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/172](https://redirect.github.com/sigstore/cosign-installer/pull/172) - bump for latest cosign v2.4.1 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/173](https://redirect.github.com/sigstore/cosign-installer/pull/173) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0 ### [`v3.6.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.6.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.5.0...v3.6.0) #### What's Changed - Bump actions/checkout from 4.1.2 to 4.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/161](https://redirect.github.com/sigstore/cosign-installer/pull/161) - Bump actions/checkout from 4.1.3 to 4.1.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/162](https://redirect.github.com/sigstore/cosign-installer/pull/162) - Bump actions/setup-go from 5.0.0 to 5.0.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/163](https://redirect.github.com/sigstore/cosign-installer/pull/163) - Bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/164](https://redirect.github.com/sigstore/cosign-installer/pull/164) - Bump actions/checkout from 4.1.5 to 4.1.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/165](https://redirect.github.com/sigstore/cosign-installer/pull/165) - Bump actions/checkout from 4.1.6 to 4.1.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/166](https://redirect.github.com/sigstore/cosign-installer/pull/166) - Bump actions/setup-go from 5.0.1 to 5.0.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/167](https://redirect.github.com/sigstore/cosign-installer/pull/167) - pin public key used for verification by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/169](https://redirect.github.com/sigstore/cosign-installer/pull/169) - bump default version to v2.4.0 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/168](https://redirect.github.com/sigstore/cosign-installer/pull/168) - update readme for new release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/170](https://redirect.github.com/sigstore/cosign-installer/pull/170) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.6.0 ### [`v3.5.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.5.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0) #### What's Changed - Bump actions/checkout from 4.1.1 to 4.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/157](https://redirect.github.com/sigstore/cosign-installer/pull/157) - use go 1.22 now by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/160](https://redirect.github.com/sigstore/cosign-installer/pull/160) - bump default version to v2.2.4, prep for v3.5.0 release by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/159](https://redirect.github.com/sigstore/cosign-installer/pull/159) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0 ### [`v3.4.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.4.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0) #### What's Changed - Use examples that work with multiple tags by [@jkreileder](https://redirect.github.com/jkreileder) in [https://github.com/sigstore/cosign-installer/pull/155](https://redirect.github.com/sigstore/cosign-installer/pull/155) - default cosign install to release v2.2.3 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/156](https://redirect.github.com/sigstore/cosign-installer/pull/156) #### New Contributors - [@jkreileder](https://redirect.github.com/jkreileder) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/155](https://redirect.github.com/sigstore/cosign-installer/pull/155) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.4.0 ### [`v3.3.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.3.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0) #### What's Changed - Bump actions/setup-go from 4.1.0 to 5.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/152](https://redirect.github.com/sigstore/cosign-installer/pull/152) - update action to use latest cosign v2.2.2 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/153](https://redirect.github.com/sigstore/cosign-installer/pull/153) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0 ### [`v3.2.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.2.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0) **Note: This release comes with a fix for CVE-2023-46737 described in this [Github Security Advisory](https://redirect.github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9). Please upgrade to this release ASAP** see https://github.com/sigstore/cosign/releases/tag/v2.2.1 #### What's Changed - Support the runner context of gitea act by [@josedev-union](https://redirect.github.com/josedev-union) in [https://github.com/sigstore/cosign-installer/pull/147](https://redirect.github.com/sigstore/cosign-installer/pull/147) - bump cosign to v2.2.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/148](https://redirect.github.com/sigstore/cosign-installer/pull/148) - test with latest go version by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/150](https://redirect.github.com/sigstore/cosign-installer/pull/150) #### New Contributors - [@josedev-union](https://redirect.github.com/josedev-union) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/147](https://redirect.github.com/sigstore/cosign-installer/pull/147) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0 ### [`v3.1.2`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.2) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2) #### What's Changed - Fix build and push step Readme missing id by [@hbenali](https://redirect.github.com/hbenali) in [https://github.com/sigstore/cosign-installer/pull/138](https://redirect.github.com/sigstore/cosign-installer/pull/138) - bump cosign to v2.2.0 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/142](https://redirect.github.com/sigstore/cosign-installer/pull/142) #### New Contributors - [@hbenali](https://redirect.github.com/hbenali) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/138](https://redirect.github.com/sigstore/cosign-installer/pull/138) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.1.2 ### [`v3.1.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.1) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1) #### What's Changed - default cosign to v2.1.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/137](https://redirect.github.com/sigstore/cosign-installer/pull/137) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1 ### [`v3.1.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.1.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0) #### What's Changed - update job to use latest action release by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/130](https://redirect.github.com/sigstore/cosign-installer/pull/130) - Update action example for keyless signing as xarg is not required by [@jbtrystram](https://redirect.github.com/jbtrystram) in [https://github.com/sigstore/cosign-installer/pull/132](https://redirect.github.com/sigstore/cosign-installer/pull/132) - update examples by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/133](https://redirect.github.com/sigstore/cosign-installer/pull/133) - bump cosign to default to release v2.1.0 and update docs by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/136](https://redirect.github.com/sigstore/cosign-installer/pull/136) #### New Contributors - [@jbtrystram](https://redirect.github.com/jbtrystram) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/132](https://redirect.github.com/sigstore/cosign-installer/pull/132) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0 ### [`v3.0.5`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.5) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5) #### What's Changed - download cosign releases from GitHub rather than GCS by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/126](https://redirect.github.com/sigstore/cosign-installer/pull/126) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5 ### [`v3.0.4`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.4) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.3...v3.0.4) - Include fix for [https://github.com/sigstore/cosign-installer/pull/124](https://redirect.github.com/sigstore/cosign-installer/pull/124) - changes download URL for `cosign` binary to github.com instead of GCS ### [`v3.0.3`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.3) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3) #### What's Changed - bump to cosign v2.0.2 by [@bobcallaway](https://redirect.github.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/119](https://redirect.github.com/sigstore/cosign-installer/pull/119) - changes download URL for `cosign` binary to github.com instead of GCS **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3 ### [`v3.0.2`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.2) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.1...v3.0.2) #### What's Changed - add --yes to example workflow by [@sebhoss](https://redirect.github.com/sebhoss) in [https://github.com/sigstore/cosign-installer/pull/110](https://redirect.github.com/sigstore/cosign-installer/pull/110) - Fix aarch64 action run by [@ananos](https://redirect.github.com/ananos) in [https://github.com/sigstore/cosign-installer/pull/113](https://redirect.github.com/sigstore/cosign-installer/pull/113) - Bump actions/checkout from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/115](https://redirect.github.com/sigstore/cosign-installer/pull/115) - Bump actions/setup-go from 3.5.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/114](https://redirect.github.com/sigstore/cosign-installer/pull/114) - Bump actions/checkout from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/116](https://redirect.github.com/sigstore/cosign-installer/pull/116) - default cosign to v2.0.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/117](https://redirect.github.com/sigstore/cosign-installer/pull/117) - changes download URL for `cosign` binary to github.com instead of GCS #### New Contributors - [@sebhoss](https://redirect.github.com/sebhoss) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/110](https://redirect.github.com/sigstore/cosign-installer/pull/110) - [@ananos](https://redirect.github.com/ananos) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/113](https://redirect.github.com/sigstore/cosign-installer/pull/113) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3...v3.0.2 ### [`v3.0.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.1) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1) #### What's Changed - make cosign v2.0.0 default version by [@developer-guy](https://redirect.github.com/developer-guy) in [https://github.com/sigstore/cosign-installer/pull/109](https://redirect.github.com/sigstore/cosign-installer/pull/109) - changes download URL for `cosign` binary to github.com instead of GCS **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1 ### [`v3.0.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.0.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.0) ### Breaking change Cosign v2 has some breaking changes. Please check those: https://blog.sigstore.dev/cosign-2-0-released/ #### What's Changed - test: add logs when downloading the public keys by [@hectorj2f](https://redirect.github.com/hectorj2f) in [https://github.com/sigstore/cosign-installer/pull/106](https://redirect.github.com/sigstore/cosign-installer/pull/106) - Add support to install v2 and any other cosign release candidate by [@hectorj2f](https://redirect.github.com/hectorj2f) in [https://github.com/sigstore/cosign-installer/pull/105](https://redirect.github.com/sigstore/cosign-installer/pull/105) - v2.0.0 release by [@sabre1041](https://redirect.github.com/sabre1041) in [https://github.com/sigstore/cosign-installer/pull/108](https://redirect.github.com/sigstore/cosign-installer/pull/108) - changes download URL for `cosign` binary to github.com instead of GCS #### New Contributors - [@hectorj2f](https://redirect.github.com/hectorj2f) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/106](https://redirect.github.com/sigstore/cosign-installer/pull/106) - [@sabre1041](https://redirect.github.com/sabre1041) made their first contribution in [https://github.com/sigstore/cosign-installer/pull/108](https://redirect.github.com/sigstore/cosign-installer/pull/108) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0 ### [`v2.8.1`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v2.8.1) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.8.0...v2.8.1) #### What's Changed - bump cosign install to use release v1.13.1 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/98](https://redirect.github.com/sigstore/cosign-installer/pull/98) - changes download URL for `cosign` binary to github.com instead of GCS **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1 ### [`v2.8.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v2.8.0) [Compare Source](https://redirect.github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0) #### What's Changed - bump cosign to v1.13.0 by [@cpanato](https://redirect.github.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/95](https://redirect.github.com/sigstore/cosign-installer/pull/95) - changes download URL for `cosign` binary to github.com instead of GCS **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.