build(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.3

[dependabot[bot]]

Bumps sigstore/cosign-installer from 2.8.1 to 3.0.3.

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.0.3

What's Changed

• bump to cosign v2.0.2 by @​bobcallaway in sigstore/cosign-installer#119

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3

v3.0.2

What's Changed

• add --yes to example workflow by @​sebhoss in sigstore/cosign-installer#110
• Fix aarch64 action run by @​ananos in sigstore/cosign-installer#113
• Bump actions/checkout from 3.3.0 to 3.4.0 by @​dependabot in sigstore/cosign-installer#115
• Bump actions/setup-go from 3.5.0 to 4.0.0 by @​dependabot in sigstore/cosign-installer#114
• Bump actions/checkout from 3.4.0 to 3.5.0 by @​dependabot in sigstore/cosign-installer#116
• default cosign to v2.0.1 by @​cpanato in sigstore/cosign-installer#117

New Contributors

• @​sebhoss made their first contribution in sigstore/cosign-installer#110
• @​ananos made their first contribution in sigstore/cosign-installer#113

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3...v3.0.2

v3.0.1

What's Changed

• make cosign v2.0.0 default version by @​developer-guy in sigstore/cosign-installer#109

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1

v3.0.0

Breaking change

Cosign v2 has some breaking changes. Please check those: https://blog.sigstore.dev/cosign-2-0-released/

What's Changed

• test: add logs when downloading the public keys by @​hectorj2f in sigstore/cosign-installer#106
• Add support to install v2 and any other cosign release candidate by @​hectorj2f in sigstore/cosign-installer#105
• v2.0.0 release by @​sabre1041 in sigstore/cosign-installer#108

New Contributors

• @​hectorj2f made their first contribution in sigstore/cosign-installer#106
• @​sabre1041 made their first contribution in sigstore/cosign-installer#108

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0

Commits

• 204a51a bump to cosign v2.0.2 (#119)
• 66dd3f3 Bump actions/checkout from 3.5.0 to 3.5.2 (#118)
• 9e9de22 default cosign to v2.0.1 (#117)
• 8348525 Bump actions/checkout from 3.4.0 to 3.5.0 (#116)
• 00bf136 Bump actions/setup-go from 3.5.0 to 4.0.0 (#114)
• a153265 Bump actions/checkout from 3.3.0 to 3.4.0 (#115)
• ca922a5 Fix aarch64 action run (#113)
• bd2d118 add --yes to example workflow (#110)
• c3667d9 make cosign v2.0.0 default version (#109)
• 77560e3 v2.0.0 release (#108)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #313.