Skip to content

Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 #5

Bump sigstore/cosign-installer from 3.4.0 to 3.5.0

Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 #5

---
name: Dependency Review
on:
pull_request:
types:
- edited
- opened
- reopened
- synchronize
permissions: {}
jobs:
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
id: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Dependency Review
uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3
with:
fail-on-severity: critical