From 582268cd652d934b321162f9f569d9f8c2de0b23 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 21 Oct 2025 01:47:43 +0000
Subject: [PATCH] deps: update GitHub action dependencies

---
 .github/actions/build_cli/action.yml      | 2 +-
 .github/actions/container_sbom/action.yml | 2 +-
 .github/workflows/codeql.yml              | 4 ++--
 .github/workflows/draft-release.yml       | 2 +-
 .github/workflows/scorecard.yml           | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/actions/build_cli/action.yml b/.github/actions/build_cli/action.yml
index a7ec47b8d..0d8298102 100644
--- a/.github/actions/build_cli/action.yml
+++ b/.github/actions/build_cli/action.yml
@@ -77,7 +77,7 @@ runs:
 
     - name: Install Cosign
       if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
-      uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0
+      uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
 
     - name: Install Rekor
       if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
diff --git a/.github/actions/container_sbom/action.yml b/.github/actions/container_sbom/action.yml
index b46f161d1..99dd4877c 100644
--- a/.github/actions/container_sbom/action.yml
+++ b/.github/actions/container_sbom/action.yml
@@ -19,7 +19,7 @@ runs:
   steps:
     - name: Install Cosign
       if: inputs.cosignPublicKey != '' && inputs.cosignPrivateKey != '' && inputs.cosignPassword != ''
-      uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0
+      uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
 
     - name: Download Syft & Grype
       uses: ./.github/actions/install_syft_grype
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 381366400..e9ba26695 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -44,7 +44,7 @@ jobs:
           cache: false
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
+        uses: github/codeql-action/init@42213152a85ae7569bdb6bec7bcd74cd691bfe41 # v3.30.9
         with:
           languages: ${{ matrix.language }}
 
@@ -63,6 +63,6 @@ jobs:
           echo "::endgroup::"
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
+        uses: github/codeql-action/analyze@42213152a85ae7569bdb6bec7bcd74cd691bfe41 # v3.30.9
         with:
           category: "/language:${{ matrix.language }}"
diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml
index fd5131d8d..b5f2f8e33 100644
--- a/.github/workflows/draft-release.yml
+++ b/.github/workflows/draft-release.yml
@@ -261,7 +261,7 @@ jobs:
           ref: ${{ inputs.ref || github.head_ref }}
 
       - name: Install Cosign
-        uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0
+        uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
 
       - name: Download Syft & Grype
         uses: ./.github/actions/install_syft_grype
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index be6913f3d..ed998dc50 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -37,6 +37,6 @@ jobs:
           retention-days: 5
 
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8
+        uses: github/codeql-action/upload-sarif@42213152a85ae7569bdb6bec7bcd74cd691bfe41 # v3.30.9
         with:
           sarif_file: results.sarif