From c5368c6086fbe31292088f3fcecba73141c96642 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 13 Mar 2026 04:12:27 +0000
Subject: [PATCH] chore(deps): bump the github-actions-dependencies group
 across 3 directories with 2 updates

Bumps the github-actions-dependencies group with 1 update in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).
Bumps the github-actions-dependencies group with 1 update in the /actions/docker/build-image directory: [int128/docker-build-cache-config-action](https://github.com/int128/docker-build-cache-config-action).
Bumps the github-actions-dependencies group with 1 update in the /actions/docker/sign-images directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/faadad0cce49287aee09b3a48701e75088a2c6ad...ba7bc0a3fef59531c69a25acd34668d6d3fe6f22)

Updates `int128/docker-build-cache-config-action` from 1.47.0 to 1.48.0
- [Release notes](https://github.com/int128/docker-build-cache-config-action/releases)
- [Commits](https://github.com/int128/docker-build-cache-config-action/compare/3a4a4fababc091be29633e5a2b3bbf523996802a...e9137bc69df98d2aeb47c8cb6e78e8ab2f13abb7)

Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/faadad0cce49287aee09b3a48701e75088a2c6ad...ba7bc0a3fef59531c69a25acd34668d6d3fe6f22)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: int128/docker-build-cache-config-action
  dependency-version: 1.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 ..._test-workflow-docker-build-images-platforms-and-signing.yml | 2 +-
 actions/docker/build-image/action.yml                           | 2 +-
 actions/docker/sign-images/action.yml                           | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/__test-workflow-docker-build-images-platforms-and-signing.yml b/.github/workflows/__test-workflow-docker-build-images-platforms-and-signing.yml
index 979f98c2..ade42fd9 100644
--- a/.github/workflows/__test-workflow-docker-build-images-platforms-and-signing.yml
+++ b/.github/workflows/__test-workflow-docker-build-images-platforms-and-signing.yml
@@ -234,7 +234,7 @@ jobs:
     steps:
       - name: Install cosign
         if: matrix.sign
-        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+        uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
 
       - name: Verify image signature
         if: matrix.sign
diff --git a/actions/docker/build-image/action.yml b/actions/docker/build-image/action.yml
index c66ae5b3..7a5cab9a 100644
--- a/actions/docker/build-image/action.yml
+++ b/actions/docker/build-image/action.yml
@@ -275,7 +275,7 @@ runs:
 
     # Caching setup
     - id: cache-arguments
-      uses: int128/docker-build-cache-config-action@3a4a4fababc091be29633e5a2b3bbf523996802a # v1.47.0
+      uses: int128/docker-build-cache-config-action@e9137bc69df98d2aeb47c8cb6e78e8ab2f13abb7 # v1.48.0
       with:
         image: ${{ steps.get-docker-config.outputs.cache-image }}
         flavor: ${{ steps.get-docker-config.outputs.cache-flavor }}
diff --git a/actions/docker/sign-images/action.yml b/actions/docker/sign-images/action.yml
index 700d2fd9..6e95ffea 100644
--- a/actions/docker/sign-images/action.yml
+++ b/actions/docker/sign-images/action.yml
@@ -39,7 +39,7 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+    - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
 
     - name: Sign the images with GitHub OIDC Token
       uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0