build(deps): bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 in /.github/workflows (#5159)

Bumps
[goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action)
from 7.0.0 to 7.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/goreleaser/goreleaser-action/releases">goreleaser/goreleaser-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: verify release checksum and cosign signature by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/550">goreleaser/goreleaser-action#550</a></li>
<li>docs: document cosign verification in README by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/553">goreleaser/goreleaser-action#553</a></li>
<li>docs: Upgrade import GPG action version by <a
href="https://github.com/flecno"><code>@​flecno</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/547">goreleaser/goreleaser-action#547</a></li>
<li>ci: drop docker-bake in favor of plain npm by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/551">goreleaser/goreleaser-action#551</a></li>
<li>ci: add release-major-tag workflow by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/552">goreleaser/goreleaser-action#552</a></li>
<li>ci: drop pre-cosign-v3 goreleaser versions from tests by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/554">goreleaser/goreleaser-action#554</a></li>
<li>ci(deps): bump the actions group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/543">goreleaser/goreleaser-action#543</a></li>
<li>ci(deps): bump the actions group with 5 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/546">goreleaser/goreleaser-action#546</a></li>
<li>chore(deps): bump undici from 6.23.0 to 6.24.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/545">goreleaser/goreleaser-action#545</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/flecno"><code>@​flecno</code></a> made
their first contribution in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/547">goreleaser/goreleaser-action#547</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0">https://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c"><code>e24998b</code></a>
ci: drop pre-cosign-v3 goreleaser versions from tests (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/554">#554</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/be2e8a39ba2f6daed623e98e8b6662f008cffc8d"><code>be2e8a3</code></a>
docs: document cosign verification in README (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/553">#553</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/5e53f8eea2783e9a9b5963dafae20a7e5320618c"><code>5e53f8e</code></a>
ci: add release-major-tag workflow (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/552">#552</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/4068afa2f0763491214b56d83686409cb4549b8c"><code>4068afa</code></a>
build: drop docker-bake in favor of plain npm (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/551">#551</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/213ec80f5629fd53743a07c81b86deb4c540955f"><code>213ec80</code></a>
docs: add CONTRIBUTING with pre-commit workflow</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/4b462d3d1d45d4d31bca90093b38fe2a060674ef"><code>4b462d3</code></a>
feat: verify release checksum and cosign signature (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/550">#550</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/01cbe076be10ba0af7b0b9319ac490a93d3d2fcd"><code>01cbe07</code></a>
docs: Upgrade import GPG action version (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/547">#547</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/2a473d70e30d651e68b912d1e1d86e01f3a558b4"><code>2a473d7</code></a>
ci(deps): bump the actions group with 5 updates (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/546">#546</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/fdcf0b9df926c8dd93d4e7f15c508dd346e09eb1"><code>fdcf0b9</code></a>
clean: leftover files from node 22(?)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/9881cc53763f713ec5df8d0f4ed575fa41085847"><code>9881cc5</code></a>
fix: use new static URL</li>
<li>Additional commits viewable in <a
href="https://github.com/goreleaser/goreleaser-action/compare/ec59f474b9834571250b370d4735c50f8e2d1e29...e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goreleaser/goreleaser-action&package-manager=github_actions&previous-version=7.0.0&new-version=7.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/release-build.yml

@@ -107,7 +107,7 @@ jobs:
 
       # Use --snapshot for branch builds (non-tag refs).
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0
+        uses: goreleaser/goreleaser-action@e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c # v7.1.0
         with:
           version: v2.14.3
           args: release ${{ !inputs.publish && '--skip=publish' || '' }} --config .workflow-actions/.goreleaser.yaml --skip=docker ${{ (!startsWith(github.ref, 'refs/tags/') && !inputs.tag) && '--snapshot' || '' }}