build(deps): bump the actions-updates group across 1 directory with 3 updates (#165)

dependabot[bot] · web-flow · commit 1b799bb00524 · 2026-04-02T15:24:58.000-04:00
Bumps the actions-updates group with 3 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/cache](https://github.com/actions/cache) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `step-security/harden-runner` from 2.15.0 to 2.16.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@v2.15.0...fa2e9d6) Updates `actions/cache` from 5.0.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v5.0.3...6682284) Updates `sigstore/cosign-installer` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@ba7bc0a...cad07c2) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-updates - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates - dependency-name: sigstore/cosign-installer dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/cache-refresh.yml b/.github/workflows/cache-refresh.yml
@@ -20,7 +20,7 @@ jobs:
       matrix: ${{ steps.list.outputs.matrix }}
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
       - name: list ccache entries
@@ -46,20 +46,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: audit
       - name: restore ccache
         id: restore
-        uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.2
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
         with:
           path: ~/.cache/kernel-ccache
           key: "${{ matrix.entry.prefix }}-${{ github.run_id }}"
           restore-keys: |
             ${{ matrix.entry.prefix }}-
       - name: save ccache
         if: steps.restore.outputs.cache-matched-key != ''
-        uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.2
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
         with:
           path: ~/.cache/kernel-ccache
           key: "${{ matrix.entry.prefix }}-${{ github.run_id }}"
diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml
@@ -71,7 +71,7 @@ jobs:
         with:
           submodules: recursive
       - name: install cosign
-        uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
       - name: docker setup linux-kernel-oci
         run: sudo python3 ./hack/build/docker-setup.py
       - name: docker setup buildx
