Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#1243)

dependabot[bot] · mickmis · web-flow · commit beb8c9a08b49 · 2025-11-25T14:03:52.000+01:00
Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
Co-authored-by: Mickaël Misbach &lt;mickael@misba.ch&gt;
diff --git a/.github/workflows/image-publish.yml b/.github/workflows/image-publish.yml
@@ -27,7 +27,9 @@ jobs:
 
     steps:
       - name: Install Cosign
-        uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62  # v3.10.0
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad  # v4.0.0
+        with:
+          cosign-release: 'v2.6.1'
       - name: Job information
         run: |
           echo "Job information"
