From 13e4c87f596155e07b071f3eb79507591c783ded Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Oct 2025 06:08:47 +0000
Subject: [PATCH] build(deps): bump alpine from 3.19 to 3.22 in /images/crane

Bumps alpine from 3.19 to 3.22.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: '3.22'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 images/crane/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/images/crane/Dockerfile b/images/crane/Dockerfile
index 4156bb5..d4dc6c6 100644
--- a/images/crane/Dockerfile
+++ b/images/crane/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.19 AS crane
+FROM alpine:3.22 AS crane
 ARG VERSION=0.17.0
 # RUN apk add --no-cache go && go install github.com/slsa-framework/slsa-verifier/cli/slsa-verifier@v1.3.1
 RUN ARCH=$(uname -m) OS=$(uname) && \
@@ -7,7 +7,7 @@ RUN ARCH=$(uname -m) OS=$(uname) && \
     # ~/go/bin/slsa-verifier -artifact-path go-containerregistry.tar.gz -provenance provenance.intoto.jsonl -source github.com/google/go-containerregistry -tag "v${VERSION}" && \
     tar xvzf go-containerregistry.tar.gz -C /bin
 
-FROM alpine:3.19
+FROM alpine:3.22
 COPY --from=crane /bin/crane /bin/crane
 RUN apk add --no-cache bash tar