v3.7.0

What's Changed

• Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #172
• bump for latest cosign v2.4.1 release by @bobcallaway in #173

Full Changelog: v3.6.0...v3.7.0

v3.6.0

What's Changed

• Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #161
• Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #162
• Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #163
• Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #164
• Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #165
• Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #166
• Bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #167
• pin public key used for verification by @bobcallaway in #169
• bump default version to v2.4.0 release by @bobcallaway in #168
• update readme for new release by @bobcallaway in #170

Full Changelog: v3...v3.6.0

v3.5.0

What's Changed

• Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #157
• use go 1.22 now by @bobcallaway in #160
• bump default version to v2.2.4, prep for v3.5.0 release by @bobcallaway in #159

Full Changelog: v3.4.0...v3.5.0

v3.4.0

What's Changed

• Use examples that work with multiple tags by @jkreileder in #155
• default co#stall to release v2.2.3 by @cpanato in #156

New Contributors

• @jkreileder made their first contribution in #155

Full Changelog: v3...v3.4.0

v3.3.0

What's Changed

• Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #152
• update action to use latest cosign v2.2.2 by @cpanato in #153

Full Changelog: v3.2.0...v3.3.0

v3.2.0

Note: This release comes with a fix for CVE-2023-46737 described in this Github Security Advisory. Please upgrade to this release ASAP

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

What's Changed

• Support the runner context of gitea act by @josedev-union in #147
• bump cosign to v2.2.1 by @cpanato in #148
• test with latest go version by @bobcallaway in #150

New Contributors

• @josedev-union made their first contribution in #147

Full Changelog: v3...v3.2.0

v3.1.2

What's Changed

• Fix build and push step Readme missing id by @hbenali in #138
• bump cosign to v2.2.0 by @cpanato in #142

New Contributors

• @hbenali made their first contribution in #138

Full Changelog: v3...v3.1.2

v3.1.1

What's Changed

• default cosign to v2.1.1 by @cpanato in #137

Full Changelog: v3.1.0...v3.1.1

v3.1.0

What's Changed

• update job to use latest action release by @cpanato in #130
• Update action example for keyless signing as xarg is not required by @jbtrystram in #132
• update examples by @cpanato in #133
• bump cosign to default to release v2.1.0 and update docs by @cpanato in #136

New Contributors

• @jbtrystram made their first contribution in #132

Full Changelog: v3.0.5...v3.1.0

v3.0.4

• Include fix for #124
• changes download URL for cosign binary to github.com instead of GCS