Bump sigstore/cosign/cosign from v2.6.1 to v3.0.2 in /builds (#1938)

dependabot[bot] · web-flow · commit 0ef4ac273267 · 2025-10-15T15:34:25.000+01:00
Bumps sigstore/cosign/cosign from v2.6.1 to v3.0.2.

---
updated-dependencies:
- dependency-name: sigstore/cosign/cosign
  dependency-version: v3.0.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
diff --git a/builds/Dockerfile b/builds/Dockerfile
@@ -1,5 +1,5 @@
 ARG STACK_VERSION="24"
-FROM ghcr.io/sigstore/cosign/cosign:v2.6.1@sha256:68839b7f13dac5a6744a5d8818e984dd39183374e37855c19e14d623d9bc9037 AS cosign
+FROM ghcr.io/sigstore/cosign/cosign:v3.0.2@sha256:b29487e48205d875c324c79583e2806d9d269c0fa299e0861bbec023d8430c8b AS cosign
 FROM heroku/heroku:${STACK_VERSION}-build
 
 ARG STACK_VERSION
