You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After investigating #289 and #292, we identified that the GHA's that install cosign and goreleaser might not do much besides only installing those binaries. We should investigate pulling them "by hand" and performing checksum validation in the pipeline. Additionally, add a workflow to keep them updated.
After investigating #289 and #292, we identified that the GHA's that install
cosignandgoreleasermight not do much besides only installing those binaries. We should investigate pulling them "by hand" and performing checksum validation in the pipeline. Additionally, add a workflow to keep them updated.