From 78b14ae3c797d896a2a70703954a68c762591c34 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 15 Oct 2025 13:26:13 +0000
Subject: [PATCH] Bump sigstore/cosign/cosign from v2.6.1 to v3.0.2 in /builds

Bumps sigstore/cosign/cosign from v2.6.1 to v3.0.2.

---
updated-dependencies:
- dependency-name: sigstore/cosign/cosign
  dependency-version: v3.0.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 builds/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/builds/Dockerfile b/builds/Dockerfile
index e9f0703fc..531dfbd26 100644
--- a/builds/Dockerfile
+++ b/builds/Dockerfile
@@ -1,5 +1,5 @@
 ARG STACK_VERSION="24"
-FROM ghcr.io/sigstore/cosign/cosign:v2.6.1@sha256:68839b7f13dac5a6744a5d8818e984dd39183374e37855c19e14d623d9bc9037 AS cosign
+FROM ghcr.io/sigstore/cosign/cosign:v3.0.2@sha256:b29487e48205d875c324c79583e2806d9d269c0fa299e0861bbec023d8430c8b AS cosign
 FROM heroku/heroku:${STACK_VERSION}-build
 
 ARG STACK_VERSION