🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3

[dependabot]

Bumps github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3.

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.4.3

Features

• Bump sigstore/sigstore to support KMS plugins (#4073)
• Enable fetching signatures without remote get. (#4047)
• Feat/file flag completion improvements (#4028)
• Update builder to use go1.23.6 (#4052)

Bug Fixes

• fix parsing error in --only for cosign copy (#4049)

Cleanup

• Refactor verifyNewBundle into library function (#4013)
• fix comment typo and imports order (#4061)
• sync comment with parameter name in function signature (#4063)
• sort properly Go imports (#4071)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Dmitry Savintsev
• Hayden B
• Tomasz Janiszewski
• Ville Skyttä

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.4.3

Features

• Bump sigstore/sigstore to support KMS plugins (#4073)
• Enable fetching signatures without remote get. (#4047)
• Feat/file flag completion improvements (#4028)
• Update builder to use go1.23.6 (#4052)

Bug Fixes

• fix parsing error in --only for cosign copy (#4049)

Cleanup

• Refactor verifyNewBundle into library function (#4013)
• fix comment typo and imports order (#4061)
• sync comment with parameter name in function signature (#4063)
• sort properly Go imports (#4071)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Dmitry Savintsev
• Hayden B
• Tomasz Janiszewski
• Ville Skyttä

Commits

• 6a7abbf chore(deps): bump the gomod group across 1 directory with 4 updates (#4074)
• 0b69cc5 chore(deps): bump github.com/buildkite/agent/v3 from 3.91.0 to 3.92.1 (#4066)
• 3564b3e chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4065)
• d6aeeb2 Enable fetching signatures without remote get. (#4047)
• 26d0ee5 Bump sigstore/sigstore to support KMS plugins (#4073)
• 5181623 chore(deps): bump golangci/golangci-lint-action in the actions group (#4070)
• c1b1a78 chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#4067)
• a0b20b7 sort properly Go imports (#4071)
• b4be5f7 chore(deps): bump google.golang.org/api from 0.220.0 to 0.221.0 (#4068)
• 01fde81 sync comment with parameter name in function signature (#4063)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @spencerschrock.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[spencerschrock]

@dependabot squash and merge