From ddfd972fcaea56a6bbc2b0b0f25d3df5c9a15c9f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 May 2026 17:56:44 +0000
Subject: [PATCH] Bump sigstore/cosign/cosign from v3.0.5 to v3.0.6 in /builds

Bumps sigstore/cosign/cosign from v3.0.5 to v3.0.6.

---
updated-dependencies:
- dependency-name: sigstore/cosign/cosign
  dependency-version: v3.0.6
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 builds/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/builds/Dockerfile b/builds/Dockerfile
index 44bfb88c8..5a17355ce 100644
--- a/builds/Dockerfile
+++ b/builds/Dockerfile
@@ -1,5 +1,5 @@
 ARG STACK_VERSION="24"
-FROM ghcr.io/sigstore/cosign/cosign:v3.0.5@sha256:be924970ba7438c22e18067dec5637946d6566eac711f5bedd1584e7137008fb AS cosign
+FROM ghcr.io/sigstore/cosign/cosign:v3.0.6@sha256:de9c65609e6bde17e6b48de485ee788407c9502fa08b8f4459f595b21f56cd00 AS cosign
 FROM heroku/heroku:${STACK_VERSION}-build
 
 ARG STACK_VERSION