Bump the actions group with 2 updates

[dependabot]

Bumps the actions group with 2 updates: actions/setup-go and kubernetes-sigs/release-actions.

Updates actions/setup-go from 6.3.0 to 6.4.0

Release notes

Sourced from actions/setup-go's releases.

v6.4.0

What's Changed

Enhancement

• Add go-download-base-url input for custom Go distributions by @​gdams in actions/setup-go#721

Dependency update

• Upgrade minimatch from 3.1.2 to 3.1.5 by @​dependabot in actions/setup-go#727

Documentation update

• Rearrange README.md, add advanced-usage.md by @​priyagupta108 in actions/setup-go#724
• Fix Microsoft build of Go link by @​gdams in actions/setup-go#734

New Contributors

• @​gdams made their first contribution in actions/setup-go#721

Full Changelog: actions/setup-go@v6...v6.4.0

Commits

• 4a36011 docs: fix Microsoft build of Go link (#734)
• 8f19afc feat: add go-download-base-url input for custom Go distributions (#721)
• 27fdb26 Bump minimatch from 3.1.2 to 3.1.5 (#727)
• def8c39 Rearrange README.md, add advanced-usage.md (#724)
• See full diff in compare view

Updates kubernetes-sigs/release-actions from 0.4.0 to 0.4.2

Release notes

Sourced from kubernetes-sigs/release-actions's releases.

v0.4.2

What's Changed

• Bump actions/setup-go from 6.3.0 to 6.4.0 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#151
• Bump actions/setup-go from 6.3.0 to 6.4.0 in /publish-release in the actions group across 1 directory by @​dependabot[bot] in kubernetes-sigs/release-actions#152
• Bump tejolote to v0.4.7 and switch to bundle verification by @​saschagrunert in kubernetes-sigs/release-actions#153
• Add fallback for legacy cosign verification in setup-tejolote by @​saschagrunert in kubernetes-sigs/release-actions#154

Full Changelog: kubernetes-sigs/release-actions@v0.4.1...v0.4.2

v0.4.1

What's Changed

• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 in /publish-release by @​dependabot[bot] in kubernetes-sigs/release-actions#128
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 in /setup-zeitgeist by @​dependabot[bot] in kubernetes-sigs/release-actions#132
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 in /setup-bom by @​dependabot[bot] in kubernetes-sigs/release-actions#129
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 in /setup-release-notes by @​dependabot[bot] in kubernetes-sigs/release-actions#130
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 in /setup-tejolote by @​dependabot[bot] in kubernetes-sigs/release-actions#131
• Bump tejolote to v0.4.3 by @​puerco in kubernetes-sigs/release-actions#133
• Bump actions/checkout from 5.0.0 to 5.0.1 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#134
• Bump actions/setup-go from 6.0.0 to 6.1.0 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#135
• Bump actions/setup-go from 6.0.0 to 6.1.0 in /publish-release in the actions group across 1 directory by @​dependabot[bot] in kubernetes-sigs/release-actions#136
• Bump actions/checkout from 5.0.1 to 6.0.0 by @​dependabot[bot] in kubernetes-sigs/release-actions#137
• Bump actions/checkout from 6.0.0 to 6.0.1 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#138
• Bump actions/setup-go from 6.1.0 to 6.2.0 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#139
• Bump actions/setup-go from 6.1.0 to 6.2.0 in /publish-release in the actions group across 1 directory by @​dependabot[bot] in kubernetes-sigs/release-actions#140
• Bump actions/checkout from 6.0.1 to 6.0.2 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#141
• Bump actions/setup-go from 6.2.0 to 6.3.0 in /publish-release in the actions group across 1 directory by @​dependabot[bot] in kubernetes-sigs/release-actions#143
• Bump actions/setup-go from 6.2.0 to 6.3.0 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#142
• Sync SECURITY_CONTACTS by @​saschagrunert in kubernetes-sigs/release-actions#144
• Add release-engineering aliases to OWNERS and OWNERS_ALIASES by @​saschagrunert in kubernetes-sigs/release-actions#145
• Bump the actions group across 5 directories with 1 update by @​dependabot[bot] in kubernetes-sigs/release-actions#146
• Bump dorny/paths-filter from 3.0.2 to 4.0.0 by @​dependabot[bot] in kubernetes-sigs/release-actions#147
• Bump dorny/paths-filter from 4.0.0 to 4.0.1 in the ghactions group by @​dependabot[bot] in kubernetes-sigs/release-actions#148
• Bump the actions group across 5 directories with 1 update by @​dependabot[bot] in kubernetes-sigs/release-actions#149
• Update to latest versions by @​puerco in kubernetes-sigs/release-actions#150

Full Changelog: kubernetes-sigs/release-actions@v0.4.0...v0.4.1

Commits

• cbe0488 Merge pull request #154 from saschagrunert/fix/tejolote-cosign-compat
• 4ada117 Add fallback for legacy cosign verification in setup-tejolote
• 8a76d49 Merge pull request #153 from saschagrunert/bump/tejolote-v0.4.7
• b576e7c Bump tejolote to v0.4.7 and switch to bundle verification
• cc0abf0 Merge pull request #152 from kubernetes-sigs/dependabot/github_actions/publis...
• ce088f8 Bump actions/setup-go
• 04c9e03 Merge pull request #151 from kubernetes-sigs/dependabot/github_actions/ghacti...
• ff3dc6a Bump actions/setup-go from 6.3.0 to 6.4.0 in the ghactions group
• ab33480 Merge pull request #150 from puerco/bump-tejolote
• b1f9c44 Update to latest versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions