chore(deps): Bump github.com/sigstore/protobuf-specs from 0.3.2 to 0.3.3

[dependabot]

Bumps github.com/sigstore/protobuf-specs from 0.3.2 to 0.3.3.

Changelog

Sourced from github.com/sigstore/protobuf-specs's changelog.

0.3.3

• Allowed specifying artifact digest for verification (#406
• Added version to SigningConfig message (#383

Changed

• Docs: Clarify that integration time is only trustworthy with a Signed Entry Timestamp (#442
• Docs: Clarify inclusion promise requirement (#380
• Docs: Clarify that artifact digest verification should not be used with in-toto attestations (#461

Commits

• dadc81e Add warning when verifying with artifact digest (#461)
• 22f84aa gen: bump patch versions for v0.3.3 (#463)
• 6ad0fad Add changelog for v0.3.3 (#462)
• 1e0daec build(deps): bump softprops/action-gh-release from 2.2.0 to 2.2.1 (#458)
• 7d16e8c build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2 (#459)
• 6d7dc79 build(deps): bump com.diffplug.spotless from 7.0.0 to 7.0.1 in /java (#460)
• 0893628 build(deps): bump alpine from 21dc606 to b97e2a8 (#456)
• a00cfe9 build(deps): bump com.diffplug.spotless from 6.25.0 to 7.0.0 in /java (#457)
• e04a14b build(deps): bump ruby/setup-ruby from 1.206.0 to 1.207.0 (#455)
• 27b9f3c build(deps): bump ruby/setup-ruby from 1.205.0 to 1.206.0 (#454)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)