From 818ea6ca2376ac58ef2eac497bb9cc6593ca5377 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 30 Aug 2024 16:27:36 +0000
Subject: [PATCH] build(deps): Bump the actions group across 1 directory with 2
 updates

Bumps the actions group with 2 updates in the / directory: [actions/setup-python](https://github.com/actions/setup-python) and [google-github-actions/auth](https://github.com/google-github-actions/auth).


Updates `actions/setup-python` from 5.0.0 to 5.2.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...f677139bbe7f9c59b41e40162b753c062f5d49a3)

Updates `google-github-actions/auth` from 2.1.4 to 2.1.5
- [Release notes](https://github.com/google-github-actions/auth/releases)
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/auth/compare/f112390a2df9932162083945e46d439060d66ec2...62cf5bd3e4211a0a0b51f2c6d6a37129d828611d)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/custom-test.yml   | 2 +-
 .github/workflows/deploy-to-gcs.yml | 2 +-
 .github/workflows/lint.yml          | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/custom-test.yml b/.github/workflows/custom-test.yml
index 8d6580a0..86d049b2 100644
--- a/.github/workflows/custom-test.yml
+++ b/.github/workflows/custom-test.yml
@@ -19,7 +19,7 @@ jobs:
   sigstore-python:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
         with:
           python-version: '3.11'
 
diff --git a/.github/workflows/deploy-to-gcs.yml b/.github/workflows/deploy-to-gcs.yml
index e9596b60..228de963 100644
--- a/.github/workflows/deploy-to-gcs.yml
+++ b/.github/workflows/deploy-to-gcs.yml
@@ -23,7 +23,7 @@ jobs:
           tar --directory repository -xvf artifact.tar
 
       # NOTE: This gcloud project/account is NOT the tuf-on-ci online signing account
-      - uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2 # v2.1.4
+      - uses: google-github-actions/auth@62cf5bd3e4211a0a0b51f2c6d6a37129d828611d # v2.1.5
         with:
           token_format: access_token
           workload_identity_provider: projects/306323169285/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index ef563fbd..868e4a83 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -25,7 +25,7 @@ jobs:
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: Set up Python
-        uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
+        uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
         with:
           python-version: 3.8
       - env: