Bump github.com/updatecli/updatecli from 0.38.0 to 0.40.2

[dependabot]

Bumps github.com/updatecli/updatecli from 0.38.0 to 0.40.2.

Release notes

Sourced from github.com/updatecli/updatecli's releases.

v0.40.2

Changes

🚀 Features

• Use Cosign to sign Updatecli release assets @​olblak (#1041)

🧰 Maintenance

• chore(deps): Bump goreleaser/goreleaser-action from 3 to 4 @​dependabot (#1045)
• chore(deps): Bump updatecli/updatecli-action from 2.16.0 to 2.16.1 @​dependabot (#1040)
• chore(deps): Bump golang.org/x/oauth2 from 0.2.0 to 0.3.0 @​dependabot (#1031)

Contributors

@​dependabot, @​dependabot[bot], @​olblak, @​updateclibot and @​updateclibot[bot]

v0.40.1

Changes

🐛 Bug Fixes

• fix(actions) print the deprecation action's kind warning only once @​dduportal (#1037)

🧰 Maintenance

• chore(deps): Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.1 @​dependabot (#1032)

Contributors

@​dduportal, @​dependabot, @​dependabot[bot], @​olblak, @​updateclibot and @​updateclibot[bot]

v0.40.0

⚠️ Important

This release deprecates the top level configuration key "pullrequests" in favor of "actions" It's part of a major SCM refactoring started by @​dduportal. More information on updatecli/updatecli#465, and feedbacks are deeply appreciated.

Like all deprecated syntax in Updatecli, we usually have no ETA, it stays there until it becomes a blocker for a new feature or when we have enough time for code cleaning. But we already invite you to update to "actions" as soon as possible.

The change is only for the pullrequests

- pullrequests:
+ actions:
    prID1:
      scmid: default
-     kind: github
+     kind: github/pullrequest
</tr></table> 

... (truncated)

Commits

• 86493c1 Update release GA workflow
• 5b41dbf Remove gorelease release sandbox (#1046)
• 9939ebc chore(deps): Bump goreleaser/goreleaser-action from 3 to 4 (#1045)
• 74cd841 Add missing cosigin version patch number
• 0399f9e Install cosigin/syft in release-draft workflow
• 251bfb7 Use Cosign to sign Updatecli release assets (#1041)
• aae11a8 chore(deps): Bump updatecli/updatecli-action from 2.16.0 to 2.16.1 (#1040)
• 9f78ee5 chore(deps): Bump golang.org/x/oauth2 from 0.2.0 to 0.3.0 (#1031)
• fbf25de chore: Updated the content of the file "/tmp/updatecli/github/updatec... (#1038)
• e103eda fix(actions) print the deprecation action's kind warning only once (#1037)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)