chore(deps-dev): update sigstore/cosign-installer action to v4 #1006

	name: pr-actions

	permissions: {}

	on:
	pull_request:
	branches:
	- 'master'

	jobs:
	ensure-sha-pinned:
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
	- name: Ensure SHA pinned actions
	uses: zgosalvez/github-actions-ensure-sha-pinned-actions@fc87bb5b5a97953d987372e74478de634726b3e5 # v3.0.25
	with:
	# slsa-github-generator requires using a semver tag for reusable workflows.
	# See: https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
	allowlist: \|
	slsa-framework/slsa-github-generator

Provide feedback