From 2c5b856ae7b67b50da66dffdc95259081f4f7ff0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 7 Aug 2023 16:34:51 -0400
Subject: [PATCH] chore(deps): bump sigstore/gh-action-sigstore-python from
 1.2.3 to 2.0.0 (#43500)

* chore(deps): bump sigstore/gh-action-sigstore-python from 1.2.3 to 2.0.0

Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 1.2.3 to 2.0.0.
- [Release notes](https://github.com/sigstore/gh-action-sigstore-python/releases)
- [Commits](https://github.com/sigstore/gh-action-sigstore-python/compare/v1.2.3...v2.0.0)

---
updated-dependencies:
- dependency-name: sigstore/gh-action-sigstore-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update release.yml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: William Woodruff <william@trailofbits.com>
---
 .github/workflows/release.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c41e862..d613161 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -32,8 +32,7 @@ jobs:
         uses: pypa/gh-action-pypi-publish@release/v1
 
       - name: sign
-        uses: sigstore/gh-action-sigstore-python@v1.2.3
+        uses: sigstore/gh-action-sigstore-python@v2.0.0
         with:
           inputs: ./dist/*.tar.gz ./dist/*.whl
           release-signing-artifacts: true
-          bundle-only: true