Bump github.com/sigstore/rekor from 1.3.7 to 1.3.8

[dependabot]

Bumps github.com/sigstore/rekor from 1.3.7 to 1.3.8.

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.8

Changelog

Please see https://github.com/sigstore/rekor/blob/main/CHANGELOG.md for changes included in this release.

New Contributors

• @​sgpinkus made their first contribution in sigstore/rekor#2322
• @​dnwe made their first contribution in sigstore/rekor#2325

Full Changelog: sigstore/rekor@v1.3.7...v1.3.8

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.8

Bug Fixes

• fix zizmor issues (#2298)
• remove unneeded value in log message (#2282)

Quality Enhancements

• chore: relax go directive to permit 1.22.x
• fetch minisign from homebrew instead of custom ppa (#2329)
• fix(ci): simplify GOVERSION extraction
• chore(deps): bump actions pins to latest
• Updates go and golangci-lint (#2302)
• update builder to use go1.23.4 (#2301)
• clean up spaces
• log request body on 500 error to aid debugging (#2283)

Contributors

• Appu Goundan
• Bob Callaway
• Carlos Tadeu Panato Junior
• Dominic Evans
• sgpinkus

Commits

• 88b5ce5 add changelog for v1.3.8 (#2331)
• 1e9cdae chore: relax go directive to permit 1.22.x
• dcad58c build(deps): Bump google.golang.org/api from 0.214.0 to 0.216.0 (#2328)
• 1082f48 build(deps): Bump the all group with 11 updates (#2327)
• 362ccea build(deps): Bump google/cloud-sdk from 504.0.1 to 505.0.0 (#2326)
• c505919 fetch minisign from homebrew instead of custom ppa (#2329)
• 280c8c1 fix(ci): simplify GOVERSION extraction
• 7bf4b21 chore(deps): bump actions pins to latest
• 513c30e Update types.md (#2322)
• 8f7b5a0 build(deps): Bump sigs.k8s.io/release-utils from 0.8.5 to 0.9.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)