chore(deps): bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 in the dependencies group

[dependabot]

Bumps the dependencies group with 1 update: goreleaser/goreleaser-action.

Updates goreleaser/goreleaser-action from 7.0.0 to 7.1.0

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.1.0

What's Changed

• feat: verify release checksum and cosign signature by @​caarlos0 in goreleaser/goreleaser-action#550
• docs: document cosign verification in README by @​caarlos0 in goreleaser/goreleaser-action#553
• docs: Upgrade import GPG action version by @​flecno in goreleaser/goreleaser-action#547
• ci: drop docker-bake in favor of plain npm by @​caarlos0 in goreleaser/goreleaser-action#551
• ci: add release-major-tag workflow by @​caarlos0 in goreleaser/goreleaser-action#552
• ci: drop pre-cosign-v3 goreleaser versions from tests by @​caarlos0 in goreleaser/goreleaser-action#554
• ci(deps): bump the actions group with 2 updates by @​dependabot[bot] in goreleaser/goreleaser-action#543
• ci(deps): bump the actions group with 5 updates by @​dependabot[bot] in goreleaser/goreleaser-action#546
• chore(deps): bump undici from 6.23.0 to 6.24.1 by @​dependabot[bot] in goreleaser/goreleaser-action#545

New Contributors

• @​flecno made their first contribution in goreleaser/goreleaser-action#547

Full Changelog: goreleaser/goreleaser-action@v7...v7.1.0

Commits

• e24998b ci: drop pre-cosign-v3 goreleaser versions from tests (#554)
• be2e8a3 docs: document cosign verification in README (#553)
• 5e53f8e ci: add release-major-tag workflow (#552)
• 4068afa build: drop docker-bake in favor of plain npm (#551)
• 213ec80 docs: add CONTRIBUTING with pre-commit workflow
• 4b462d3 feat: verify release checksum and cosign signature (#550)
• 01cbe07 docs: Upgrade import GPG action version (#547)
• 2a473d7 ci(deps): bump the actions group with 5 updates (#546)
• fdcf0b9 clean: leftover files from node 22(?)
• 9881cc5 fix: use new static URL
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Copilot]

Pull request overview

This PR updates the GitHub Actions workflow to use the newer goreleaser/goreleaser-action release, keeping the release/test pipelines up-to-date while continuing to pin actions by commit SHA.

Changes:

• Bump goreleaser/goreleaser-action from v7.0.0 to v7.1.0 (pinned SHA updated).
• Apply the bump in both the “Test Release Process” and “Run GoReleaser” (tagged release) jobs.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.