build(deps): bump sigstore/sigstore-conformance in the actions group … #3490

	name: Conformance Tests

	on:
	push:
	branches:
	- main
	workflow_dispatch:
	pull_request:
	schedule:
	- cron: "45 7 * * 1,4"

	permissions: {}

	jobs:
	conformance:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
	with:
	persist-credentials: false

	- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
	with:
	python-version: "3.x"
	cache: "pip"
	cache-dependency-path: pyproject.toml

	- name: install sigstore-python
	run: python -m pip install .

	- uses: sigstore/sigstore-conformance@b7856cfca56fe3f957d4cefdc2c359cc36a84e14 # v0.0.24
	with:
	entrypoint: ${{ github.workspace }}/test/integration/sigstore-python-conformance
	xfail: "test_verify*intoto-with-custom-trust-root]" # see issue 1442

	file-issue-on-failure:
	needs: [conformance]
	if: failure() && github.event_name == 'schedule' && github.repository == 'sigstore/sigstore-python'
	permissions:
	issues: write # required to file an issue
	runs-on: ubuntu-latest
	steps:
	- name: File an issue for conformance test failure
	uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	script: \|
	github.rest.issues.create({
	owner: context.repo.owner,
	repo: context.repo.repo,
	title: `[CI] Scheduled conformance test failed`,
	body: `
	A scheduled conformance test failed, see [run details](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}).
	`
	});

Provide feedback