fix(deps): update module github.com/sigstore/fulcio to v1.8.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/sigstore/fulcio	v1.7.1 -> v1.8.1

---

Release Notes

sigstore/fulcio (github.com/sigstore/fulcio)

v1.8.1

Compare Source

Same as v1.8.0, but with a fix for the CI build pipeline.

v1.8.0

Compare Source

Bug Fixes

• fix: K8s API does not accept unauthorized requests (#​2111)
• fix: vault for enterprise expects only the key name (#​2117)
• fix(config): respect cacert on oidc-issuers (#​2098)
• Register /healthz endpoint when listening on duplex http/grpc port (#​2046)

Features

• feat: adds cert loading and key-match validation. (#​2173)
• expose gcp kms retry and timeout options (#​2132)
• server: Use warning log level for client errors (#​2147)
• Add workflow to periodically validate OIDC issuers (#​2188)
• Add Chainguard issuer (#​2078)
• Add logging for template error (#​2194)
• Add extension for deployment environment (#​2190)

Removal

• Remove cmd/create_tink_keyset (#​2096)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: image/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 19 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.24.0 -> 1.24.6
github.com/sigstore/sigstore	v1.9.5 -> v1.9.6-0.20250729224751-181c5d3339b3
github.com/sirupsen/logrus	v1.9.3 -> v1.9.4-0.20230606125235-dd1b4c2e81af
github.com/coreos/go-oidc/v3	v3.14.1 -> v3.16.0
github.com/go-jose/go-jose/v4	v4.0.5 -> v4.1.3
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/prometheus/client_golang	v1.22.0 -> v1.23.2
github.com/prometheus/common	v0.63.0 -> v0.67.2
github.com/prometheus/procfs	v0.15.1 -> v0.16.1
github.com/sergi/go-diff	v1.3.2-0.20230802210424-5b0b94c5c0d3 -> v1.4.0
github.com/sigstore/protobuf-specs	v0.4.1 -> v0.5.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.61.0 -> v0.63.0
go.opentelemetry.io/otel	v1.36.0 -> v1.38.0
go.opentelemetry.io/otel/metric	v1.36.0 -> v1.38.0
go.opentelemetry.io/otel/trace	v1.36.0 -> v1.38.0
golang.org/x/net	v0.45.0 -> v0.46.0
google.golang.org/genproto/googleapis/api	v0.0.0-20250414145226-207652e42e2e -> v0.0.0-20250929231259-57b25ae835d4
google.golang.org/genproto/googleapis/rpc	v0.0.0-20250414145226-207652e42e2e -> v0.0.0-20251022142026-3a174f9686a8
google.golang.org/grpc	v1.72.2 -> v1.76.0
google.golang.org/protobuf	v1.36.9 -> v1.36.10