chore(deps): update konflux references main

[red-hat-konflux]

This PR contains the following updates:

Package	Change
quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta (source, changelog)	0e6324e → 7e84b01
quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan (source, changelog)	237c54b → c78924d
quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta (source, changelog)	c4ef47e → e5319fc
quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta (source, changelog)	bdd187c → ba08e3b
quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta (source, changelog)	90efa58 → 99cc372

---

Configuration

📅 Schedule: Branch creation - Between 05:00 AM and 11:59 PM, only on Saturday ( * 5-23 * * 6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: red-hat-konflux[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: red-hat-konflux[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: b032b3a0-894a-48ea-a587-f890568330f5

📥 Commits

Reviewing files that changed from the base of the PR and between 80fc2da and 7157ae0.

📒 Files selected for processing (2)

• .tekton/openshift-mcp-server-main-pull-request.yaml
• .tekton/openshift-mcp-server-main-push.yaml

---

📝 Walkthrough

Walkthrough

Two Tekton PipelineRun YAML files are updated to bump the pinned sha256 digests for five task bundle references: task-prefetch-dependencies-oci-ta, task-sast-snyk-check-oci-ta, task-sast-shell-check-oci-ta, task-sast-unicode-check-oci-ta, and task-rpms-signature-scan. No pipeline logic or configuration changes.

Changes

Tekton Task Bundle Digest Update

Layer / File(s)	Summary
Task bundle digest updates across both PipelineRuns .tekton/openshift-mcp-server-main-pull-request.yaml, .tekton/openshift-mcp-server-main-push.yaml	SHA256 digests for five taskRef.bundle entries (task-prefetch-dependencies-oci-ta, task-sast-snyk-check-oci-ta, task-sast-shell-check-oci-ta, task-sast-unicode-check-oci-ta, task-rpms-signature-scan) are replaced with new values in both PipelineRun manifests. No other fields are modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐇 Hop hop, the digests are fresh today,
Five bundles pinned in a brand new way,
SHA sums swapped with a flick of the paw,
No logic changed — just hashes, that's all!
The pipeline runs on without a flaw. 🌿

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating Konflux task references in the main branch, which is exactly what the PR does across both Tekton pipeline files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/references/main

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

@red-hat-konflux[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.