CGA-qvxm-h9rg-2h8x

Remediating this vulnerability requires upgrading github.com/sigstore/timestamp-authority from v1.2.5 to v2.0.3. github.com/sigstore/timestamp-authority is a transitive dependency and attempting to upgrade results in build failures. See open issue upstream: https://github.com/ko-build/ko/issues/1587