From 966f3c249b9d32c9ac2dc99e518c827cea347b6e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 14:48:25 +0200 Subject: [PATCH] Bump actions/attest-build-provenance from 1.2.0 to 1.3.1 (#130) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fa745ff..8f276c9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -97,7 +97,7 @@ jobs: - if: ${{ inputs.artifact-action == 'build-release' }} name: "Attest artifact" - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0 + uses: actions/attest-build-provenance@534b352d658f90498fd148d231fdbf88f3886a3a # v1.3.1 with: subject-path: | dist/*.tar.gz @@ -180,7 +180,7 @@ jobs: - if: ${{ inputs.image-action == 'build-release' }} name: "Attest image" - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0 + uses: actions/attest-build-provenance@534b352d658f90498fd148d231fdbf88f3886a3a # v1.3.1 with: subject-name: "${{ env.REGISTRY }}/${{ steps.build-image.outputs.image }}" subject-digest: ${{ steps.push-image.outputs.digest }}