mirror of
https://github.com/edera-dev/sprout.git
synced 2026-03-21 22:40:17 +00:00
chore(deps): bump actions/attest-build-provenance (#65)
Bumps the actions-updates group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).
Updates `actions/attest-build-provenance` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](00014ed6ed...96278af6ca)
---
updated-dependencies:
- dependency-name: actions/attest-build-provenance
dependency-version: 3.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot]
GitHub
2
.github/workflows/publish.yml
vendored
2
.github/workflows/publish.yml
vendored
@@ -49,7 +49,7 @@ jobs:
|
||||
path: target/assemble/*
|
||||
|
||||
- name: 'attest artifacts'
|
||||
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
|
||||
uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
|
||||
with:
|
||||
subject-name: artifacts.zip
|
||||
subject-digest: "sha256:${{ steps.upload.outputs.artifact-digest }}"
|
||||
|
||||
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
@@ -42,7 +42,7 @@ jobs:
|
||||
run: ./hack/assemble.sh
|
||||
|
||||
- name: 'attest release artifacts'
|
||||
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
|
||||
uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
|
||||
with:
|
||||
subject-path: target/assemble/*
|
||||
|
||||
|
||||
Reference in New Issue
Block a user