From 9216db84ee70b3a76dce5db9c873f2c3f284737a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 04:22:23 +0000 Subject: [PATCH] build(deps): Bump actions/attest-build-provenance Bumps the github-actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 1.4.4 to 2.0.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/ef244123eb79f2f7a7e75d99086184180e6d0018...619dbb2e03e0189af0c55118e7d3c5e129e99726) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/c_release.yml | 2 +- .github/workflows/multibuild.yaml | 2 +- .github/workflows/python-sshnpd-build-publish.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/c_release.yml b/.github/workflows/c_release.yml index cdbac53cb..43d287be6 100644 --- a/.github/workflows/c_release.yml +++ b/.github/workflows/c_release.yml @@ -243,7 +243,7 @@ jobs: working-directory: tarballs run: | echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT" - - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 + - uses: actions/attest-build-provenance@619dbb2e03e0189af0c55118e7d3c5e129e99726 # v2.0.0 with: subject-path: "tarballs/**" diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml index f5f357c0b..313b6e5e9 100644 --- a/.github/workflows/multibuild.yaml +++ b/.github/workflows/multibuild.yaml @@ -335,7 +335,7 @@ jobs: working-directory: tarballs run: | echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT" - - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 + - uses: actions/attest-build-provenance@619dbb2e03e0189af0c55118e7d3c5e129e99726 # v2.0.0 with: subject-path: "tarballs/**" diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml index e7bb96b72..7e150cbfa 100644 --- a/.github/workflows/python-sshnpd-build-publish.yml +++ b/.github/workflows/python-sshnpd-build-publish.yml @@ -145,7 +145,7 @@ jobs: run: | echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT" - name: Attest the release artifacts - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 + uses: actions/attest-build-provenance@619dbb2e03e0189af0c55118e7d3c5e129e99726 # v2.0.0 with: subject-path: 'dist/**' - name: Upload artifact signatures to GitHub Release