From b7f8709801c8ee80b5798c3eaf139fc02ccc453a Mon Sep 17 00:00:00 2001
From: Marc Ransome <marc.ransome@fidgetbox.co.uk>
Date: Sat, 23 Mar 2024 18:32:58 +0000
Subject: [PATCH] Pin SLSA reusable workflow using git tag

---
 .github/workflows/slsa.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/slsa.yml b/.github/workflows/slsa.yml
index 1260be1..8c91992 100644
--- a/.github/workflows/slsa.yml
+++ b/.github/workflows/slsa.yml
@@ -36,6 +36,6 @@ jobs:
       actions: read
       id-token: write
       contents: write
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@c747fe7769adf3656dc7d588b161cb614d7abfee # v1.10.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0 # Must specify version tag; see https://github.com/slsa-framework/slsa-verifier/issues/12
     with:
       base64-subjects: "${{ needs.build.outputs.hashes }}"