diff --git a/.github/workflows/_reusable-sbom-scan.yml b/.github/workflows/_reusable-sbom-scan.yml index 68ccfd12..354f0038 100644 --- a/.github/workflows/_reusable-sbom-scan.yml +++ b/.github/workflows/_reusable-sbom-scan.yml @@ -24,7 +24,7 @@ jobs: with: format: spdx-json output-file: ${{ github.event.repository.name }}-sbom.spdx.json - - uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 + - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 if: ${{ !(github.event.pull_request.head.repo.fork || github.event.workflow_call.pull_request.head.repo.fork) && !contains(fromJSON('["dependabot[bot]", "renovate[bot]"]'), github.actor) }} with: subject-path: ${{ github.event.repository.name }}-sbom.spdx.json