From 30f96b7beb64cfd5a2f6ee674dda51667800b9be Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 10 Nov 2024 22:28:31 +0000 Subject: [PATCH] chore(gh-actions-deps): update actions/attest-build-provenance action to v1.4.4 in all dependant reusable workflows --- .github/workflows/_reusable-sbom-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/_reusable-sbom-scan.yml b/.github/workflows/_reusable-sbom-scan.yml index 68ccfd12..354f0038 100644 --- a/.github/workflows/_reusable-sbom-scan.yml +++ b/.github/workflows/_reusable-sbom-scan.yml @@ -24,7 +24,7 @@ jobs: with: format: spdx-json output-file: ${{ github.event.repository.name }}-sbom.spdx.json - - uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 + - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4 if: ${{ !(github.event.pull_request.head.repo.fork || github.event.workflow_call.pull_request.head.repo.fork) && !contains(fromJSON('["dependabot[bot]", "renovate[bot]"]'), github.actor) }} with: subject-path: ${{ github.event.repository.name }}-sbom.spdx.json