Skip to content

Commit 52293a3

Browse files
dependabot[bot]dependabot[bot]
authored
--- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: slsa-framework/slsa-github-generator dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci ... Signed-off-by: dependabot[bot] <[email protected]>
1 parent 6289f8e commit 52293a3

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

.github/workflows/push-ld.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
packages: write
1818
steps:
1919
- uses: actions/checkout@v4
20-
- uses: sigstore/cosign-installer@v3.4.0
20+
- uses: sigstore/cosign-installer@v3.5.0
2121
- name: Prepare
2222
id: prep
2323
run: |

.github/workflows/release.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
with:
3434
go-version: 1.22.x
3535
- uses: fluxcd/flux2/action@main
36-
- uses: sigstore/cosign-installer@v3.4.0
36+
- uses: sigstore/cosign-installer@v3.5.0
3737
- name: Prepare
3838
id: prep
3939
run: |
@@ -146,7 +146,7 @@ jobs:
146146
actions: read # for detecting the Github Actions environment.
147147
id-token: write # for creating OIDC tokens for signing.
148148
contents: write # for uploading attestations to GitHub releases.
149-
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
149+
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
150150
with:
151151
provenance-name: "provenance.intoto.jsonl"
152152
base64-subjects: "${{ needs.release-flagger.outputs.hashes }}"

0 commit comments

Comments
 (0)