From 890ff4bfc3143b90259bb75f5012451976c2bd5c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jun 2026 17:43:26 +0000 Subject: [PATCH] build(deps): Bump actions/attest-build-provenance from 3 to 4 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3 to 4. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release-image.yml | 2 +- .github/workflows/rg-release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-image.yml b/.github/workflows/release-image.yml index 16bb82c..e1fee70 100644 --- a/.github/workflows/release-image.yml +++ b/.github/workflows/release-image.yml @@ -175,7 +175,7 @@ jobs: "${{ steps.release_meta.outputs.image_ref }}@${{ steps.image_digest.outputs.digest }}" - name: Emit SLSA provenance - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-name: ${{ steps.release_meta.outputs.image_repo }} subject-digest: ${{ steps.image_digest.outputs.digest }} diff --git a/.github/workflows/rg-release.yml b/.github/workflows/rg-release.yml index c6f88dd..d2d40a5 100644 --- a/.github/workflows/rg-release.yml +++ b/.github/workflows/rg-release.yml @@ -71,7 +71,7 @@ jobs: fi - uses: sigstore/cosign-installer@v4.1.2 - run: cosign sign --yes ${{ inputs.image-ref }}@${{ steps.build.outputs.digest }} - - uses: actions/attest-build-provenance@v3 + - uses: actions/attest-build-provenance@v4 with: subject-name: ${{ inputs.image-ref }} subject-digest: ${{ steps.build.outputs.digest }}