From 2a5238d8c2ee0d41e0f236a2222d4025230cfae1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 11 Jul 2026 00:42:26 +0000 Subject: [PATCH] build(deps): bump actions/attest-build-provenance from 2.2.3 to 4.1.1 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.2.3 to 4.1.1. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/c074443f1aee8d4aeeae555aebba3282517141b2...0f67c3f4856b2e3261c31976d6725780e5e4c373) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/deploy-artifact.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-artifact.yml b/.github/workflows/deploy-artifact.yml index 749d2ae..6dcabc1 100644 --- a/.github/workflows/deploy-artifact.yml +++ b/.github/workflows/deploy-artifact.yml @@ -131,7 +131,7 @@ jobs: - name: Attest build provenance if: ${{ steps.publish.outputs.artifact-digest != '' }} - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-name: ghcr.io/jorisjonkers-dev/${{ inputs.artifact-name }} subject-digest: ${{ steps.publish.outputs.artifact-digest }}