diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 177cb1e..ce47258 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -168,7 +168,7 @@ jobs: # Phase 4 (Trusted Signing) inserts above this step; attestation then # covers the signed MSI rather than the unsigned one. - name: Attest MSI build provenance - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: 'Releases/*.msi'