From b035962343490c80a6c6512748df7ea1776edb2b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Jun 2026 22:03:20 +0000 Subject: [PATCH] build(deps): bump actions/attest Bumps the github-actions group with 1 update in the / directory: [actions/attest](https://github.com/actions/attest). Updates `actions/attest` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/attest/releases) - [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest/compare/59d89421af93a897026c735860bf21b6eb4f7b26...a1948c3f048ba23858d222213b7c278aabede763) --- updated-dependencies: - dependency-name: actions/attest dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/release-step-3.yml | 2 +- .github/workflows/snapshot.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-step-3.yml b/.github/workflows/release-step-3.yml index ceaff5d..e494f05 100644 --- a/.github/workflows/release-step-3.yml +++ b/.github/workflows/release-step-3.yml @@ -97,7 +97,7 @@ jobs: run: tar xvf ${{ env.TARBALL_FILE }} - name: generate build provenance - uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0 + uses: actions/attest@a1948c3f048ba23858d222213b7c278aabede763 # v4.1.1 with: subject-path: "${{ github.workspace }}/**/target/*.jar" diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml index b5f1e9f..637e0d3 100644 --- a/.github/workflows/snapshot.yml +++ b/.github/workflows/snapshot.yml @@ -67,7 +67,7 @@ jobs: run: tar xvf ${{ env.TARBALL_FILE }} - name: generate build provenance - uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0 + uses: actions/attest@a1948c3f048ba23858d222213b7c278aabede763 # v4.1.1 with: subject-path: "${{ github.workspace }}/**/target/*.jar"