File tree 3 files changed +3
-3
lines changed
3 files changed +3
-3
lines changed Original file line number Diff line number Diff line change 3838 using : composite
3939 steps :
4040 - name : Download artifacts
41- uses : actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
41+ uses : actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
4242 with :
4343 name : ${{ inputs.name }}
4444 path : ${{ inputs.path }}
Original file line number Diff line number Diff line change 4343 shell : bash
4444
4545 - name : Download artifacts
46- uses : actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
46+ uses : actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
4747 with :
4848 name : ${{ inputs.artifact_name }}
4949 path : .
Original file line number Diff line number Diff line change @@ -206,7 +206,7 @@ jobs:
206206 # NOTE: provenance fails if we use action pinning... it's a Github limitation
207207 # because SLSA needs to trace & attest it came from a given branch; pinning doesn't expose that information
208208 # https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/generic/README.md#referencing-the-slsa-generator
209- uses : slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10 .0
209+ uses : slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0 .0
210210 with :
211211 base64-subjects : ${{ needs.build.outputs.attestation_hashes }}
212212 upload-assets : false # we upload its attestation in create_tag job, otherwise it creates a new release
You can’t perform that action at this time.
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
0 commit comments