From 9e92db8f028e6f30d153e10edd030a9464e25917 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 12:45:12 -0700 Subject: [PATCH] chore(deps): bump actions/attest-build-provenance from 1.0.0 to 1.1.1 (#4122) Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 1.0.0 to 1.1.1. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/897ed5eab6ed058a474202017ada7f40bfa52940...951c0c5f8e375ad4efad33405ab77f7ded2358e4) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/testing.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 0efc914692..cbc259b0fe 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -623,11 +623,11 @@ jobs: echo "tar=$(cd dist/ && echo *.tar.gz)" >> $GITHUB_OUTPUT echo "whl=$(cd dist/ && echo *.tar.gz)" >> $GITHUB_OUTPUT - name: Attest Build Provenance for tar - uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1 with: subject-path: "dist/${{ steps.filename.outputs.tar }}" - name: Attest Build Provenance for whl - uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + uses: actions/attest-build-provenance@951c0c5f8e375ad4efad33405ab77f7ded2358e4 # v1.1.1 with: subject-path: "dist/${{ steps.filename.outputs.whl }}" # TODO Upload to pypi on release creation