From 8ceff2bf80c89bf0d3296fa9f50130ddbd79055e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 29 May 2024 12:19:43 +0000 Subject: [PATCH] chore(deps): pin actions/attest-sbom action to aaa2d0a --- .github/workflows/userscript-nightly.yml | 2 +- .github/workflows/userscript-publish.yml | 2 +- .github/workflows/userscript-tagged-release.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/userscript-nightly.yml b/.github/workflows/userscript-nightly.yml index a5c4b8630..1be2e5277 100644 --- a/.github/workflows/userscript-nightly.yml +++ b/.github/workflows/userscript-nightly.yml @@ -65,7 +65,7 @@ jobs: upload-release-assets: false - name: Attest SBOM - uses: actions/attest-sbom@v1 + uses: actions/attest-sbom@aaa2d0a82e0853a3aea99fcf632b9b61cdb534c2 # v1 with: subject-path: packages/kitten-scientists/output/* sbom-path: sbom.spdx.json diff --git a/.github/workflows/userscript-publish.yml b/.github/workflows/userscript-publish.yml index cef174ad3..48cfb257e 100644 --- a/.github/workflows/userscript-publish.yml +++ b/.github/workflows/userscript-publish.yml @@ -60,7 +60,7 @@ jobs: upload-release-assets: false - name: Attest SBOM - uses: actions/attest-sbom@v1 + uses: actions/attest-sbom@aaa2d0a82e0853a3aea99fcf632b9b61cdb534c2 # v1 with: subject-path: packages/kitten-scientists/output/* sbom-path: sbom.spdx.json diff --git a/.github/workflows/userscript-tagged-release.yml b/.github/workflows/userscript-tagged-release.yml index b292a16a4..af84d0667 100644 --- a/.github/workflows/userscript-tagged-release.yml +++ b/.github/workflows/userscript-tagged-release.yml @@ -42,7 +42,7 @@ jobs: upload-release-assets: false - name: Attest SBOM - uses: actions/attest-sbom@v1 + uses: actions/attest-sbom@aaa2d0a82e0853a3aea99fcf632b9b61cdb534c2 # v1 with: subject-path: packages/kitten-scientists/output/* sbom-path: sbom.spdx.json