From 6ad8fd85e8b93a403e0dfcaa52f651bb5511f982 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 May 2026 17:58:38 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/auto-label.yml | 4 +-- .github/workflows/ci.yml | 20 ++++++------ .github/workflows/e2e-attachments.yml | 8 ++--- .github/workflows/formulus-android.yml | 18 +++++------ .github/workflows/ode-desktop.yml | 42 +++++++++++++------------- .github/workflows/pr-title-check.yml | 2 +- .github/workflows/sbom-release.yml | 10 +++--- .github/workflows/synkronus-cli.yml | 12 ++++---- .github/workflows/synkronus-docker.yml | 40 ++++++++++++------------ 9 files changed, 78 insertions(+), 78 deletions(-) diff --git a/.github/workflows/auto-label.yml b/.github/workflows/auto-label.yml index e1cf54db0..6c55c71de 100644 --- a/.github/workflows/auto-label.yml +++ b/.github/workflows/auto-label.yml @@ -16,10 +16,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Label PR based on changed files - uses: actions/labeler@v5 + uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} configuration-path: .github/labeler.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b12e3af7b..a74e4ef79 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -39,12 +39,12 @@ jobs: synkronus-cli: ${{ steps.filter.outputs.synkronus-cli }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 - name: Detect changed components - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2 id: filter with: filters: | @@ -71,10 +71,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -111,10 +111,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -159,10 +159,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: ${{ env.GO_VERSION }} cache-dependency-path: synkronus/go.sum @@ -216,10 +216,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: ${{ env.GO_VERSION }} cache-dependency-path: synkronus-cli/go.sum diff --git a/.github/workflows/e2e-attachments.yml b/.github/workflows/e2e-attachments.yml index c3a4bd8c1..3a7ccf615 100644 --- a/.github/workflows/e2e-attachments.yml +++ b/.github/workflows/e2e-attachments.yml @@ -32,10 +32,10 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version-file: synkronus/go.mod cache: true @@ -73,10 +73,10 @@ jobs: timeout-minutes: 20 needs: contract steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Node - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: 20 cache: npm diff --git a/.github/workflows/formulus-android.yml b/.github/workflows/formulus-android.yml index fe5efa53f..8d56694bd 100644 --- a/.github/workflows/formulus-android.yml +++ b/.github/workflows/formulus-android.yml @@ -37,10 +37,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Node.js for assets - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -63,7 +63,7 @@ jobs: run: npm run build:copy - name: Upload formplayer assets artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: formplayer-assets path: formulus/android/app/src/main/assets/formplayer_dist @@ -78,16 +78,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download formplayer assets artifact - uses: actions/download-artifact@v7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7 with: name: formplayer-assets path: formulus/android/app/src/main/assets/formplayer_dist - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -120,7 +120,7 @@ jobs: run: npm run vendor:notifee - name: Set up Java - uses: actions/setup-java@v4 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: 'temurin' java-version: '17' @@ -165,7 +165,7 @@ jobs: run: ./gradlew assembleRelease --no-daemon - name: Upload APK artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: formulus-android-apk-${{ github.event_name }}-${{ github.run_id }} path: | @@ -173,7 +173,7 @@ jobs: - name: Upload APK to GitHub Release if: github.event_name == 'release' - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2 with: files: | formulus/android/app/build/outputs/apk/**/**/*.apk diff --git a/.github/workflows/ode-desktop.yml b/.github/workflows/ode-desktop.yml index c642e5d8e..59766364e 100644 --- a/.github/workflows/ode-desktop.yml +++ b/.github/workflows/ode-desktop.yml @@ -45,10 +45,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} @@ -64,7 +64,7 @@ jobs: echo "STORE_PATH=$(pnpm store path)" >> "$GITHUB_OUTPUT" - name: Setup pnpm cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} key: ${{ runner.os }}-pnpm-store-${{ hashFiles('desktop/pnpm-lock.yaml') }} @@ -109,7 +109,7 @@ jobs: xdg-utils - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: components: rustfmt, clippy @@ -129,10 +129,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' @@ -162,7 +162,7 @@ jobs: cp -a formulus-formplayer/build/. desktop/public/formplayer_dist/ - name: Upload formplayer dist - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: desktop-formplayer-dist path: desktop/public/formplayer_dist @@ -203,16 +203,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download embedded formplayer - uses: actions/download-artifact@v7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7 with: name: desktop-formplayer-dist path: desktop/public/formplayer_dist - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} @@ -226,7 +226,7 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> "$GITHUB_OUTPUT" - name: Setup pnpm cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} key: ${{ runner.os }}-${{ runner.arch }}-pnpm-${{ hashFiles('desktop/pnpm-lock.yaml') }} @@ -253,12 +253,12 @@ jobs: xdg-utils - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: targets: ${{ matrix.rust_target }} - name: Rust cache - uses: Swatinem/rust-cache@v2 + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 with: workspaces: desktop/src-tauri shared-key: ode-desktop-${{ matrix.platform }} @@ -297,7 +297,7 @@ jobs: fi - name: Upload installer artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: ode-desktop-${{ matrix.platform }} path: desktop/dist-ci/* @@ -340,16 +340,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download embedded formplayer - uses: actions/download-artifact@v7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7 with: name: desktop-formplayer-dist path: desktop/public/formplayer_dist - name: Setup Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} @@ -363,7 +363,7 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> "$GITHUB_OUTPUT" - name: Setup pnpm cache - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3 with: path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} key: ${{ runner.os }}-${{ runner.arch }}-pnpm-${{ hashFiles('desktop/pnpm-lock.yaml') }} @@ -390,12 +390,12 @@ jobs: xdg-utils - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: targets: ${{ matrix.rust_target }} - name: Rust cache - uses: Swatinem/rust-cache@v2 + uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2 with: workspaces: desktop/src-tauri shared-key: ode-desktop-release-${{ matrix.platform }} @@ -434,7 +434,7 @@ jobs: fi - name: Attach installers to Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2 with: tag_name: ${{ github.event.release.tag_name }} files: desktop/dist-release/* diff --git a/.github/workflows/pr-title-check.yml b/.github/workflows/pr-title-check.yml index b3bd30782..74bb2ffa9 100644 --- a/.github/workflows/pr-title-check.yml +++ b/.github/workflows/pr-title-check.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Check PR Title Format - uses: amannn/action-semantic-pull-request@v5 + uses: amannn/action-semantic-pull-request@e32d7e603df1aa1ba07e981f2a23455dee596825 # v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/sbom-release.yml b/.github/workflows/sbom-release.yml index bd1e4ef73..8babfb7de 100644 --- a/.github/workflows/sbom-release.yml +++ b/.github/workflows/sbom-release.yml @@ -23,15 +23,15 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: ${{ env.NODE_VERSION }} - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: ${{ env.GO_VERSION }} @@ -40,7 +40,7 @@ jobs: - name: Upload SBOM artifact (manual runs) if: github.event_name == 'workflow_dispatch' - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: cyclonedx-sbom path: sbom-dist/*.cdx.json @@ -48,7 +48,7 @@ jobs: - name: Upload SBOMs to GitHub Release if: github.event_name == 'release' - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2 with: tag_name: ${{ github.event.release.tag_name }} files: sbom-dist/*.cdx.json diff --git a/.github/workflows/synkronus-cli.yml b/.github/workflows/synkronus-cli.yml index 54acb0b6c..d02286a0f 100644 --- a/.github/workflows/synkronus-cli.yml +++ b/.github/workflows/synkronus-cli.yml @@ -31,10 +31,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: '1.25.x' cache-dependency-path: synkronus-cli/go.sum @@ -58,7 +58,7 @@ jobs: rm dist/${FILENAME}${EXT} - name: Upload build artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 with: name: synkronus-cli-${{ matrix.goos }}-${{ matrix.goarch }} path: synkronus-cli/dist/synkronus-cli-${{ matrix.goos }}-${{ matrix.goarch }}* @@ -81,10 +81,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: '1.25.x' cache-dependency-path: synkronus-cli/go.sum @@ -100,7 +100,7 @@ jobs: ls -R dist - name: Upload assets to GitHub Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2 with: files: | synkronus-cli/dist/synkronus-cli-* diff --git a/.github/workflows/synkronus-docker.yml b/.github/workflows/synkronus-docker.yml index d46cdd9a7..d2d817d44 100644 --- a/.github/workflows/synkronus-docker.yml +++ b/.github/workflows/synkronus-docker.yml @@ -41,7 +41,7 @@ jobs: version: ${{ steps.version.outputs.version }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 0 @@ -57,13 +57,13 @@ jobs: echo "Building Synkronus with version: ${VERSION}" - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: go-version: '1.25.x' cache-dependency-path: synkronus/go.sum - name: Set up Node - uses: actions/setup-node@v4 + uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4 with: node-version: '24' cache: npm @@ -73,7 +73,7 @@ jobs: synkronus-portal/package-lock.json - name: Set up Java (OpenAPI Generator) - uses: actions/setup-java@v4 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4 with: distribution: temurin java-version: '21' @@ -104,7 +104,7 @@ jobs: cp -a static "${ROOT}/docker-dist/" - name: Upload docker build context artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 with: name: synkronus-docker-dist path: docker-dist/ @@ -121,10 +121,10 @@ jobs: digest: ${{ steps.push.outputs.digest }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download docker build context - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: name: synkronus-docker-dist path: docker-dist/ @@ -140,7 +140,7 @@ jobs: - name: Log in to Github Container Registry if: github.event_name != 'pull_request' - uses: redhat-actions/podman-login@v1 + uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -148,7 +148,7 @@ jobs: - name: Compute image metadata (scratch tag) id: meta - uses: docker/metadata-action@v6 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -157,7 +157,7 @@ jobs: - name: Build image with Buildah id: build-image - uses: redhat-actions/buildah-build@v2 + uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 with: image: ${{ env.IMAGE_NAME }} tags: ${{ steps.meta.outputs.tag-names }} @@ -170,7 +170,7 @@ jobs: - name: Push image to registry id: push if: github.event_name != 'pull_request' - uses: redhat-actions/push-to-registry@v2 + uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 with: image: ${{ steps.build-image.outputs.image }} tags: ${{ steps.build-image.outputs.tags }} @@ -187,10 +187,10 @@ jobs: digest: ${{ steps.push.outputs.digest }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Download docker build context - uses: actions/download-artifact@v4 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 with: name: synkronus-docker-dist path: docker-dist/ @@ -206,7 +206,7 @@ jobs: - name: Log in to Github Container Registry if: github.event_name != 'pull_request' - uses: redhat-actions/podman-login@v1 + uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -214,7 +214,7 @@ jobs: - name: Compute image metadata (scratch tag) id: meta - uses: docker/metadata-action@v6 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -223,7 +223,7 @@ jobs: - name: Build image with Buildah id: build-image - uses: redhat-actions/buildah-build@v2 + uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 with: image: ${{ env.IMAGE_NAME }} tags: ${{ steps.meta.outputs.tag-names }} @@ -236,7 +236,7 @@ jobs: - name: Push image to registry id: push if: github.event_name != 'pull_request' - uses: redhat-actions/push-to-registry@v2 + uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 with: image: ${{ steps.build-image.outputs.image }} tags: ${{ steps.build-image.outputs.tags }} @@ -254,7 +254,7 @@ jobs: attestations: write steps: - name: Log in to Github Container Registry (docker) - uses: docker/login-action@v3 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -262,7 +262,7 @@ jobs: - name: Compute image tags and labels id: tags - uses: docker/metadata-action@v6 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 with: images: | ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -326,7 +326,7 @@ jobs: echo "digest=${DIGEST}" >> "${GITHUB_OUTPUT}" - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} subject-digest: ${{ steps.manifest-digest.outputs.digest }}