[PR #84] [CLOSED] Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 #376

New Issue

Closed

opened 2026-04-23 01:57:30 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-04-23 01:57:30 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/fosrl/olm/pull/84
Author: @dependabot[bot]
Created: 1/21/2026
Status: ❌ Closed

Base: main ← Head: dependabot/github_actions/actions/attest-build-provenance-3.1.0

---

📝 Commits (1)

• f7a763d Bump actions/attest-build-provenance from 3.0.0 to 3.1.0

📊 Changes

1 file changed (+2 additions, -2 deletions)

View changed files

📝 .github/workflows/cicd.yml (+2 -2)

📄 Description

Bumps actions/attest-build-provenance from 3.0.0 to 3.1.0.

Release notes

Sourced from actions/attest-build-provenance's releases.

v3.1.0

What's Changed

• Prepare v3 release by @​bdehamer in actions/attest-build-provenance#697
• Bump js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in actions/attest-build-provenance#749
• Bump tar from 7.5.1 to 7.5.2 by @​dependabot[bot] in actions/attest-build-provenance#753
• Bump glob from 10.4.5 to 10.5.0 by @​dependabot[bot] in actions/attest-build-provenance#754
• Bump @​types/node from 24.10.1 to 25.0.2 by @​dependabot[bot] in actions/attest-build-provenance#774
• Bump @​actions/attest from 1.6.0 to 2.0.0 by @​dependabot[bot] in actions/attest-build-provenance#736
• Bump @​actions/attest from 2.0.0 to 2.1.0 by @​dependabot[bot] in actions/attest-build-provenance#775
• Add support for creating artifact metadata storage records by @​malancas in actions/attest-build-provenance#779

New Contributors

• @​malancas made their first contribution in actions/attest-build-provenance#779

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0

Commits

• 00014ed Add support for creating artifact metadata storage records (#779)
• 8835c60 Bump @​actions/attest from 2.0.0 to 2.1.0 (#775)
• 331a7ac Bump @​types/node from 24.10.1 to 25.0.2 (#774)
• bd4fc03 Bump the npm-development group with 5 updates (#773)
• 5dea0e5 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#772)
• 4f2d058 Bump github/codeql-action in the actions-minor group (#771)
• c6f9859 Bump the actions-minor group with 3 updates (#765)
• 61d781f Bump the npm-development group with 3 updates (#766)
• ca0aaa1 Bump the npm-development group with 2 updates (#759)
• 2dc334f Bump github/codeql-action in the actions-minor group (#760)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/olm/pull/84 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 1/21/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/github_actions/actions/attest-build-provenance-3.1.0` --- ### 📝 Commits (1) - [`f7a763d`](https://github.com/fosrl/olm/commit/f7a763d4734fee0f46c6ae9d14920cd0b1e7a11e) Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 ### 📊 Changes **1 file changed** (+2 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/cicd.yml` (+2 -2) </details> ### 📄 Description Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest-build-provenance/releases">actions/attest-build-provenance's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Prepare v3 release by <a href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/697">actions/attest-build-provenance#697</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/749">actions/attest-build-provenance#749</a></li> <li>Bump tar from 7.5.1 to 7.5.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/753">actions/attest-build-provenance#753</a></li> <li>Bump glob from 10.4.5 to 10.5.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/754">actions/attest-build-provenance#754</a></li> <li>Bump <code>@​types/node</code> from 24.10.1 to 25.0.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/774">actions/attest-build-provenance#774</a></li> <li>Bump <code>@​actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/736">actions/attest-build-provenance#736</a></li> <li>Bump <code>@​actions/attest</code> from 2.0.0 to 2.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/775">actions/attest-build-provenance#775</a></li> <li>Add support for creating artifact metadata storage records by <a href="https://github.com/malancas"><code>@​malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@​malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0">https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest-build-provenance/commit/00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8"><code>00014ed</code></a> Add support for creating artifact metadata storage records (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/779">#779</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/8835c60c52cafa2b7f8bd4fadd525d33bf16cefe"><code>8835c60</code></a> Bump <code>@​actions/attest</code> from 2.0.0 to 2.1.0 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/775">#775</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/331a7ac6b7b893a9d009fe50d4e268b659c70ae5"><code>331a7ac</code></a> Bump <code>@​types/node</code> from 24.10.1 to 25.0.2 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/774">#774</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/bd4fc0326ad7a75a2ad6b8649fef9e07d1918dad"><code>bd4fc03</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/5dea0e5066f46637265831d16ebfbe11eba25c6b"><code>5dea0e5</code></a> Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/772">#772</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/4f2d058085f56066a228c00c12415b8c9109eff4"><code>4f2d058</code></a> Bump github/codeql-action in the actions-minor group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/771">#771</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/c6f9859ac6fd46168bba4ac441e2994fa837fc39"><code>c6f9859</code></a> Bump the actions-minor group with 3 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/765">#765</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/61d781ff2ae0b5f93729ce576f80b88400e0ea60"><code>61d781f</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/ca0aaa1889e301c8331fbdb338d9475431b75b13"><code>ca0aaa1</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/759">#759</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/2dc334f1ac91e63118d659bffafc73b0fa6d5c00"><code>2dc334f</code></a> Bump github/codeql-action in the actions-minor group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/760">#760</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest-build-provenance/compare/977bb373ede98d70efdf65b84cb5f73e068dcc2a...00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-04-23 01:57:30 -05:00

GiteaMirror closed this issue 2026-04-23 01:57:30 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

dependabot/docker/minor-updates-1134f52710

dependabot/go_modules/patch-updates-2590a23007

dependabot/github_actions/actions/cache-5.0.3

dependabot/github_actions/actions/checkout-6.0.2

dependabot/github_actions/docker/login-action-3.7.0

dependabot/github_actions/actions/attest-build-provenance-3.2.0

dependabot/github_actions/actions/setup-go-6.2.0

v1.5.1

1.5.0

v1.5.0

1.4.4

v1.4.4

1.4.3

v1.4.3

1.4.2

v1.4.2

1.4.1

v1.4.1

1.4.0

v1.4.0

v1.3.0

1.3.0

1.3.0-rc.0

1.2.0

1.2.0-rc.0

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.0

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

bug

dependencies

documentation

enhancement

good first issue

help wanted

needs investigating

pull-request

Mirrored from GitHub Pull Request

stale

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/olm#376