[PR #88] Bump actions/attest-build-provenance from 3.0.0 to 3.2.0 #570

New Issue

GiteaMirror · 2026-04-29T17:05:04-05:00

GiteaMirror commented

2026-04-29 17:05:04 -05:00

📋 Pull Request Information

Original PR: https://github.com/fosrl/olm/pull/88
Author: @dependabot[bot]
Created: 1/28/2026
Status: 🔄 Open

Base: main ← Head: dependabot/github_actions/actions/attest-build-provenance-3.2.0

📝 Commits (1)

c0bf21e Bump actions/attest-build-provenance from 3.0.0 to 3.2.0

📊 Changes

1 file changed (+2 additions, -2 deletions)

View changed files

📝 .github/workflows/cicd.yml (+2 -2)

📄 Description

Bumps actions/attest-build-provenance from 3.0.0 to 3.2.0.

Release notes

Sourced from actions/attest-build-provenance's releases.

v3.2.0

What's Changed

Bump @actions/core from 1.11.1 to 2.0.1 by @dependabot[bot] in actions/attest-build-provenance#776

Add more documentation on Artifact Metadata Storage Records by @malancas in actions/attest-build-provenance#797

Update actions/attest to latest version v3.2.0 by @malancas in actions/attest-build-provenance#812

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0

v3.1.0

What's Changed

Prepare v3 release by @bdehamer in actions/attest-build-provenance#697

Bump js-yaml from 3.14.1 to 3.14.2 by @dependabot[bot] in actions/attest-build-provenance#749

Bump tar from 7.5.1 to 7.5.2 by @dependabot[bot] in actions/attest-build-provenance#753

Bump glob from 10.4.5 to 10.5.0 by @dependabot[bot] in actions/attest-build-provenance#754

Bump @types/node from 24.10.1 to 25.0.2 by @dependabot[bot] in actions/attest-build-provenance#774

Bump @actions/attest from 1.6.0 to 2.0.0 by @dependabot[bot] in actions/attest-build-provenance#736

Bump @actions/attest from 2.0.0 to 2.1.0 by @dependabot[bot] in actions/attest-build-provenance#775

Add support for creating artifact metadata storage records by @malancas in actions/attest-build-provenance#779

New Contributors

@malancas made their first contribution in actions/attest-build-provenance#779

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0

Commits

96278af Update actions/attest to latest version v3.2.0 (#812)
6865550 Add more documentation on Artifact Metadata Storage Records (#797)
98f3aa9 Bump @actions/core from 1.11.1 to 2.0.1 (#776)
63e6444 Bump github/codeql-action in the actions-minor group (#782)
3bc61af Bump the npm-development group with 2 updates (#795)
405d0ea Bump the npm-development group with 3 updates (#783)
00014ed Add support for creating artifact metadata storage records (#779)
8835c60 Bump @actions/attest from 2.0.0 to 2.1.0 (#775)
331a7ac Bump @types/node from 24.10.1 to 25.0.2 (#774)
bd4fc03 Bump the npm-development group with 5 updates (#773)
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/olm/pull/88 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 1/28/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `dependabot/github_actions/actions/attest-build-provenance-3.2.0` --- ### 📝 Commits (1) - [`c0bf21e`](https://github.com/fosrl/olm/commit/c0bf21e9c50e0aa0833d0a470fb1b0fee0115279) Bump actions/attest-build-provenance from 3.0.0 to 3.2.0 ### 📊 Changes **1 file changed** (+2 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/cicd.yml` (+2 -2) </details> ### 📄 Description Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.0.0 to 3.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest-build-provenance/releases">actions/attest-build-provenance's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/776">actions/attest-build-provenance#776</a></li> <li>Add more documentation on Artifact Metadata Storage Records by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/797">actions/attest-build-provenance#797</a></li> <li>Update actions/attest to latest version v3.2.0 by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/812">actions/attest-build-provenance#812</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0">https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0</a></p> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Prepare v3 release by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/697">actions/attest-build-provenance#697</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/749">actions/attest-build-provenance#749</a></li> <li>Bump tar from 7.5.1 to 7.5.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/753">actions/attest-build-provenance#753</a></li> <li>Bump glob from 10.4.5 to 10.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/754">actions/attest-build-provenance#754</a></li> <li>Bump <code>@types/node</code> from 24.10.1 to 25.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/774">actions/attest-build-provenance#774</a></li> <li>Bump <code>@actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/736">actions/attest-build-provenance#736</a></li> <li>Bump <code>@actions/attest</code> from 2.0.0 to 2.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/775">actions/attest-build-provenance#775</a></li> <li>Add support for creating artifact metadata storage records by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0">https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest-build-provenance/commit/96278af6caaf10aea03fd8d33a09a777ca52d62f"><code>96278af</code></a> Update actions/attest to latest version v3.2.0 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/812">#812</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/6865550d0380db508fc599a58cc87c50c0bba5c5"><code>6865550</code></a> Add more documentation on Artifact Metadata Storage Records (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/797">#797</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/98f3aa9c27c3d6da66cf51b7d38fb7511df72d3a"><code>98f3aa9</code></a> Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/776">#776</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/63e64444a7857c20bbda4810126aabe30ef3b047"><code>63e6444</code></a> Bump github/codeql-action in the actions-minor group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/782">#782</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/3bc61afc810a5808496e2782a241fbbf5b91e8b0"><code>3bc61af</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/795">#795</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/405d0eac46dee8bbc8a98b540f33935742b4d7c8"><code>405d0ea</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/783">#783</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8"><code>00014ed</code></a> Add support for creating artifact metadata storage records (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/779">#779</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/8835c60c52cafa2b7f8bd4fadd525d33bf16cefe"><code>8835c60</code></a> Bump <code>@actions/attest</code> from 2.0.0 to 2.1.0 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/775">#775</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/331a7ac6b7b893a9d009fe50d4e268b659c70ae5"><code>331a7ac</code></a> Bump <code>@types/node</code> from 24.10.1 to 25.0.2 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/774">#774</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/bd4fc0326ad7a75a2ad6b8649fef9e07d1918dad"><code>bd4fc03</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/773">#773</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest-build-provenance/compare/977bb373ede98d70efdf65b84cb5f73e068dcc2a...96278af6caaf10aea03fd8d33a09a777ca52d62f">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/attest-build-provenance&package-manager=github_actions&previous-version=3.0.0&new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-04-29 17:05:04 -05:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/olm#570