Bump slsa-framework/slsa-github-generator from 1.5.0 to 1.9.0 (#112)

jetstack · Feb 21, 2024 · 68e626f · 68e626f
2 parents ebfcb00 + 9a6d413
commit 68e626f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -98,7 +98,7 @@ jobs:
         actions: read # for detecting the Github Actions environment.
         id-token: write # for creating OIDC tokens for signing.
         packages: write # for uploading attestations.
-      uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.6.0
+      uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.9.0
       with:
         image: ghcr.io/${{ github.repository }}
         # The image digest is used to prevent TOCTOU issues.

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -76,6 +76,6 @@ jobs:
       actions: read # Needed for detection of GitHub Actions environment.
       id-token: write # Needed for provenance signing and ID.
       contents: write # Needed for release uploads.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0
     with:
       base64-subjects: "${{ needs.release.outputs.hashes }}"