Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update github-actions #2352

Merged
merged 1 commit into from
Jul 12, 2023

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Jul 1, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/setup-java action digest 1f2faad -> 75c6561
actions/setup-java action pinDigest -> 5ffc13f
actions/setup-node action minor v3.6.0 -> v3.7.0
actions/setup-node action digest 64ed1c7 -> e33196f
github/codeql-action action patch v2.20.1 -> v2.20.3
gradle/gradle-build-action action minor v2.4.2 -> v2.6.0
sigstore/cosign-installer action patch v3.1.0 -> v3.1.1

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.


Release Notes

actions/setup-node (actions/setup-node)

v3.7.0

Compare Source

What's Changed

In scope of this release we added a logic to save an additional cache path for yarn 3 (related pull request and feature request). Moreover, we added functionality to use all the sub directories derived from cache-dependency-path input and add detect all dependencies directories to cache (related pull request and feature request).

Besides, we made such changes as:
New Contributors

Full Changelog: actions/setup-node@v3...v3.7.0

github/codeql-action (github/codeql-action)

v2.20.3

Compare Source

v2.20.2

Compare Source

gradle/gradle-build-action (gradle/gradle-build-action)

v2.6.0

Compare Source

GitHub Dependency Graph support (Experimental)

This release brings experimental support for submitting a GitHub Dependency Graph snapshot via the GitHub Dependency Submission API.

The dependency graph snapshot is generated via integration with the GitHub Dependency Graph Gradle Plugin, and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow).

The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate Dependabot Alerts for vulnerable dependencies, as well as to populate the Dependency Graph insights view.

Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph.

Changelog

v2.5.1

Compare Source

Fixes a regression in v2.5.0 that resulted in failure when running a workflow that has a name containing a comma.

Fixes
  • Cache key Validation Error when workflow name contains a comma #​756
Changelog

v2.5.0

Compare Source

This minor release fixes a couple of issues that affected the action in particular scenarios, and updates all dependencies to recent versions.

Fixes
  • Parallel workflows containing jobs with the same name use the same cache key #​699
  • Build scans are not captured when GE plugin is applied within settingsEvaluated #​626

Full changelog: gradle/gradle-build-action@v2.4.2...v2.5.0

sigstore/cosign-installer (sigstore/cosign-installer)

v3.1.1

Compare Source

What's Changed

Full Changelog: sigstore/cosign-installer@v3.1.0...v3.1.1


Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate-bot renovate-bot force-pushed the renovate/github-actions branch 2 times, most recently from 71550ad to a52c667 Compare July 5, 2023 14:40
@renovate-bot renovate-bot changed the title chore(deps): update github-actions chore(deps): pin dependencies Jul 5, 2023
@renovate-bot renovate-bot force-pushed the renovate/github-actions branch 3 times, most recently from 3b4e0f4 to f1eef1d Compare July 6, 2023 15:40
@renovate-bot renovate-bot changed the title chore(deps): pin dependencies chore(deps): update github-actions Jul 10, 2023
@renovate-bot renovate-bot force-pushed the renovate/github-actions branch 2 times, most recently from a2d0b43 to 914900e Compare July 12, 2023 07:03
@ianlewis ianlewis enabled auto-merge (squash) July 12, 2023 07:04
auto-merge was automatically disabled July 12, 2023 07:09

Head branch was pushed to by a user without write access

@ianlewis ianlewis enabled auto-merge (squash) July 12, 2023 07:10
@ianlewis ianlewis merged commit 205e9bc into slsa-framework:main Jul 12, 2023
@renovate-bot renovate-bot deleted the renovate/github-actions branch July 12, 2023 07:25
enteraga6 pushed a commit to enteraga6/slsa-github-generator that referenced this pull request Jul 18, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| actions/setup-java | action | digest | `1f2faad` -> `75c6561` |
| [actions/setup-java](https://togithub.com/actions/setup-java) | action
| pinDigest | -> `5ffc13f` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| minor | `v3.6.0` -> `v3.7.0` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| digest | `64ed1c7` -> `e33196f` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v2.20.1` -> `v2.20.3` |
|
[gradle/gradle-build-action](https://togithub.com/gradle/gradle-build-action)
| action | minor | `v2.4.2` -> `v2.6.0` |
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | patch | `v3.1.0` -> `v3.1.1` |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the
Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-node (actions/setup-node)</summary>

###
[`v3.7.0`](https://togithub.com/actions/setup-node/releases/tag/v3.7.0)

[Compare
Source](https://togithub.com/actions/setup-node/compare/v3.6.0...v3.7.0)

##### What's Changed

In scope of this release we added a logic to save an additional cache
path for yarn 3 ([related pull
request](https://togithub.com/actions/setup-node/pull/744) and [feature
request](https://togithub.com/actions/setup-node/issues/325)). Moreover,
we added functionality to use all the sub directories derived from
`cache-dependency-path` input and add detect all dependencies
directories to cache (related [pull
request](https://togithub.com/actions/setup-node/pull/735) and [feature
request](https://togithub.com/actions/setup-node/issues/488)).

##### Besides, we made such changes as:

- Replace workflow badge with new badge by
[@&#8203;jongwooo](https://togithub.com/jongwooo) in
[https://github.com/actions/setup-node/pull/653](https://togithub.com/actions/setup-node/pull/653)
- Fix a minor typo by [@&#8203;phanan](https://togithub.com/phanan) in
[https://github.com/actions/setup-node/pull/662](https://togithub.com/actions/setup-node/pull/662)
- docs: fix typo in advanced-usage.md by
[@&#8203;remarkablemark](https://togithub.com/remarkablemark) in
[https://github.com/actions/setup-node/pull/697](https://togithub.com/actions/setup-node/pull/697)
- bugfix: Don't attempt to use Windows fallbacks on non-Windows OSes by
[@&#8203;domdomegg](https://togithub.com/domdomegg) in
[https://github.com/actions/setup-node/pull/718](https://togithub.com/actions/setup-node/pull/718)
- Update to node 18.x by
[@&#8203;feelepxyz](https://togithub.com/feelepxyz) in
[https://github.com/actions/setup-node/pull/751](https://togithub.com/actions/setup-node/pull/751)
- Remove implicit dependencies by
[@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) in
[https://github.com/actions/setup-node/pull/758](https://togithub.com/actions/setup-node/pull/758)
- Fix description about ensuring workflow access to private package by
[@&#8203;x86chi](https://togithub.com/x86chi) in
[https://github.com/actions/setup-node/pull/704](https://togithub.com/actions/setup-node/pull/704)

##### New Contributors

- [@&#8203;jongwooo](https://togithub.com/jongwooo) made their first
contribution in
[https://github.com/actions/setup-node/pull/653](https://togithub.com/actions/setup-node/pull/653)
- [@&#8203;phanan](https://togithub.com/phanan) made their first
contribution in
[https://github.com/actions/setup-node/pull/662](https://togithub.com/actions/setup-node/pull/662)
- [@&#8203;remarkablemark](https://togithub.com/remarkablemark) made
their first contribution in
[https://github.com/actions/setup-node/pull/697](https://togithub.com/actions/setup-node/pull/697)
- [@&#8203;domdomegg](https://togithub.com/domdomegg) made their first
contribution in
[https://github.com/actions/setup-node/pull/718](https://togithub.com/actions/setup-node/pull/718)
- [@&#8203;feelepxyz](https://togithub.com/feelepxyz) made their first
contribution in
[https://github.com/actions/setup-node/pull/751](https://togithub.com/actions/setup-node/pull/751)
- [@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) made
their first contribution in
[https://github.com/actions/setup-node/pull/758](https://togithub.com/actions/setup-node/pull/758)
- [@&#8203;x86chi](https://togithub.com/x86chi) made their first
contribution in
[https://github.com/actions/setup-node/pull/704](https://togithub.com/actions/setup-node/pull/704)

**Full Changelog**:
actions/setup-node@v3...v3.7.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v2.20.3`](https://togithub.com/github/codeql-action/compare/v2.20.2...v2.20.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.20.2...v2.20.3)

###
[`v2.20.2`](https://togithub.com/github/codeql-action/compare/v2.20.1...v2.20.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.20.1...v2.20.2)

</details>

<details>
<summary>gradle/gradle-build-action
(gradle/gradle-build-action)</summary>

###
[`v2.6.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.6.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.1...v2.6.0)

##### GitHub Dependency Graph support (Experimental)

This release brings experimental support for submitting a [GitHub
Dependency
Graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)
snapshot via the [GitHub Dependency Submission
API](https://docs.github.com/en/rest/dependency-graph/dependency-submission?apiVersion=2022-11-28).

The dependency graph snapshot is generated via integration with the
[GitHub Dependency Graph Gradle
Plugin](https://plugins.gradle.org/plugin/org.gradle.github-dependency-graph-gradle-plugin),
and saved as a workflow artifact. The generated snapshot files can be
submitted either in the same job, or in a subsequent job (in the same or
a dependent workflow).

The generated dependency graph snapshot reports all of the dependencies
that were resolved during a bulid execution, and is used by GitHub to
generate [Dependabot
Alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)
for vulnerable dependencies, as well as to populate the [Dependency
Graph insights
view](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph).

Check out the README chapter for more details on how this works and how
to configure a workflow that submits a dependency graph.

##### Changelog

###
[`v2.5.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.1)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.0...v2.5.1)

Fixes a regression in v2.5.0 that resulted in failure when running a
workflow that has a name containing a comma.

##### Fixes

- Cache key Validation Error when workflow name contains a comma
[#&#8203;756](https://togithub.com/gradle/gradle-build-action/issues/756)

##### Changelog

###
[`v2.5.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.4.2...v2.5.0)

This minor release fixes a couple of issues that affected the action in
particular scenarios, and updates all dependencies to recent versions.

##### Fixes

- Parallel workflows containing jobs with the same name use the same
cache key
[#&#8203;699](https://togithub.com/gradle/gradle-build-action/issues/699)
- Build scans are not captured when GE plugin is applied within
`settingsEvaluated`
[#&#8203;626](https://togithub.com/gradle/gradle-build-action/issues/626)

**Full changelog**:
gradle/gradle-build-action@v2.4.2...v2.5.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.1.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)

#### What's Changed

- default cosign to v2.1.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/137](https://togithub.com/sigstore/cosign-installer/pull/137)

**Full Changelog**:
sigstore/cosign-installer@v3.1.0...v3.1.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-github-generator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNDQuMiIsInVwZGF0ZWRJblZlciI6IjM2LjUuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Signed-off-by: Mend Renovate <[email protected]>
Signed-off-by: Noah Elzner <[email protected]>
enteraga6 pushed a commit to enteraga6/slsa-github-generator that referenced this pull request Aug 8, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| actions/setup-java | action | digest | `1f2faad` -> `75c6561` |
| [actions/setup-java](https://togithub.com/actions/setup-java) | action
| pinDigest | -> `5ffc13f` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| minor | `v3.6.0` -> `v3.7.0` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| digest | `64ed1c7` -> `e33196f` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v2.20.1` -> `v2.20.3` |
|
[gradle/gradle-build-action](https://togithub.com/gradle/gradle-build-action)
| action | minor | `v2.4.2` -> `v2.6.0` |
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | patch | `v3.1.0` -> `v3.1.1` |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the
Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-node (actions/setup-node)</summary>

###
[`v3.7.0`](https://togithub.com/actions/setup-node/releases/tag/v3.7.0)

[Compare
Source](https://togithub.com/actions/setup-node/compare/v3.6.0...v3.7.0)

##### What's Changed

In scope of this release we added a logic to save an additional cache
path for yarn 3 ([related pull
request](https://togithub.com/actions/setup-node/pull/744) and [feature
request](https://togithub.com/actions/setup-node/issues/325)). Moreover,
we added functionality to use all the sub directories derived from
`cache-dependency-path` input and add detect all dependencies
directories to cache (related [pull
request](https://togithub.com/actions/setup-node/pull/735) and [feature
request](https://togithub.com/actions/setup-node/issues/488)).

##### Besides, we made such changes as:

- Replace workflow badge with new badge by
[@&#8203;jongwooo](https://togithub.com/jongwooo) in
[https://github.com/actions/setup-node/pull/653](https://togithub.com/actions/setup-node/pull/653)
- Fix a minor typo by [@&#8203;phanan](https://togithub.com/phanan) in
[https://github.com/actions/setup-node/pull/662](https://togithub.com/actions/setup-node/pull/662)
- docs: fix typo in advanced-usage.md by
[@&#8203;remarkablemark](https://togithub.com/remarkablemark) in
[https://github.com/actions/setup-node/pull/697](https://togithub.com/actions/setup-node/pull/697)
- bugfix: Don't attempt to use Windows fallbacks on non-Windows OSes by
[@&#8203;domdomegg](https://togithub.com/domdomegg) in
[https://github.com/actions/setup-node/pull/718](https://togithub.com/actions/setup-node/pull/718)
- Update to node 18.x by
[@&#8203;feelepxyz](https://togithub.com/feelepxyz) in
[https://github.com/actions/setup-node/pull/751](https://togithub.com/actions/setup-node/pull/751)
- Remove implicit dependencies by
[@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) in
[https://github.com/actions/setup-node/pull/758](https://togithub.com/actions/setup-node/pull/758)
- Fix description about ensuring workflow access to private package by
[@&#8203;x86chi](https://togithub.com/x86chi) in
[https://github.com/actions/setup-node/pull/704](https://togithub.com/actions/setup-node/pull/704)

##### New Contributors

- [@&#8203;jongwooo](https://togithub.com/jongwooo) made their first
contribution in
[https://github.com/actions/setup-node/pull/653](https://togithub.com/actions/setup-node/pull/653)
- [@&#8203;phanan](https://togithub.com/phanan) made their first
contribution in
[https://github.com/actions/setup-node/pull/662](https://togithub.com/actions/setup-node/pull/662)
- [@&#8203;remarkablemark](https://togithub.com/remarkablemark) made
their first contribution in
[https://github.com/actions/setup-node/pull/697](https://togithub.com/actions/setup-node/pull/697)
- [@&#8203;domdomegg](https://togithub.com/domdomegg) made their first
contribution in
[https://github.com/actions/setup-node/pull/718](https://togithub.com/actions/setup-node/pull/718)
- [@&#8203;feelepxyz](https://togithub.com/feelepxyz) made their first
contribution in
[https://github.com/actions/setup-node/pull/751](https://togithub.com/actions/setup-node/pull/751)
- [@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) made
their first contribution in
[https://github.com/actions/setup-node/pull/758](https://togithub.com/actions/setup-node/pull/758)
- [@&#8203;x86chi](https://togithub.com/x86chi) made their first
contribution in
[https://github.com/actions/setup-node/pull/704](https://togithub.com/actions/setup-node/pull/704)

**Full Changelog**:
actions/setup-node@v3...v3.7.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v2.20.3`](https://togithub.com/github/codeql-action/compare/v2.20.2...v2.20.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.20.2...v2.20.3)

###
[`v2.20.2`](https://togithub.com/github/codeql-action/compare/v2.20.1...v2.20.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.20.1...v2.20.2)

</details>

<details>
<summary>gradle/gradle-build-action
(gradle/gradle-build-action)</summary>

###
[`v2.6.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.6.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.1...v2.6.0)

##### GitHub Dependency Graph support (Experimental)

This release brings experimental support for submitting a [GitHub
Dependency
Graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)
snapshot via the [GitHub Dependency Submission
API](https://docs.github.com/en/rest/dependency-graph/dependency-submission?apiVersion=2022-11-28).

The dependency graph snapshot is generated via integration with the
[GitHub Dependency Graph Gradle
Plugin](https://plugins.gradle.org/plugin/org.gradle.github-dependency-graph-gradle-plugin),
and saved as a workflow artifact. The generated snapshot files can be
submitted either in the same job, or in a subsequent job (in the same or
a dependent workflow).

The generated dependency graph snapshot reports all of the dependencies
that were resolved during a bulid execution, and is used by GitHub to
generate [Dependabot
Alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)
for vulnerable dependencies, as well as to populate the [Dependency
Graph insights
view](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph).

Check out the README chapter for more details on how this works and how
to configure a workflow that submits a dependency graph.

##### Changelog

###
[`v2.5.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.1)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.0...v2.5.1)

Fixes a regression in v2.5.0 that resulted in failure when running a
workflow that has a name containing a comma.

##### Fixes

- Cache key Validation Error when workflow name contains a comma
[#&#8203;756](https://togithub.com/gradle/gradle-build-action/issues/756)

##### Changelog

###
[`v2.5.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.4.2...v2.5.0)

This minor release fixes a couple of issues that affected the action in
particular scenarios, and updates all dependencies to recent versions.

##### Fixes

- Parallel workflows containing jobs with the same name use the same
cache key
[#&#8203;699](https://togithub.com/gradle/gradle-build-action/issues/699)
- Build scans are not captured when GE plugin is applied within
`settingsEvaluated`
[#&#8203;626](https://togithub.com/gradle/gradle-build-action/issues/626)

**Full changelog**:
gradle/gradle-build-action@v2.4.2...v2.5.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.1.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)

#### What's Changed

- default cosign to v2.1.1 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/137](https://togithub.com/sigstore/cosign-installer/pull/137)

**Full Changelog**:
sigstore/cosign-installer@v3.1.0...v3.1.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-github-generator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNDQuMiIsInVwZGF0ZWRJblZlciI6IjM2LjUuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Signed-off-by: Mend Renovate <[email protected]>
Signed-off-by: Noah Elzner <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants