Skip to content

chore(deps): bump actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763#10

Merged
DeliciousBuding merged 1 commit into
mainfrom
dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763
Jul 15, 2026
Merged

chore(deps): bump actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763#10
DeliciousBuding merged 1 commit into
mainfrom
dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763.

Changelog

Sourced from actions/attest's changelog.

Release Instructions

Follow the steps below to tag a new release for the actions/attest action.

  1. Update the version field in package.json.

  2. Merge the latest changes to the main branch.

  3. Create a new release using a tag of the form vX.X.X following SemVer conventions:

    gh release create vX.X.X
  4. Move (or create) the major version tag to point to the same commit tagged above:

    git tag -fa vX -m "vX"
    git push origin vX --force
  5. As appropriate, update any actions like actions/attest-build-provenance and actions/attest-sbom which have a dependency on actions/attest

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/attest](https://github.com/actions/attest) from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763.
- [Release notes](https://github.com/actions/attest/releases)
- [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md)
- [Commits](actions/attest@f6bf153...a1948c3)

---
updated-dependencies:
- dependency-name: actions/attest
  dependency-version: a1948c3f048ba23858d222213b7c278aabede763
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@DeliciousBuding
DeliciousBuding merged commit 24139d8 into main Jul 15, 2026
9 of 10 checks passed
@DeliciousBuding
DeliciousBuding deleted the dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763 branch July 15, 2026 08:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant