Bump actions/attest-build-provenance from 2.3.0 to 2.4.0
Open
Number: #316
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Contributor
Comments: 0
dependabot[bot]Association: Contributor
Comments: 0
Created:
June 11, 2025 at 07:58 PM UTC
(12 months ago)
(12 months ago)
Updated:
June 12, 2025 at 08:24 AM UTC
(12 months ago)
(12 months ago)
Labels:
dependencies github_actions
dependencies github_actions
Description:
Bumps actions/attest-build-provenance from 2.3.0 to 2.4.0.
Release notes
Sourced from actions/attest-build-provenance's releases.
v2.4.0
What's Changed
- Bump undici from 5.28.5 to 5.29.0 by
@dependabotin actions/attest-build-provenance#633- Bump actions/attest from 2.3.0 to 2.4.0 by
@bdehamerin actions/attest-build-provenance#654
- Includes support for the new well-known summary file which will accumulate paths to all attestations generated in a given workflow run
Full Changelog: https://github.com/actions/attest-build-provenance/compare/v2.3.0...v2.4.0
Commits
e8998f9bump actions/attest from 2.3.0 to 2.4.0 (#654)11c67f2Bump the npm-development group across 1 directory with 6 updates (#649)39cb715Bump the npm-development group across 1 directory with 7 updates (#641)7d91c40Bump undici from 5.28.5 to 5.29.0 (#633)d848170Bump super-linter/super-linter in the actions-minor group (#640)0ca36eaBump the npm-development group with 7 updates (#582)d82e7cdoffboard from eslint in superlinter (#618)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request Statistics
Commits:
1
1
Files Changed:
1
1
Additions:
+1
+1
Deletions:
-1
-1
Package Dependencies
Package:
actions/attest-build-provenance
Ecosystem:
actions
actions
Version Change:
2.3.0 → 2.4.0
Update Type:
Minor
Minor
Technical Details
| ID: | 1480256 |
| UUID: | 2585271371 |
| Node ID: | PR_kwDOBIkbMc6aGBxL |
| Host: | GitHub |
| Repository: | github/rubocop-github |
| Merge State: | Unknown |