Skip to content

Bump actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763#2

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763
Open

Bump actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763#2
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown

Bumps actions/attest from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763.

Changelog

Sourced from actions/attest's changelog.

Release Instructions

Follow the steps below to tag a new release for the actions/attest action.

  1. Update the version field in package.json.

  2. Merge the latest changes to the main branch.

  3. Create a new release using a tag of the form vX.X.X following SemVer conventions:

    gh release create vX.X.X
  4. Move (or create) the major version tag to point to the same commit tagged above:

    git tag -fa vX -m "vX"
    git push origin vX --force
  5. As appropriate, update any actions like actions/attest-build-provenance and actions/attest-sbom which have a dependency on actions/attest

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 14, 2026
Bumps [actions/attest](https://github.com/actions/attest) from f6bf1532d7d6793fce74eac584813a8eee607999 to a1948c3f048ba23858d222213b7c278aabede763.
- [Release notes](https://github.com/actions/attest/releases)
- [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md)
- [Commits](actions/attest@f6bf153...a1948c3)

---
updated-dependencies:
- dependency-name: actions/attest
  dependency-version: a1948c3f048ba23858d222213b7c278aabede763
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/attest-a1948c3f048ba23858d222213b7c278aabede763 branch from 2cc11dd to eaf8d69 Compare July 14, 2026 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant