ci(deps): bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 #428
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0.
Release notes
Sourced from slsa-framework/slsa-github-generator's releases.
Changelog
Sourced from slsa-framework/slsa-github-generator's changelog.
Commits
41733f7
chore: v2.0.0-rc.0: update tags (#3578)3789345
docs: v.2.0.0: finalize CHANGELOG.md (#3577)02fc78b
fix: deadlock and improve debugging experience (#3570)4534a0b
break: Revert "chore: Revert "fix: upload-artifact and download-artifact v4""...e8c2dcf
fix(deps): Update Sigstore Dep to Sigstore 2.2.2 (#3491)2512315
feat(breaking): remove attestation-name input and output (#3456)4fbc6a9
chore: add ramonpetgrave64 to CODEOWNERS (#3490)8869c8a
fix: Switch to newer DSSE rekor type (#3299)9d81ca7
chore: Update slsa-verifier version (#3454)d6b8c9f
chore: Ref to main after v1.10.0 release (#3421)You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)