Releases: actions/attest-build-provenance
Releases · actions/attest-build-provenance
v2.1.0
What's Changed
- Update README w/ note about GH plans supporting attestations by @bdehamer in #414
- Add
attestation-idandattestation-urloutputs by @bdehamer in #415
Full Changelog: v2.0.1...v2.1.0
Contributors
bdehamer
Assets 2
v2.0.1
What's Changed
- Bump actions/attest from 2.0.0 to 2.0.1 by @bdehamer in #406
- Deduplicate subjects before adding to in-toto statement
Full Changelog: v2.0.0...v2.0.1
Contributors
bdehamer
Assets 2
v2.0.0
The attest-build-provenance action now supports attesting multiple subjects simultaneously. When identifying multiple subjects with the subject-path input a single attestation is created with references to each of the supplied subjects, rather than generating separate attestations for each artifact. This reduces the number of attestations that you need to create and manage.
What's Changed
- Bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in #319
- Prepare v2.0.0 release by @bdehamer in #321
- Bump
actions/attestfrom 1.4.1 to 2.0.0 (w/ multi-subject attestation support)
- Bump
Full Changelog: v1.4.4...v2.0.0
Contributors
bdehamer and dependabot
Assets 2
v1.4.4
What's Changed
- Bump predicate action from 1.1.3 to 1.1.4 by @bdehamer in #310
- Bump @actions/core from 1.10.1 to 1.11.1 by @dependabot in #275
- Bump @actions/attest from 1.4.2 to 1.5.0 by @bdehamer in #309
- Fix SLSA provenance bug related to
workflow_refOIDC token claims containing the "@" symbol in the tag name (actions/toolkit#1863)
- Fix SLSA provenance bug related to
Full Changelog: v1.4.3...v1.4.4
Contributors
bdehamer and dependabot
Assets 2
v1.4.3
What's Changed
- Bump predicate from 1.1.2 to 1.1.3 by @bdehamer in #226
- Bump @actions/attest from 1.3.1 to 1.4.1 by @dependabot in #212
- Bump @actions/attest from 1.4.1 to 1.4.2 by @bdehamer in #225
- Fix bug w/ customized OIDC issuer URL for enterprise accounts (#222)
Full Changelog: v1.4.2...v1.4.3
Contributors
bdehamer and dependabot
Assets 2
v1.4.2
What's Changed
- Bump actions/attest from 1.4.0 to 1.4.1 by @bdehamer in #209
- Includes bug fix for issue with authenticated proxies (actions/toolkit#1798)
Full Changelog: v1.4.1...v1.4.2
Contributors
bdehamer
Assets 2
v1.4.1
What's Changed
Full Changelog: v1.4.0...v1.4.1
Contributors
bdehamer
Assets 2
v1.4.0
What's Changed
- Bump predicate action from 1.1.0 to 1.1.1 by @bdehamer in #182
- Fix for JWKS proxy bug
- Bump actions/attest from 1.3.3 to 1.4.0 by @bdehamer in #183
- Add
show-summaryinput - Format summary output as list
- Add
Full Changelog: v1.3.3...v1.4.0
Contributors
bdehamer
Assets 2
v1.3.3
What's Changed
- Bump actions/attest from 1.3.2 to 1.3.3 by @bdehamer in #152
- Bugfix for properly handling glob exclusion patterns in
subject-pathinput
- Bugfix for properly handling glob exclusion patterns in
Full Changelog: v1.3.2...v1.3.3
Contributors
bdehamer
Assets 2
v1.3.2
What's Changed
Full Changelog: v1.3.1...v1.3.2
Contributors
bdehamer