Skip to content

build(deps): bump actions/attest from 4.1.0 to 4.1.1#181

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/attest-4.1.1
Open

build(deps): bump actions/attest from 4.1.0 to 4.1.1#181
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/attest-4.1.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/attest from 4.1.0 to 4.1.1.

Release notes

Sourced from actions/attest's releases.

v4.1.1

What's Changed

Full Changelog: actions/attest@v4.1.0...v4.1.1

Commits
  • a1948c3 Bump @​sigstore/oci from 0.6.1 to 0.7.1 (#432)
  • b21da33 Bump csv-parse from 5.6.0 to 6.2.1 (#414)
  • d811ccf Bump actions/checkout from 6.0.3 to 7.0.0 (#431)
  • 2e48bd5 Bump the npm-development group across 1 directory with 4 updates (#433)
  • 4ad76f8 Bump markdown-it and markdownlint-cli (#425)
  • 701ae0b Bump tar from 7.5.11 to 7.5.17 (#429)
  • a8f22ca Bump form-data from 4.0.5 to 4.0.6 (#428)
  • 01540af Bump typescript from 5.9.3 to 6.0.3 (#407)
  • 5ec407f Bump github/codeql-action in the actions-minor group (#422)
  • 08210f8 Bump the npm-development group across 1 directory with 8 updates (#419)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026
@k-taro56 k-taro56 requested a review from Copilot June 26, 2026 19:44
@github-code-quality

github-code-quality Bot commented Jun 26, 2026

Copy link
Copy Markdown

Code Coverage Overview

Languages: TypeScript

TypeScript / code-coverage/arkor

The overall coverage remains at 99%, unchanged from the branch.

TypeScript / code-coverage/create-arkor

The overall coverage remains at 56%, unchanged from the branch.

TypeScript / code-coverage/cli-internal

The overall coverage remains at 97%, unchanged from the branch.

TypeScript / code-coverage/studio-app

The overall coverage remains at 53%, unchanged from the branch.


Updated July 03, 2026 06:26 UTC
Code Coverage is in Public Preview. Learn more and provide us with your feedback.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the pinned actions/attest GitHub Action used in the release build workflow from v4.1.0 to v4.1.1 (by commit SHA), keeping the supply-chain posture of pinning actions to immutable SHAs.

Changes:

  • Bump actions/attest from 59d8942… (v4.1.0) to a1948c3… (v4.1.1) for tarball attestations.
  • Bump actions/attest from 59d8942… (v4.1.0) to a1948c3… (v4.1.1) for SBOM attestations.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codecov

codecov Bot commented Jun 26, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/attest-4.1.1 branch from 24d971c to c3cd2dd Compare July 3, 2026 04:59
Bumps [actions/attest](https://github.com/actions/attest) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/attest/releases)
- [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md)
- [Commits](actions/attest@59d8942...a1948c3)

---
updated-dependencies:
- dependency-name: actions/attest
  dependency-version: 4.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/attest-4.1.1 branch from c3cd2dd to 5ff3f6b Compare July 3, 2026 06:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants