[PR #78] [CLOSED] ci(deps): Bump actions/attest-build-provenance from 3 to 4 #150

New issue

Closed

opened 2026-03-15 02:28:53 +03:00 by kerem · 0 comments

kerem commented 2026-03-15 02:28:53 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/asalimonov/authelia-admin/pull/78
Author: @dependabot[bot]
Created: 3/2/2026
Status: ❌ Closed

Base: main ← Head: dependabot/github_actions/actions/attest-build-provenance-4

---

📝 Commits (1)

• 3430225 ci(deps): Bump actions/attest-build-provenance from 3 to 4

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/docker-publish.yml (+1 -1)

📄 Description

Bumps actions/attest-build-provenance from 3 to 4.

Release notes

Sourced from actions/attest-build-provenance's releases.

v4.0.0

[!NOTE] As of version 4, actions/attest-build-provenance is simply a wrapper on top of actions/attest.

Existing applications may continue to use the attest-build-provenance action, but new implementations should use actions/attest instead.

What's Changed

• Prepare v4 release by @​bdehamer in actions/attest-build-provenance#835

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3.2.0...v4.0.0

v3.2.0

What's Changed

• Bump @​actions/core from 1.11.1 to 2.0.1 by @​dependabot[bot] in actions/attest-build-provenance#776
• Add more documentation on Artifact Metadata Storage Records by @​malancas in actions/attest-build-provenance#797
• Update actions/attest to latest version v3.2.0 by @​malancas in actions/attest-build-provenance#812

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0

v3.1.0

What's Changed

• Prepare v3 release by @​bdehamer in actions/attest-build-provenance#697
• Bump js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in actions/attest-build-provenance#749
• Bump tar from 7.5.1 to 7.5.2 by @​dependabot[bot] in actions/attest-build-provenance#753
• Bump glob from 10.4.5 to 10.5.0 by @​dependabot[bot] in actions/attest-build-provenance#754
• Bump @​types/node from 24.10.1 to 25.0.2 by @​dependabot[bot] in actions/attest-build-provenance#774
• Bump @​actions/attest from 1.6.0 to 2.0.0 by @​dependabot[bot] in actions/attest-build-provenance#736
• Bump @​actions/attest from 2.0.0 to 2.1.0 by @​dependabot[bot] in actions/attest-build-provenance#775
• Add support for creating artifact metadata storage records by @​malancas in actions/attest-build-provenance#779

New Contributors

• @​malancas made their first contribution in actions/attest-build-provenance#779

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0

Commits

• a2bbfa2 bump actions/attest from 4.0.0 to 4.1.0 (#838)
• 0856891 update RELEASE.md docs (#836)
• e4d4f7c prepare v4 release (#835)
• 02a49bd Bump github/codeql-action in the actions-minor group (#824)
• 7c757df Bump the npm-development group with 2 updates (#825)
• c44148e Bump github/codeql-action in the actions-minor group (#818)
• 3234352 Bump @​types/node from 25.0.10 to 25.2.0 in the npm-development group (#819)
• 18db129 Bump tar from 7.5.6 to 7.5.7 (#816)
• 90fadfa Bump @​actions/core from 2.0.1 to 2.0.2 in the npm-production group (#799)
• 57db8ba Bump the npm-development group across 1 directory with 3 updates (#808)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/asalimonov/authelia-admin/pull/78 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 3/2/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/github_actions/actions/attest-build-provenance-4` --- ### 📝 Commits (1) - [`3430225`](https://github.com/asalimonov/authelia-admin/commit/34302252dce4d299ce59a5a1b786e8120f2a3df8) ci(deps): Bump actions/attest-build-provenance from 3 to 4 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/docker-publish.yml` (+1 -1) </details> ### 📄 Description Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest-build-provenance/releases">actions/attest-build-provenance's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <blockquote> <p>[!NOTE] As of version 4, <code>actions/attest-build-provenance</code> is simply a wrapper on top of <a href="https://github.com/actions/attest"><code>actions/attest</code></a>.</p> <p>Existing applications may continue to use the <code>attest-build-provenance</code> action, but new implementations should use <code>actions/attest</code> instead.</p> </blockquote> <h2>What's Changed</h2> <ul> <li>Prepare v4 release by <a href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/835">actions/attest-build-provenance#835</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3.2.0...v4.0.0">https://github.com/actions/attest-build-provenance/compare/v3.2.0...v4.0.0</a></p> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@​actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/776">actions/attest-build-provenance#776</a></li> <li>Add more documentation on Artifact Metadata Storage Records by <a href="https://github.com/malancas"><code>@​malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/797">actions/attest-build-provenance#797</a></li> <li>Update actions/attest to latest version v3.2.0 by <a href="https://github.com/malancas"><code>@​malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/812">actions/attest-build-provenance#812</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0">https://github.com/actions/attest-build-provenance/compare/v3.1.0...v3.2.0</a></p> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Prepare v3 release by <a href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/697">actions/attest-build-provenance#697</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/749">actions/attest-build-provenance#749</a></li> <li>Bump tar from 7.5.1 to 7.5.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/753">actions/attest-build-provenance#753</a></li> <li>Bump glob from 10.4.5 to 10.5.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/754">actions/attest-build-provenance#754</a></li> <li>Bump <code>@​types/node</code> from 24.10.1 to 25.0.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/774">actions/attest-build-provenance#774</a></li> <li>Bump <code>@​actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/736">actions/attest-build-provenance#736</a></li> <li>Bump <code>@​actions/attest</code> from 2.0.0 to 2.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/775">actions/attest-build-provenance#775</a></li> <li>Add support for creating artifact metadata storage records by <a href="https://github.com/malancas"><code>@​malancas</code></a> in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@​malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest-build-provenance/pull/779">actions/attest-build-provenance#779</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0">https://github.com/actions/attest-build-provenance/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest-build-provenance/commit/a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32"><code>a2bbfa2</code></a> bump actions/attest from 4.0.0 to 4.1.0 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/838">#838</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/0856891a35570e4ac506b510f0358a4308f82385"><code>0856891</code></a> update RELEASE.md docs (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/836">#836</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/e4d4f7c39adfa4c260fb5c147f0622000aa14b99"><code>e4d4f7c</code></a> prepare v4 release (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/835">#835</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/02a49bdc410a809733602220c6f6275925d6b578"><code>02a49bd</code></a> Bump github/codeql-action in the actions-minor group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/824">#824</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/7c757df4145fcd233331998e58b20b422c833a00"><code>7c757df</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/825">#825</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/c44148e5bf178192efd8947e07a0d439a356c60b"><code>c44148e</code></a> Bump github/codeql-action in the actions-minor group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/818">#818</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/32343527f2ec94583cf7b31280de0f60dc9f0bf9"><code>3234352</code></a> Bump <code>@​types/node</code> from 25.0.10 to 25.2.0 in the npm-development group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/819">#819</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/18db12979d4cecda10c1cf295bcb159f3e59866d"><code>18db129</code></a> Bump tar from 7.5.6 to 7.5.7 (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/816">#816</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/90fadfae6ba2e2ef59f8d38e61ec3cf16443a18e"><code>90fadfa</code></a> Bump <code>@​actions/core</code> from 2.0.1 to 2.0.2 in the npm-production group (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/799">#799</a>)</li> <li><a href="https://github.com/actions/attest-build-provenance/commit/57db8ba356515a4c8608990f2aa27a6972235ccc"><code>57db8ba</code></a> Bump the npm-development group across 1 directory with 3 updates (<a href="https://redirect.github.com/actions/attest-build-provenance/issues/808">#808</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest-build-provenance/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-15 02:28:53 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

fix/new-user-password-not-set

dependabot/npm_and_yarn/svelte-6535ca4039

dependabot/npm_and_yarn/vite-35a443a342

dependabot/npm_and_yarn/tailwind-97bcedbae3

dependabot/npm_and_yarn/types-054763cb3e

dependabot/npm_and_yarn/eslint-plugin-svelte-3.16.0

dependabot/npm_and_yarn/inlang/paraglide-js-2.15.1

dependabot/npm_and_yarn/typescript-eslint-8.57.1

dependabot/npm_and_yarn/yaml-2.8.3

dependabot/npm_and_yarn/sqlite3-6.0.1

dependabot/npm_and_yarn/serve-14.2.6

dependabot/github_actions/docker/metadata-action-6

dependabot/github_actions/docker/setup-buildx-action-4

dependabot/github_actions/docker/login-action-4

dependabot/github_actions/docker/build-push-action-7

feature/postgres

feature/playwright

feature/group-management

feature/i18n

feature/lldap-graphql

feauture/lldap-graphql

docs/license

bug/unhealthy-docker

v1.1.0

v1.0.0

v0.1.0

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

enhancement

  

pull-request

Mirrored from GitHub Pull Request

No labels

enhancement

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/authelia-admin#150

No description provided.