Skip to content

Releases: actions/attest-sbom

v2.4.0

11 Jun 17:46
bd218ad
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 2.2.1 to 2.3.0 in the actions-minor group by @dependabot in #169
  • Bump undici from 5.28.5 to 5.29.0 by @dependabot in #172
  • Bump actions/attest from 2.3.0 to 2.4.0 by @bdehamer in #178
    • Includes support for the new well-known summary file which will accumulate paths to all attestations generated in a given workflow run

Full Changelog: v2.2.0...v2.4.0

v2.2.0

22 Jan 17:30
115c3be
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from v2.1.0 to v2.2.0 by @bdehamer in #148
    • Includes support for new subject-checksums input parameter

Full Changelog: v2.1.0...v2.2.0

v2.1.0

09 Dec 21:52
cbfd002
Compare
Choose a tag to compare

What's Changed

  • Update README w/ note about GH plans supporting attestations by @bdehamer in #136
  • Add attestation-id and attestation-url outputs by @bdehamer in #137

Full Changelog: v2.0.1...v2.1.0

v2.0.1

06 Dec 15:38
34581d8
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 2.0.0 to 2.0.1 by @bdehamer in #133
    • Deduplicate subjects before adding to in-toto statement

Full Changelog: v2.0.0...v2.0.1

v2.0.0

04 Dec 15:58
1455967
Compare
Choose a tag to compare

The attest-sbom action now supports attesting multiple subjects simultaneously. When identifying multiple subjects with the subject-path input a single attestation is created with references to each of the supplied subjects, rather than generating separate attestations for each artifact. This reduces the number of attestations that you need to create and manage.

What's Changed

  • Bump @actions/core from 1.10.1 to 1.11.1 by @dependabot in #110
  • Prepare v2.0.0 release by @bdehamer in #126
    • Bump actions/attest from 1.4.1 to 2.0.0 (w/ multi-subject attestation support)

Full Changelog: v1.4.1...v2.0.0

v1.4.1

22 Aug 19:10
5026d36
Compare
Choose a tag to compare

What's Changed

Full Changelog: v1.4.0...v1.4.1

v1.4.0

30 Jul 20:31
f19ab44
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 1.3.3 to 1.4.0 by @bdehamer in #85
    • Add show-summary input
    • Format summary output as list

Full Changelog: v1.3.3...v1.4.0

v1.3.3

09 Jul 17:09
6d7733f
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 1.3.2 to 1.3.3 by @bdehamer in #80
    • Bugfix for properly handling glob exclusion patterns in subject-path input

Full Changelog: v1.3.2...v1.3.3

v1.3.2

17 Jun 17:36
3d6693d
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 1.3.1 to 1.3.2 by @bdehamer in #75
    • Increase timeout for OCI operations

Full Changelog: v1.3.1...v1.3.2

v1.3.1

13 Jun 21:59
91d05ef
Compare
Choose a tag to compare

What's Changed

  • Bump actions/attest from 1.3.0 to 1.3.1 by @bdehamer in #72
    • Bugfix when detecting support for the referrers API with OCI registries

Full Changelog: v1.3.0...v1.3.1