Bump the actions group across 1 directory with 2 updates

[dependabot[bot]]

Bumps the actions group with 2 updates in the / directory: softprops/action-gh-release and actions/attest-build-provenance.

Updates softprops/action-gh-release from 2.0.9 to 2.1.0

Release notes

Sourced from softprops/action-gh-release's releases.

v2.1.0

What's Changed

Exciting New Features 🎉

• feat: add support for release assets with multiple spaces within the name by @​dukhine in softprops/action-gh-release#518
• feat: preserve upload order by @​richarddd in softprops/action-gh-release#500

Other Changes 🔄

• chore(deps): bump @​types/node from 22.8.2 to 22.8.7 by @​dependabot in softprops/action-gh-release#539

New Contributors

• @​dukhine made their first contribution in softprops/action-gh-release#518
• @​richarddd made their first contribution in softprops/action-gh-release#500

Full Changelog: https://github.com/softprops/action-gh-release/compare/v2...v2.1.0

Changelog

Sourced from softprops/action-gh-release's changelog.

2.1.0

What's Changed

Exciting New Features 🎉

• feat: add support for release assets with multiple spaces within the name by @​dukhine in softprops/action-gh-release#518
• feat: preserve upload order by @​richarddd in softprops/action-gh-release#500

Other Changes 🔄

• chore(deps): bump @​types/node from 22.8.2 to 22.8.7 by @​dependabot in softprops/action-gh-release#539

New Contributors

• @​dukhine made their first contribution in softprops/action-gh-release#518
• @​richarddd made their first contribution in softprops/action-gh-release#500

Full Changelog: https://github.com/softprops/action-gh-release/compare/v2...v2.1.0

2.0.9

• maintenance release with updated dependencies

2.0.8

Other Changes 🔄

• chore(deps): bump prettier from 2.8.0 to 3.3.3 by @​dependabot in softprops/action-gh-release#480
• chore(deps): bump @​types/node from 20.14.9 to 20.14.11 by @​dependabot in softprops/action-gh-release#483
• chore(deps): bump @​octokit/plugin-throttling from 9.3.0 to 9.3.1 by @​dependabot in softprops/action-gh-release#484
• chore(deps): bump glob from 10.4.2 to 11.0.0 by @​dependabot in softprops/action-gh-release#477
• refactor: write jest config in ts by @​chenrui333 in softprops/action-gh-release#485
• chore(deps): bump @​actions/github from 5.1.1 to 6.0.0 by @​dependabot in softprops/action-gh-release#470

2.0.7

Bug fixes 🐛

• Fix missing update release body by @​FirelightFlagboy in softprops/action-gh-release#365

Other Changes 🔄

• Bump @​octokit/plugin-retry from 4.0.3 to 7.1.1 by @​dependabot in softprops/action-gh-release#443
• Bump typescript from 4.9.5 to 5.5.2 by @​dependabot in softprops/action-gh-release#467
• Bump @​types/node from 20.14.6 to 20.14.8 by @​dependabot in softprops/action-gh-release#469
• Bump @​types/node from 20.14.8 to 20.14.9 by @​dependabot in softprops/action-gh-release#473
• Bump typescript from 5.5.2 to 5.5.3 by @​dependabot in softprops/action-gh-release#472
• Bump ts-jest from 29.1.5 to 29.2.2 by @​dependabot in softprops/action-gh-release#479
• docs: document that existing releases are updated by @​jvanbruegge in softprops/action-gh-release#474

2.0.6

• maintenance release with updated dependencies

... (truncated)

Commits

• 01570a1 chore: release 2.1.0
• d5f028c feature: preserve upload order (#500)
• 98daca2 feat: add support for release assets with multiple spaces within the name (#518)
• b019a5b chore: bump @​types/node to 22.9.0
• 73e673b chore(deps): bump @​types/node from 22.8.2 to 22.8.7 (#539)
• See full diff in compare view

Updates actions/attest-build-provenance from 1.4.0 to 1.4.4

Release notes

Sourced from actions/attest-build-provenance's releases.

v1.4.4

What's Changed

• Bump predicate action from 1.1.3 to 1.1.4 by @​bdehamer in actions/attest-build-provenance#310
  • Bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in actions/attest-build-provenance#275
  • Bump @​actions/attest from 1.4.2 to 1.5.0 by @​bdehamer in actions/attest-build-provenance#309
    • Fix SLSA provenance bug related to workflow_ref OIDC token claims containing the "@" symbol in the tag name (actions/toolkit#1863)

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v1.4.3...v1.4.4

v1.4.3

What's Changed

• Bump predicate from 1.1.2 to 1.1.3 by @​bdehamer in actions/attest-build-provenance#226
  • Bump @​actions/attest from 1.3.1 to 1.4.1 by @​dependabot in actions/attest-build-provenance#212
  • Bump @​actions/attest from 1.4.1 to 1.4.2 by @​bdehamer in actions/attest-build-provenance#225
  • Fix bug w/ customized OIDC issuer URL for enterprise accounts (#222)

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v1.4.2...v1.4.3

v1.4.2

What's Changed

• Bump actions/attest from 1.4.0 to 1.4.1 by @​bdehamer in actions/attest-build-provenance#209
  • Includes bug fix for issue with authenticated proxies (actions/toolkit#1798)

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v1.4.1...v1.4.2

v1.4.1

What's Changed

• Update predicate action to 1.1.2 by @​bdehamer in actions/attest-build-provenance#197
  • Dynamic construction of oidc issuer by @​bdehamer in actions/attest-build-provenance#195

Full Changelog: https://github.com/actions/attest-build-provenance/compare/v1.4.0...v1.4.1

Commits

• ef24412 bump predicate from 1.1.3 to 1.1.4 (#310)
• 36fa7d0 bump @​actions/attest from 1.4.2 to 1.5.0 (#309)
• 390c0bb Bump @​types/node from 22.8.1 to 22.8.7 in the npm-development group (#305)
• 21da615 Bump the npm-development group with 3 updates (#299)
• 0704961 Bump actions/publish-immutable-action in the actions-minor group (#298)
• d01b070 Bump the npm-development group with 3 updates (#278)
• b1d65e4 Add workflow file for publishing releases to immutable action package (#277)
• 3a27694 Bump @​actions/core from 1.10.1 to 1.11.1 (#275)
• dff1ae6 prevent e2e workflows on forks (#272)
• e5892d0 Bump the npm-development group with 3 updates (#263)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.