Closed bdehamer closed 5 months ago
Updates the action logic to use the @actions/attest and @sigstore/oci libraries instead of the local implementation.
@actions/attest
@sigstore/oci
Among other things, this brings-in the logic which generates the provenance statement from the GHA OIDC token instead of from the runtime environment.
Updates the action logic to use the
@actions/attestand@sigstore/ocilibraries instead of the local implementation.Among other things, this brings-in the logic which generates the provenance statement from the GHA OIDC token instead of from the runtime environment.