From 2796a0c1adf54f6c32ab04d2d2d30b7bd2952b1d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Mar 2026 17:13:50 +0000 Subject: [PATCH 1/4] Bump actions/upload-artifact from 6 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-assets.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-assets.yml b/.github/workflows/build-assets.yml index 234ad304..6969e326 100644 --- a/.github/workflows/build-assets.yml +++ b/.github/workflows/build-assets.yml @@ -59,7 +59,7 @@ jobs: uses: actions/attest-build-provenance@v3 with: subject-path: '${{ github.workspace }}/pie.phar' - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@v7 with: name: pie-${{ github.sha }}.phar path: pie.phar @@ -155,7 +155,7 @@ jobs: with: subject-path: '${{ github.workspace }}/${{ env.PIE_BINARY_OUTPUT }}' - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@v7 with: name: pie-${{ github.sha }}-${{ runner.os }}-${{ runner.arch }}.bin path: ${{ env.PIE_BINARY_OUTPUT }} From 730f3c28361e74b89fbc551781c8360232386380 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Mar 2026 17:13:44 +0000 Subject: [PATCH 2/4] Bump actions/download-artifact from 7 to 8 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-push-docker-image.yml | 2 +- .github/workflows/build-assets.yml | 2 +- .github/workflows/docs.yml | 4 ++-- .github/workflows/release.yml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-and-push-docker-image.yml b/.github/workflows/build-and-push-docker-image.yml index 1a8bd04d..b5ca8028 100644 --- a/.github/workflows/build-and-push-docker-image.yml +++ b/.github/workflows/build-and-push-docker-image.yml @@ -45,7 +45,7 @@ jobs: uses: actions/checkout@v6 - name: Fetch built PHAR from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: pie-${{ github.sha }}.phar diff --git a/.github/workflows/build-assets.yml b/.github/workflows/build-assets.yml index 6969e326..fe97ce24 100644 --- a/.github/workflows/build-assets.yml +++ b/.github/workflows/build-assets.yml @@ -124,7 +124,7 @@ jobs: echo "PIE_BINARY_OUTPUT=pie-${{ runner.os }}-${{ runner.arch }}.exe" >> $env:GITHUB_ENV - name: Grab the pie.phar from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: pie-${{ github.sha }}.phar diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 398947ce..eb2f1bdc 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -37,11 +37,11 @@ jobs: - name: Build documentation run: .github/docs/build-docs.sh - name: Fetch built PHAR from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: pie-${{ github.sha }}.phar - name: Fetch the executable PIEs from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: path: executable-pie-binaries pattern: pie-${{ github.sha }}-*.bin diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dbb2217e..6bac3342 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,11 +49,11 @@ jobs: steps: - uses: actions/checkout@v6 - name: Fetch built PHAR from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: pie-${{ github.sha }}.phar - name: Fetch the executable PIEs from artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: path: executable-pie-binaries pattern: pie-${{ github.sha }}-*.bin From 608cdb2e3c74db817d01f298358ed6ce9bce11ae Mon Sep 17 00:00:00 2001 From: James Titcumb Date: Fri, 6 Mar 2026 10:42:12 +0000 Subject: [PATCH 3/4] Bump phpstan/phpstan from 2.1.38 to 2.1.40 --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-version: 2.1.40 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- composer.json | 6 +- composer.lock | 144 +++++++++++++++++++------------------- src/Command/ArgvInput.php | 1 + 3 files changed, 76 insertions(+), 75 deletions(-) diff --git a/composer.json b/composer.json index 2f09d921..abe73a4a 100644 --- a/composer.json +++ b/composer.json @@ -34,7 +34,7 @@ "fidry/cpu-core-counter": "^1.3.0", "illuminate/container": "^10.49.0", "psr/container": "^2.0.2", - "symfony/console": "^6.4.32", + "symfony/console": "^6.4.34", "symfony/event-dispatcher": "^6.4.32", "symfony/process": "^6.4.33", "thephpf/attestation": "^0.0.5", @@ -45,8 +45,8 @@ "behat/behat": "^3.29.0", "bnf/phpstan-psr-container": "^1.1", "doctrine/coding-standard": "^14.0.0", - "phpstan/phpstan": "^2.1.38", - "phpstan/phpstan-phpunit": "^2.0", + "phpstan/phpstan": "^2.1.40", + "phpstan/phpstan-phpunit": "^2.0.16", "phpstan/phpstan-webmozart-assert": "^2.0", "phpunit/phpunit": "^10.5.63" }, diff --git a/composer.lock b/composer.lock index 06d3fa8a..cccf59cd 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "1138a5a4004fa55c3068062f3a2adc43", + "content-hash": "98324bf87a9527dc6f8638e8d70a799f", "packages": [ { "name": "composer/ca-bundle", @@ -793,16 +793,16 @@ }, { "name": "justinrainbow/json-schema", - "version": "6.6.4", + "version": "v6.7.2", "source": { "type": "git", "url": "https://github.com/jsonrainbow/json-schema.git", - "reference": "2eeb75d21cf73211335888e7f5e6fd7440723ec7" + "reference": "6fea66c7204683af437864e7c4e7abf383d14bc0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/jsonrainbow/json-schema/zipball/2eeb75d21cf73211335888e7f5e6fd7440723ec7", - "reference": "2eeb75d21cf73211335888e7f5e6fd7440723ec7", + "url": "https://api.github.com/repos/jsonrainbow/json-schema/zipball/6fea66c7204683af437864e7c4e7abf383d14bc0", + "reference": "6fea66c7204683af437864e7c4e7abf383d14bc0", "shasum": "" }, "require": { @@ -862,9 +862,9 @@ ], "support": { "issues": "https://github.com/jsonrainbow/json-schema/issues", - "source": "https://github.com/jsonrainbow/json-schema/tree/6.6.4" + "source": "https://github.com/jsonrainbow/json-schema/tree/v6.7.2" }, - "time": "2025-12-19T15:01:32+00:00" + "time": "2026-02-15T15:06:22+00:00" }, { "name": "marc-mabe/php-enum", @@ -1391,16 +1391,16 @@ }, { "name": "symfony/console", - "version": "v6.4.32", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3" + "reference": "7b1f1c37eff5910ddda2831345467e593a5120ad" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3", - "reference": "0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3", + "url": "https://api.github.com/repos/symfony/console/zipball/7b1f1c37eff5910ddda2831345467e593a5120ad", + "reference": "7b1f1c37eff5910ddda2831345467e593a5120ad", "shasum": "" }, "require": { @@ -1465,7 +1465,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.32" + "source": "https://github.com/symfony/console/tree/v6.4.34" }, "funding": [ { @@ -1485,7 +1485,7 @@ "type": "tidelift" } ], - "time": "2026-01-13T08:45:59+00:00" + "time": "2026-02-23T15:42:15+00:00" }, { "name": "symfony/deprecation-contracts", @@ -1716,16 +1716,16 @@ }, { "name": "symfony/filesystem", - "version": "v6.4.30", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "441c6b69f7222aadae7cbf5df588496d5ee37789" + "reference": "01ffe0411b842f93c571e5c391f289c3fdd498c3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/441c6b69f7222aadae7cbf5df588496d5ee37789", - "reference": "441c6b69f7222aadae7cbf5df588496d5ee37789", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/01ffe0411b842f93c571e5c391f289c3fdd498c3", + "reference": "01ffe0411b842f93c571e5c391f289c3fdd498c3", "shasum": "" }, "require": { @@ -1762,7 +1762,7 @@ "description": "Provides basic utilities for the filesystem", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/filesystem/tree/v6.4.30" + "source": "https://github.com/symfony/filesystem/tree/v6.4.34" }, "funding": [ { @@ -1782,20 +1782,20 @@ "type": "tidelift" } ], - "time": "2025-11-26T14:43:45+00:00" + "time": "2026-02-24T17:51:06+00:00" }, { "name": "symfony/finder", - "version": "v6.4.33", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", - "reference": "24965ca011dac87431729640feef8bcf7b5523e0" + "reference": "9590e86be1d1c57bfbb16d0dd040345378c20896" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/finder/zipball/24965ca011dac87431729640feef8bcf7b5523e0", - "reference": "24965ca011dac87431729640feef8bcf7b5523e0", + "url": "https://api.github.com/repos/symfony/finder/zipball/9590e86be1d1c57bfbb16d0dd040345378c20896", + "reference": "9590e86be1d1c57bfbb16d0dd040345378c20896", "shasum": "" }, "require": { @@ -1830,7 +1830,7 @@ "description": "Finds files and directories via an intuitive fluent interface", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/finder/tree/v6.4.33" + "source": "https://github.com/symfony/finder/tree/v6.4.34" }, "funding": [ { @@ -1850,7 +1850,7 @@ "type": "tidelift" } ], - "time": "2026-01-26T13:03:48+00:00" + "time": "2026-01-28T15:16:37+00:00" }, { "name": "symfony/polyfill-ctype", @@ -2421,16 +2421,16 @@ }, { "name": "symfony/string", - "version": "v6.4.30", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "50590a057841fa6bf69d12eceffce3465b9e32cb" + "reference": "2adaf4106f2ef4c67271971bde6d3fe0a6936432" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/50590a057841fa6bf69d12eceffce3465b9e32cb", - "reference": "50590a057841fa6bf69d12eceffce3465b9e32cb", + "url": "https://api.github.com/repos/symfony/string/zipball/2adaf4106f2ef4c67271971bde6d3fe0a6936432", + "reference": "2adaf4106f2ef4c67271971bde6d3fe0a6936432", "shasum": "" }, "require": { @@ -2486,7 +2486,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v6.4.30" + "source": "https://github.com/symfony/string/tree/v6.4.34" }, "funding": [ { @@ -2506,7 +2506,7 @@ "type": "tidelift" } ], - "time": "2025-11-21T18:03:05+00:00" + "time": "2026-02-08T20:44:54+00:00" }, { "name": "thephpf/attestation", @@ -3311,11 +3311,11 @@ }, { "name": "phpstan/phpstan", - "version": "2.1.38", + "version": "2.1.40", "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/dfaf1f530e1663aa167bc3e52197adb221582629", - "reference": "dfaf1f530e1663aa167bc3e52197adb221582629", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/9b2c7aeb83a75d8680ea5e7c9b7fca88052b766b", + "reference": "9b2c7aeb83a75d8680ea5e7c9b7fca88052b766b", "shasum": "" }, "require": { @@ -3360,7 +3360,7 @@ "type": "github" } ], - "time": "2026-01-30T17:12:46+00:00" + "time": "2026-02-23T15:04:35+00:00" }, { "name": "phpstan/phpstan-phpunit", @@ -4854,32 +4854,32 @@ }, { "name": "slevomat/coding-standard", - "version": "8.27.1", + "version": "8.28.0", "source": { "type": "git", "url": "https://github.com/slevomat/coding-standard.git", - "reference": "29bdaee8b65e7ed2b8e702b01852edba8bae1769" + "reference": "0cd4b30cc1037eca54091c188d260d570e61770c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/slevomat/coding-standard/zipball/29bdaee8b65e7ed2b8e702b01852edba8bae1769", - "reference": "29bdaee8b65e7ed2b8e702b01852edba8bae1769", + "url": "https://api.github.com/repos/slevomat/coding-standard/zipball/0cd4b30cc1037eca54091c188d260d570e61770c", + "reference": "0cd4b30cc1037eca54091c188d260d570e61770c", "shasum": "" }, "require": { "dealerdirect/phpcodesniffer-composer-installer": "^0.7 || ^1.2.0", "php": "^7.4 || ^8.0", - "phpstan/phpdoc-parser": "^2.3.1", + "phpstan/phpdoc-parser": "^2.3.2", "squizlabs/php_codesniffer": "^4.0.1" }, "require-dev": { - "phing/phing": "3.0.1|3.1.1", + "phing/phing": "3.0.1|3.1.2", "php-parallel-lint/php-parallel-lint": "1.4.0", - "phpstan/phpstan": "2.1.37", - "phpstan/phpstan-deprecation-rules": "2.0.3", - "phpstan/phpstan-phpunit": "2.0.12", - "phpstan/phpstan-strict-rules": "2.0.7", - "phpunit/phpunit": "9.6.31|10.5.60|11.4.4|11.5.49|12.5.7" + "phpstan/phpstan": "2.1.40", + "phpstan/phpstan-deprecation-rules": "2.0.4", + "phpstan/phpstan-phpunit": "2.0.16", + "phpstan/phpstan-strict-rules": "2.0.10", + "phpunit/phpunit": "9.6.34|10.5.63|11.4.4|11.5.50|12.5.14" }, "type": "phpcodesniffer-standard", "extra": { @@ -4903,7 +4903,7 @@ ], "support": { "issues": "https://github.com/slevomat/coding-standard/issues", - "source": "https://github.com/slevomat/coding-standard/tree/8.27.1" + "source": "https://github.com/slevomat/coding-standard/tree/8.28.0" }, "funding": [ { @@ -4915,7 +4915,7 @@ "type": "tidelift" } ], - "time": "2026-01-25T15:57:07+00:00" + "time": "2026-02-23T21:35:24+00:00" }, { "name": "squizlabs/php_codesniffer", @@ -4998,16 +4998,16 @@ }, { "name": "symfony/config", - "version": "v6.4.32", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/config.git", - "reference": "d445badf0ad2c2a492e38c0378c39997a56ef97b" + "reference": "ce9cb0c0d281aaf188b802d4968e42bfb60701e9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/config/zipball/d445badf0ad2c2a492e38c0378c39997a56ef97b", - "reference": "d445badf0ad2c2a492e38c0378c39997a56ef97b", + "url": "https://api.github.com/repos/symfony/config/zipball/ce9cb0c0d281aaf188b802d4968e42bfb60701e9", + "reference": "ce9cb0c0d281aaf188b802d4968e42bfb60701e9", "shasum": "" }, "require": { @@ -5053,7 +5053,7 @@ "description": "Helps you find, load, combine, autofill and validate configuration values of any kind", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/config/tree/v6.4.32" + "source": "https://github.com/symfony/config/tree/v6.4.34" }, "funding": [ { @@ -5073,20 +5073,20 @@ "type": "tidelift" } ], - "time": "2026-01-13T08:40:30+00:00" + "time": "2026-02-24T17:34:50+00:00" }, { "name": "symfony/dependency-injection", - "version": "v6.4.32", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/dependency-injection.git", - "reference": "b17882e933c4c606620247b6708ab53aa3b88753" + "reference": "91e49958b8a6092e48e4711894a1aeb1b151c62a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/b17882e933c4c606620247b6708ab53aa3b88753", - "reference": "b17882e933c4c606620247b6708ab53aa3b88753", + "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/91e49958b8a6092e48e4711894a1aeb1b151c62a", + "reference": "91e49958b8a6092e48e4711894a1aeb1b151c62a", "shasum": "" }, "require": { @@ -5138,7 +5138,7 @@ "description": "Allows you to standardize and centralize the way objects are constructed in your application", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/dependency-injection/tree/v6.4.32" + "source": "https://github.com/symfony/dependency-injection/tree/v6.4.34" }, "funding": [ { @@ -5158,20 +5158,20 @@ "type": "tidelift" } ], - "time": "2026-01-23T10:54:33+00:00" + "time": "2026-02-24T15:33:38+00:00" }, { "name": "symfony/translation", - "version": "v6.4.32", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/translation.git", - "reference": "d6cc8e2fdd484f2f41d25938b0e8e3915de3cfbc" + "reference": "d07d117db41341511671b0a1a2be48f2772189ce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/translation/zipball/d6cc8e2fdd484f2f41d25938b0e8e3915de3cfbc", - "reference": "d6cc8e2fdd484f2f41d25938b0e8e3915de3cfbc", + "url": "https://api.github.com/repos/symfony/translation/zipball/d07d117db41341511671b0a1a2be48f2772189ce", + "reference": "d07d117db41341511671b0a1a2be48f2772189ce", "shasum": "" }, "require": { @@ -5237,7 +5237,7 @@ "description": "Provides tools to internationalize your application", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/translation/tree/v6.4.32" + "source": "https://github.com/symfony/translation/tree/v6.4.34" }, "funding": [ { @@ -5257,7 +5257,7 @@ "type": "tidelift" } ], - "time": "2026-01-12T19:15:33+00:00" + "time": "2026-02-16T20:44:03+00:00" }, { "name": "symfony/translation-contracts", @@ -5424,16 +5424,16 @@ }, { "name": "symfony/yaml", - "version": "v6.4.30", + "version": "v6.4.34", "source": { "type": "git", "url": "https://github.com/symfony/yaml.git", - "reference": "8207ae83da19ee3748d6d4f567b4d9a7c656e331" + "reference": "7bca30dabed7900a08c5ad4f1d6483f881a64d0f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/yaml/zipball/8207ae83da19ee3748d6d4f567b4d9a7c656e331", - "reference": "8207ae83da19ee3748d6d4f567b4d9a7c656e331", + "url": "https://api.github.com/repos/symfony/yaml/zipball/7bca30dabed7900a08c5ad4f1d6483f881a64d0f", + "reference": "7bca30dabed7900a08c5ad4f1d6483f881a64d0f", "shasum": "" }, "require": { @@ -5476,7 +5476,7 @@ "description": "Loads and dumps YAML files", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/yaml/tree/v6.4.30" + "source": "https://github.com/symfony/yaml/tree/v6.4.34" }, "funding": [ { @@ -5496,7 +5496,7 @@ "type": "tidelift" } ], - "time": "2025-12-02T11:50:18+00:00" + "time": "2026-02-06T18:32:11+00:00" }, { "name": "theseer/tokenizer", diff --git a/src/Command/ArgvInput.php b/src/Command/ArgvInput.php index 225c377a..2df973ac 100644 --- a/src/Command/ArgvInput.php +++ b/src/Command/ArgvInput.php @@ -36,6 +36,7 @@ protected function parse(): void parent::parse(); + /** @phpstan-ignore notIdentical.alwaysFalse */ if ($this->exceptionThrown !== null) { throw $this->exceptionThrown; } From 7fa3aa6e590d6a929500670bdce89d50c8e59096 Mon Sep 17 00:00:00 2001 From: James Titcumb Date: Fri, 6 Mar 2026 10:43:40 +0000 Subject: [PATCH 4/4] Bump actions/attest-build-provenance from 3 to 4 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3 to 4. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-push-docker-image.yml | 2 +- .github/workflows/build-assets.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-push-docker-image.yml b/.github/workflows/build-and-push-docker-image.yml index b5ca8028..ebf0e290 100644 --- a/.github/workflows/build-and-push-docker-image.yml +++ b/.github/workflows/build-and-push-docker-image.yml @@ -90,7 +90,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Generate artifact attestation - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-name: ghcr.io/${{ github.repository }} subject-digest: ${{ steps.build-and-push.outputs.digest }} diff --git a/.github/workflows/build-assets.yml b/.github/workflows/build-assets.yml index fe97ce24..cd3cc541 100644 --- a/.github/workflows/build-assets.yml +++ b/.github/workflows/build-assets.yml @@ -56,7 +56,7 @@ jobs: # code, which would store attestation that `php/pie` built the PHAR, and # it would look genuine. So this should NOT run for PR builds. if: github.event_name != 'pull_request' - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-path: '${{ github.workspace }}/pie.phar' - uses: actions/upload-artifact@v7 @@ -151,7 +151,7 @@ jobs: # code, which would store attestation that `php/pie` built the binaries, # and it would look genuine. So this should NOT run for PR builds. if: github.event_name != 'pull_request' - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-path: '${{ github.workspace }}/${{ env.PIE_BINARY_OUTPUT }}'