Merge pull request #861 from secure-systems-lab/dependabot/github_act…

…ions/action-dependencies-c28e6ef190 Bump the action-dependencies group with 2 updates
secure-systems-lab · Aug 13, 2024 · 874f79f · 874f79f
2 parents b71a2a0 + 0692186
commit 874f79f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -35,7 +35,7 @@ jobs:
         run: PIP_CONSTRAINT=requirements-build.txt python3 -m build --sdist --wheel --outdir dist/ .
 
       - name: Store build artifacts
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
         # NOTE: The GitHub release page contains the release artifacts too, but using
         # GitHub upload/download actions seems robuster: there is no need to compute
         # download URLs and tampering with artifacts between jobs is more limited.

diff --git a/.github/workflows/test-kms.yml b/.github/workflows/test-kms.yml
@@ -32,7 +32,7 @@ jobs:
           pip install --upgrade tox
 
       - name: Authenticate to Google Cloud
-        uses: google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa
+        uses: google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2
         with:
           token_format: access_token
           workload_identity_provider: projects/843741030650/locations/global/workloadIdentityPools/securesystemslib-tests/providers/securesystemslib-tests