Create README.md with introductory content #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - uses: actions/attest-build-provenance@v2 | ||
| with: dependabot.yml | ||
| # Path to the artifact serving as the subject of the attestation. Must | ||
| # specify exactly one of "subject-path", "subject-digest", or | ||
| # "subject-checksums". May contain a glob pattern or list of paths | ||
| # (total subject count cannot exceed 1024). | ||
| subject-path: * | ||
| # SHA256 digest of the subject for the attestation. Must be in the form | ||
| # "sha256:hex_digest" (e.g. "sha256:abc123..."). Must specify exactly one | ||
| # of "subject-path", "subject-digest", or "subject-checksums". | ||
| subject-digest:sha256 | ||
| # Subject name as it should appear in the attestation. Required when | ||
| # identifying the subject with the "subject-digest" input. | ||
| subject-name:work.yml | ||
| # Path to checksums file containing digest and name of subjects for | ||
| # attestation. Must specify exactly one of "subject-path", "subject-digest", | ||
| # or "subject-checksums". | ||
| subject-checksums:sha256 | ||
| # Whether to push the attestation to the image registry. Requires that the | ||
| # "subject-name" parameter specify the fully-qualified image name and that | ||
| # the "subject-digest" parameter be specified. Defaults to false. | ||
| push-to-registry: true | ||
| # Whether to attach a list of generated attestations to the workflow run | ||
| # summary page. Defaults to true. | ||
| show-summary: true | ||
| # The GitHub token used to make authenticated API requests. Default is | ||
| # ${{ github.token }} | ||
| github-token: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 | ||
