chore(deps): bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0

[dependabot]

Bumps slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0.

Release notes

Sourced from slsa-framework/slsa-github-generator's releases.

v1.7.0

See the CHANGELOG for details.

v1.7.0-rc.1

See the CHANGELOG for details.

v1.7.0-rc.0

See the CHANGELOG for details.

This is UNFINALIZED.

Changelog

Sourced from slsa-framework/slsa-github-generator's changelog.

1.7.0

This release includes the first beta release of the Container-based builder. The Container-based builder provides a GitHub Actions reusable workflow that can be used to invoke a container image with a user-specified command to generate an artifact and SLSA Build L3 compliant provenance.

1.7.0: Go builder

• Added: A new go-version-file input was added. This allows you to specify a go.mod file in order to track which version of Go is used for your project.

Commits

• e55b76c chore: update documentation and references to v1.7.0 (#2239)
• 2c15ebe chore: update version references to v1.7.0-rc.1 (#2232)
• 1afe15e fix: remove verify-token schedule presubmit (#2231)
• 796d1f6 docs: Update CHANGELOG for v1.7.0 (#2196)
• e9db5e5 chore: remove RC version references for v1.7.0-rc.0 (#2228)
• 921bfa1 chore: release candidate v1.7.0-rc.0 (#2219)
• 87a3074 fix: version comments for GHA references (#2205)
• 0f7720d fix: verify-token daily runs (#2213)
• 0a4b841 chore(deps): update dependency eslint to v8.42.0 (#2214)
• 2bec132 fix: fix jq script syntax (#2211)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (master@48e9aa3). Click here to learn what that means.
Patch has no changes to coverable lines.

Additional details and impacted files

@@            Coverage Diff            @@
##             master    #2880   +/-   ##
=========================================
  Coverage          ?   81.67%           
=========================================
  Files             ?      133           
  Lines             ?    20193           
  Branches          ?        0           
=========================================
  Hits              ?    16493           
  Misses            ?     2847           
  Partials          ?      853           

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[github-actions]

Go Published Test Results

1 990 tests   1 990 ✔️  2m 35s ⏱️
   118 suites         0 💤
       1 files           0 ❌

Results for commit 41df2e9.

[github-actions]

E2E Tests Published Test Results

    4 files      4 suites   3h 29m 42s ⏱️
  97 tests   85 ✔️   5 💤 7 ❌
396 runs  368 ✔️ 20 💤 8 ❌

For more details on these failures, see this check.

Results for commit 41df2e9.