diff --git a/.github/actions/compute-sha256/action.yml b/.github/actions/compute-sha256/action.yml index c486b9d237..de5e76b659 100644 --- a/.github/actions/compute-sha256/action.yml +++ b/.github/actions/compute-sha256/action.yml @@ -24,5 +24,5 @@ outputs: value: "${{ steps.compute.outputs.sha256 }}" runs: - using: node16 - main: 'dist/index.js' + using: "node20" + main: "dist/index.js" diff --git a/.github/actions/create-container_based-predicate/action.yml b/.github/actions/create-container_based-predicate/action.yml index 2ca54d9314..501da29235 100644 --- a/.github/actions/create-container_based-predicate/action.yml +++ b/.github/actions/create-container_based-predicate/action.yml @@ -16,19 +16,19 @@ name: "Create container-based SLSA predicate" description: "Creates a container-based SLSA predicate given a BuildDefinition." inputs: build-definition: - description: 'A JSON file describing the SLSA BuildDefinition' + description: "A JSON file describing the SLSA BuildDefinition" required: true output-file: - description: 'Output file to place predicate' + description: "Output file to place predicate" required: true binary-sha256: - description: 'Builder binary digest to place in resolvedDependencies' + description: "Builder binary digest to place in resolvedDependencies" required: true binary-uri: - description: 'Builder binary source location to place in resolvedDependencies' + description: "Builder binary source location to place in resolvedDependencies" required: true builder-id: - description: 'Trusted builder identity' + description: "Trusted builder identity" required: true token: description: "The GitHub Actions token." @@ -36,5 +36,5 @@ inputs: default: ${{ github.token }} runs: - using: node16 + using: "node20" main: "dist/index.js" diff --git a/.github/actions/detect-workflow-js/action.yml b/.github/actions/detect-workflow-js/action.yml index aa1681af20..f280efc89c 100644 --- a/.github/actions/detect-workflow-js/action.yml +++ b/.github/actions/detect-workflow-js/action.yml @@ -28,5 +28,5 @@ outputs: description: The path to the workflow relative to the repository, for example ".github/workflows/example.yml" runs: - using: node16 + using: "node20" main: "dist/index.js" diff --git a/.github/actions/generate-attestations/action.yml b/.github/actions/generate-attestations/action.yml index 29e66f8934..bc8000a236 100644 --- a/.github/actions/generate-attestations/action.yml +++ b/.github/actions/generate-attestations/action.yml @@ -12,21 +12,21 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Generate Attestations' -description: 'Generates in-toto attestations based on a SLSA output layout and a predicate' +name: "Generate Attestations" +description: "Generates in-toto attestations based on a SLSA output layout and a predicate" inputs: slsa-layout-file: - description: 'A JSON file describing the SLSA output layout with attestation filename keys and the generated subjects (and digests)' + description: "A JSON file describing the SLSA output layout with attestation filename keys and the generated subjects (and digests)" required: true predicate-type: - description: 'A URI defining the type of the predicate, for e.g. https://slsa.dev/provenance/v0.2' + description: "A URI defining the type of the predicate, for e.g. https://slsa.dev/provenance/v0.2" required: true predicate-file: - description: 'A JSON file describing the SLSA predicate to attach to the subjects' + description: "A JSON file describing the SLSA predicate to attach to the subjects" required: true output-folder: - description: 'Output folder to place attestations' + description: "Output folder to place attestations" required: true runs: - using: 'node16' - main: 'dist/index.js' + using: "node20" + main: "dist/index.js" diff --git a/.github/actions/privacy-check/action.yml b/.github/actions/privacy-check/action.yml index ca66d20c68..8e5077b8e1 100644 --- a/.github/actions/privacy-check/action.yml +++ b/.github/actions/privacy-check/action.yml @@ -33,5 +33,5 @@ outputs: description: "True if the repository is private." runs: - using: node16 + using: "node20" main: "dist/index.js" diff --git a/.github/actions/sign-attestations/action.yml b/.github/actions/sign-attestations/action.yml index dcb7ebfe1d..20aa90bfa7 100644 --- a/.github/actions/sign-attestations/action.yml +++ b/.github/actions/sign-attestations/action.yml @@ -12,19 +12,19 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Sign Attestations' -description: 'Signs in-toto attestations with Sigstore signing' +name: "Sign Attestations" +description: "Signs in-toto attestations with Sigstore signing" inputs: attestations: - description: 'Folder of attestations to sign' + description: "Folder of attestations to sign" required: true payload-type: - description: 'The in-toto payload type of the attestations' + description: "The in-toto payload type of the attestations" required: false - default: 'application/vnd.in-toto+json' + default: "application/vnd.in-toto+json" output-folder: - description: 'Output folder to place attestations' + description: "Output folder to place attestations" required: true runs: - using: 'node16' - main: 'dist/index.js' + using: "node20" + main: "dist/index.js" diff --git a/.github/actions/verify-token/action.yml b/.github/actions/verify-token/action.yml index 39dbdb55dc..314e08aeb5 100644 --- a/.github/actions/verify-token/action.yml +++ b/.github/actions/verify-token/action.yml @@ -49,5 +49,5 @@ outputs: description: "The tool repository ref taken from the signing certificate." runs: - using: "node16" + using: "node20" main: "dist/index.js" diff --git a/actions/delegator/setup-generic/action.yml b/actions/delegator/setup-generic/action.yml index 16db85d43c..a442006b02 100644 --- a/actions/delegator/setup-generic/action.yml +++ b/actions/delegator/setup-generic/action.yml @@ -88,5 +88,5 @@ outputs: description: "SLSA token" runs: - using: "node16" + using: "node20" main: "dist/index.js"