diff --git a/.github/workflows/release-sigstore-gradle-plugin-from-tag.yaml b/.github/workflows/release-sigstore-gradle-plugin-from-tag.yaml index 21d33684..11194e08 100644 --- a/.github/workflows/release-sigstore-gradle-plugin-from-tag.yaml +++ b/.github/workflows/release-sigstore-gradle-plugin-from-tag.yaml @@ -105,7 +105,7 @@ jobs: run: | cp "./release/${{ needs.provenance.outputs.attestation-name }}" "./release/sigstore-gradle-sign-base-plugin-${{ needs.process-tag.outputs.version }}.attestation.intoto.jsonl" - name: Download gradle release artifacts - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 + uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3 with: name: project-release-artifacts path: ./release/ diff --git a/.github/workflows/release-sigstore-java-from-tag.yaml b/.github/workflows/release-sigstore-java-from-tag.yaml index ddfbd823..e050052f 100644 --- a/.github/workflows/release-sigstore-java-from-tag.yaml +++ b/.github/workflows/release-sigstore-java-from-tag.yaml @@ -100,7 +100,7 @@ jobs: name: "${{ needs.provenance.outputs.attestation-name }}" path: ./release/ - name: Download gradle release artifacts - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 + uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3 with: name: project-release-artifacts path: ./release/