File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -245,15 +245,14 @@ jobs:
245245
246246 - name : Verify SLSA provenance (self-check)
247247 if : env.TEST_MODE != 'true'
248+ env :
249+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
248250 run : |
249251 set -euo pipefail
250- curl --proto '=https' --tlsv1.2 -fsSL https://github.com/slsa-framework/slsa-verifier/releases/latest/download/slsa-verifier-linux-amd64 \
251- -o /usr/local/bin/slsa-verifier
252- chmod +x /usr/local/bin/slsa-verifier
253-
254- slsa-verifier verify-artifact "artifacts/${CRATE_FILE}" \
255- --source-uri "github.com/${GITHUB_REPOSITORY}" \
256- --source-tag "${TAG}"
252+ echo "Verifying SLSA provenance for ${CRATE_FILE}"
253+ gh attestation verify "artifacts/${CRATE_FILE}" \
254+ --repo "${GITHUB_REPOSITORY}"
255+ echo "SLSA provenance verification passed"
257256
258257 - name : Cleanup build artifacts before publish
259258 if : env.TEST_MODE != 'true'
Original file line number Diff line number Diff line change 11[package ]
22name = " digipin-rs"
3- version = " 0.1.0-beta.3 "
3+ version = " 0.1.0-beta.4 "
44edition = " 2024"
55license = " Apache-2.0"
66description = " Rust library for encoding and decoding DIGIPIN (Digital Postal Index Number)"
You can’t perform that action at this time.
0 commit comments