From 7c271047c3f5810bccba7d8660fb62a55fcc2169 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 11 May 2024 15:43:59 +0000
Subject: [PATCH] fix: upgrade @sigstore/bundle from 2.3.0 to 2.3.1

Snyk has created this PR to upgrade @sigstore/bundle from 2.3.0 to 2.3.1.

See this package in npm:
https://www.npmjs.com/package/@sigstore/bundle

See this project in Snyk:
https://app.snyk.io/org/graysonbarton/project/8a4a1058-0e7b-4d31-9d84-386d24077788?utm_source=github&utm_medium=referral&page=upgrade-pr
---
 packages/attest/package-lock.json | 18 +++++++++---------
 packages/attest/package.json      |  2 +-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/packages/attest/package-lock.json b/packages/attest/package-lock.json
index 98f20097cd..cdf6375000 100644
--- a/packages/attest/package-lock.json
+++ b/packages/attest/package-lock.json
@@ -1,19 +1,19 @@
 {
   "name": "@actions/attest",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@actions/attest",
-      "version": "1.2.0",
+      "version": "1.2.1",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.1",
         "@actions/github": "^6.0.0",
         "@actions/http-client": "^2.2.1",
         "@octokit/plugin-retry": "^6.0.1",
-        "@sigstore/bundle": "^2.3.0",
+        "@sigstore/bundle": "^2.3.1",
         "@sigstore/sign": "^2.3.0",
         "jsonwebtoken": "^9.0.2",
         "jwks-rsa": "^3.1.0"
@@ -489,9 +489,9 @@
       }
     },
     "node_modules/@sigstore/bundle": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.0.tgz",
-      "integrity": "sha512-MU3XYHkOvKEFnuUtcAtVh0s4RTemRyi1NN87+v9fAL0qR9JZuK/nF27YJ79wjPvvi1W9sz3qc7cTgshH5tji6Q==",
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.1.tgz",
+      "integrity": "sha512-eqV17lO3EIFqCWK3969Rz+J8MYrRZKw9IBHpSo6DEcEX2c+uzDFOgHE9f2MnyDpfs48LFO4hXmk9KhQ74JzU1g==",
       "dependencies": {
         "@sigstore/protobuf-specs": "^0.3.1"
       },
@@ -2397,9 +2397,9 @@
       "optional": true
     },
     "@sigstore/bundle": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.0.tgz",
-      "integrity": "sha512-MU3XYHkOvKEFnuUtcAtVh0s4RTemRyi1NN87+v9fAL0qR9JZuK/nF27YJ79wjPvvi1W9sz3qc7cTgshH5tji6Q==",
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/@sigstore/bundle/-/bundle-2.3.1.tgz",
+      "integrity": "sha512-eqV17lO3EIFqCWK3969Rz+J8MYrRZKw9IBHpSo6DEcEX2c+uzDFOgHE9f2MnyDpfs48LFO4hXmk9KhQ74JzU1g==",
       "requires": {
         "@sigstore/protobuf-specs": "^0.3.1"
       }
diff --git a/packages/attest/package.json b/packages/attest/package.json
index aa4d0cab36..9899812878 100644
--- a/packages/attest/package.json
+++ b/packages/attest/package.json
@@ -47,7 +47,7 @@
     "@actions/github": "^6.0.0",
     "@actions/http-client": "^2.2.1",
     "@octokit/plugin-retry": "^6.0.1",
-    "@sigstore/bundle": "^2.3.0",
+    "@sigstore/bundle": "^2.3.1",
     "@sigstore/sign": "^2.3.0",
     "jsonwebtoken": "^9.0.2",
     "jwks-rsa": "^3.1.0"