bump @actions/attest from 1.0.0 to 1.1.0 (#33)

Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-12-13 19:02:19 +00:00 · 2024-03-29 08:47:10 -07:00 · 2024-03-29 08:47:10 -07:00 · 810042e79b
commit 810042e79b
parent 5096d305ee
6 changed files with 377 additions and 49 deletions
--- a/tests/main.test.ts
+++ b/tests/main.test.ts
@ -1,8 +1,9 @@
 import * as core from '@actions/core'
 import * as jose from 'jose'
 import nock from 'nock'
 import * as main from '../src/main'
-// Mock the GitHub Actions core library
+// Mock the GitHub Actions core library functions
 jest.mock('@actions/core')
 const setOutputMock = jest.spyOn(core, 'setOutput')
 const setFailedMock = jest.spyOn(core, 'setFailed')
@ -11,50 +12,76 @@ setFailedMock.mockImplementation(() => {})
 describe('main', () => {
  let outputs = {} as Record<string, string>
  const originalEnv = process.env
  const issuer = 'https://token.actions.githubusercontent.com'
  const audience = 'nobody'
  const jwksPath = '/.well-known/jwks.json'
  const tokenPath = '/token'
-  beforeEach(() => {
+  const claims = {
    iss: issuer,
    aud: 'nobody',
    repository: 'owner/repo',
    ref: 'refs/heads/main',
    sha: 'babca52ab0c93ae16539e5923cb0d7403b9a093b',
    workflow_ref: 'owner/repo/.github/workflows/main.yml@main',
    event_name: 'push',
    repository_id: 'repo-id',
    repository_owner_id: 'owner-id',
    run_id: 'run-id',
    run_attempt: 'run-attempt',
    runner_environment: 'github-hosted'
  }
  beforeEach(async () => {
    jest.resetAllMocks()
    setOutputMock.mockImplementation((key, value) => {
      outputs[key] = value
    })
    process.env = {
      ...originalEnv,
      ACTIONS_ID_TOKEN_REQUEST_URL: `${issuer}${tokenPath}?`,
      ACTIONS_ID_TOKEN_REQUEST_TOKEN: 'token',
      GITHUB_SERVER_URL: 'https://github.com',
      GITHUB_REPOSITORY: claims.repository
    }
    // Generate JWT signing key
    const key = await jose.generateKeyPair('PS256')
    // Create JWK, JWKS, and JWT
    const kid = '12345'
    const jwk = await jose.exportJWK(key.publicKey)
    const jwks = { keys: [{ ...jwk, kid }] }
    const jwt = await new jose.SignJWT(claims)
      .setProtectedHeader({ alg: 'PS256', kid })
      .sign(key.privateKey)
    // Mock OpenID configuration and JWKS endpoints
    nock(issuer)
      .get('/.well-known/openid-configuration')
      .reply(200, { jwks_uri: `${issuer}${jwksPath}` })
    nock(issuer).get(jwksPath).reply(200, jwks)
    // Mock OIDC token endpoint for populating the provenance
    nock(issuer).get(tokenPath).query({ audience }).reply(200, { value: jwt })
  })
  afterEach(() => {
    outputs = {}
    process.env = originalEnv
  })
  it('successfully run main', async () => {
    const originalEnv = process.env
    process.env = {
      ...originalEnv,
      GITHUB_REPOSITORY: 'owner/repo',
      GITHUB_REF: 'refs/heads/main',
      GITHUB_SHA: 'babca52ab0c93ae16539e5923cb0d7403b9a093b',
      GITHUB_WORKFLOW_REF: 'owner/repo/.github/workflows/main.yml@main',
      GITHUB_SERVER_URL: 'https://github.com',
      GITHUB_EVENT_NAME: 'push',
      GITHUB_REPOSITORY_ID: 'repo-id',
      GITHUB_REPOSITORY_OWNER_ID: 'owner-id',
      GITHUB_RUN_ID: 'run-id',
      GITHUB_RUN_ATTEMPT: 'run-attempt',
      RUNNER_ENVIRONMENT: 'github-hosted'
    }
    // Run the main function
    await main.run()
    // Verify that outputs were set correctly
    expect(setOutputMock).toHaveBeenCalledTimes(2)
    // Use the expected object in the test assertion
    expect(outputs['predicate']).toMatchSnapshot()
-
+    expect(outputs['predicate-type']).toBe('https://slsa.dev/provenance/v1')
    expect(setOutputMock).toHaveBeenNthCalledWith(
      2,
      'predicate-type',
      'https://slsa.dev/provenance/v1'
    )
    process.env = originalEnv
  })
 })
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
--- a/package-lock.json
+++ b/package-lock.json
@ -1,15 +1,15 @@
 {
-  "name": "typescript-action",
+  "name": "actions/attest-build-provenance",
-  "version": "0.0.0",
+  "version": "0.1.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
-      "name": "typescript-action",
+      "name": "actions/attest-build-provenance",
-      "version": "0.0.0",
+      "version": "0.1.1",
      "license": "MIT",
      "dependencies": {
-        "@actions/attest": "^1.0.0",
+        "@actions/attest": "^1.1.0",
        "@actions/core": "^1.10.1"
      },
      "devDependencies": {
@ -24,7 +24,9 @@
        "eslint-plugin-jsonc": "^2.14.1",
        "eslint-plugin-prettier": "^5.1.3",
        "jest": "^29.7.0",
        "jose": "^5.2.3",
        "markdownlint-cli": "^0.39.0",
        "nock": "^13.5.4",
        "prettier": "^3.2.5",
        "prettier-eslint": "^16.3.0",
        "ts-jest": "^29.1.2",
@ -43,12 +45,17 @@
      }
    },
    "node_modules/@actions/attest": {
-      "version": "1.0.0",
+      "version": "1.1.0",
-      "license": "MIT",
+      "resolved": "https://registry.npmjs.org/@actions/attest/-/attest-1.1.0.tgz",
      "integrity": "sha512-SrKYqTjDAEmVwQMeY4kb3LBsF2O02aKjN1ePJPJfSEK8Vr8IGYMw4ts2mFlKRYc6/yp87OQb0owyXfoMj5BzZA==",
      "dependencies": {
        "@actions/core": "^1.10.1",
        "@actions/github": "^6.0.0",
        "@actions/http-client": "^2.2.1",
        "@sigstore/bundle": "^2.2.0",
        "@sigstore/sign": "^2.2.3",
        "jsonwebtoken": "^9.0.2",
        "jwks-rsa": "^3.1.0",
        "make-fetch-happen": "^13.0.0"
      }
    },
@ -71,8 +78,9 @@
      }
    },
    "node_modules/@actions/http-client": {
-      "version": "2.2.0",
+      "version": "2.2.1",
-      "license": "MIT",
+      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz",
      "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==",
      "dependencies": {
        "tunnel": "^0.0.6",
        "undici": "^5.25.4"
@ -1566,6 +1574,23 @@
        "@babel/types": "^7.20.7"
      }
    },
    "node_modules/@types/body-parser": {
      "version": "1.19.5",
      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz",
      "integrity": "sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==",
      "dependencies": {
        "@types/connect": "*",
        "@types/node": "*"
      }
    },
    "node_modules/@types/connect": {
      "version": "3.4.38",
      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz",
      "integrity": "sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==",
      "dependencies": {
        "@types/node": "*"
      }
    },
    "node_modules/@types/eslint": {
      "version": "8.44.2",
      "dev": true,
@ -1584,6 +1609,28 @@
      "optional": true,
      "peer": true
    },
    "node_modules/@types/express": {
      "version": "4.17.21",
      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz",
      "integrity": "sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==",
      "dependencies": {
        "@types/body-parser": "*",
        "@types/express-serve-static-core": "^4.17.33",
        "@types/qs": "*",
        "@types/serve-static": "*"
      }
    },
    "node_modules/@types/express-serve-static-core": {
      "version": "4.17.43",
      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.43.tgz",
      "integrity": "sha512-oaYtiBirUOPQGSWNGPWnzyAFJ0BP3cwvN4oWZQY+zUBwpVIGsKUkpBpSztp74drYcjavs7SKFZ4DX1V2QeN8rg==",
      "dependencies": {
        "@types/node": "*",
        "@types/qs": "*",
        "@types/range-parser": "*",
        "@types/send": "*"
      }
    },
    "node_modules/@types/graceful-fs": {
      "version": "4.1.6",
      "dev": true,
@ -1592,6 +1639,11 @@
        "@types/node": "*"
      }
    },
    "node_modules/@types/http-errors": {
      "version": "2.0.4",
      "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz",
      "integrity": "sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA=="
    },
    "node_modules/@types/istanbul-lib-coverage": {
      "version": "2.0.4",
      "dev": true,
@ -1633,21 +1685,62 @@
      "integrity": "sha512-dRLjCWHYg4oaA77cxO64oO+7JwCwnIzkZPdrrC71jQmQtlhM556pwKo5bUzqvZndkVbeFLIIi+9TC40JNF5hNQ==",
      "dev": true
    },
    "node_modules/@types/jsonwebtoken": {
      "version": "9.0.6",
      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.6.tgz",
      "integrity": "sha512-/5hndP5dCjloafCXns6SZyESp3Ldq7YjH3zwzwczYnjxIT0Fqzk5ROSYVGfFyczIue7IUEj8hkvLbPoLQ18vQw==",
      "dependencies": {
        "@types/node": "*"
      }
    },
    "node_modules/@types/mime": {
      "version": "1.3.5",
      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
      "integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w=="
    },
    "node_modules/@types/node": {
      "version": "20.11.30",
      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.30.tgz",
      "integrity": "sha512-dHM6ZxwlmuZaRmUPfv1p+KrdD1Dci04FbdEm/9wEMouFqxYoFl5aMkt0VMAUtYRQDyYvD41WJLukhq/ha3YuTw==",
      "dev": true,
      "dependencies": {
        "undici-types": "~5.26.4"
      }
    },
    "node_modules/@types/qs": {
      "version": "6.9.14",
      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.14.tgz",
      "integrity": "sha512-5khscbd3SwWMhFqylJBLQ0zIu7c1K6Vz0uBIt915BI3zV0q1nfjRQD3RqSBcPaO6PHEF4ov/t9y89fSiyThlPA=="
    },
    "node_modules/@types/range-parser": {
      "version": "1.2.7",
      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
      "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ=="
    },
    "node_modules/@types/semver": {
      "version": "7.5.8",
      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.8.tgz",
      "integrity": "sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==",
      "dev": true
    },
    "node_modules/@types/send": {
      "version": "0.17.4",
      "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz",
      "integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==",
      "dependencies": {
        "@types/mime": "^1",
        "@types/node": "*"
      }
    },
    "node_modules/@types/serve-static": {
      "version": "1.15.5",
      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.5.tgz",
      "integrity": "sha512-PDRk21MnK70hja/YF8AHfC7yIsiQHn1rcXx7ijCFBX/k+XQJhQT/gw3xekXKJvx+5SXaMMS8oqQy09Mzvz2TuQ==",
      "dependencies": {
        "@types/http-errors": "*",
        "@types/mime": "*",
        "@types/node": "*"
      }
    },
    "node_modules/@types/stack-utils": {
      "version": "2.0.1",
      "dev": true,
@ -2393,6 +2486,11 @@
        "node-int64": "^0.4.0"
      }
    },
    "node_modules/buffer-equal-constant-time": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
      "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA=="
    },
    "node_modules/buffer-from": {
      "version": "1.1.2",
      "dev": true,
@ -2826,6 +2924,14 @@
      "version": "0.2.0",
      "license": "MIT"
    },
    "node_modules/ecdsa-sig-formatter": {
      "version": "1.0.11",
      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
      "dependencies": {
        "safe-buffer": "^5.0.1"
      }
    },
    "node_modules/electron-to-chromium": {
      "version": "1.4.505",
      "dev": true,
@ -5364,6 +5470,15 @@
        "url": "https://github.com/chalk/supports-color?sponsor=1"
      }
    },
    "node_modules/jose": {
      "version": "5.2.3",
      "resolved": "https://registry.npmjs.org/jose/-/jose-5.2.3.tgz",
      "integrity": "sha512-KUXdbctm1uHVL8BYhnyHkgp3zDX5KW8ZhAKVFEfUbU2P8Alpzjb+48hHvjOdQIyPshoblhzsuqOwEEAbtHVirA==",
      "dev": true,
      "funding": {
        "url": "https://github.com/sponsors/panva"
      }
    },
    "node_modules/js-tokens": {
      "version": "4.0.0",
      "dev": true,
@ -5415,6 +5530,12 @@
      "dev": true,
      "license": "MIT"
    },
    "node_modules/json-stringify-safe": {
      "version": "5.0.1",
      "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
      "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==",
      "dev": true
    },
    "node_modules/json5": {
      "version": "2.2.3",
      "dev": true,
@ -5449,6 +5570,27 @@
      "integrity": "sha512-AilxAyFOAcK5wA1+LeaySVBrHsGQvUFCDWXKpZjzaL0PqW+xfBOttn8GNtWKFWqneyMZj41MWF9Kl6iPWLwgOA==",
      "dev": true
    },
    "node_modules/jsonwebtoken": {
      "version": "9.0.2",
      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz",
      "integrity": "sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==",
      "dependencies": {
        "jws": "^3.2.2",
        "lodash.includes": "^4.3.0",
        "lodash.isboolean": "^3.0.3",
        "lodash.isinteger": "^4.0.4",
        "lodash.isnumber": "^3.0.3",
        "lodash.isplainobject": "^4.0.6",
        "lodash.isstring": "^4.0.1",
        "lodash.once": "^4.0.0",
        "ms": "^2.1.1",
        "semver": "^7.5.4"
      },
      "engines": {
        "node": ">=12",
        "npm": ">=6"
      }
    },
    "node_modules/jsx-ast-utils": {
      "version": "3.3.5",
      "resolved": "https://registry.npmjs.org/jsx-ast-utils/-/jsx-ast-utils-3.3.5.tgz",
@ -5464,6 +5606,49 @@
        "node": ">=4.0"
      }
    },
    "node_modules/jwa": {
      "version": "1.4.1",
      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
      "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
      "dependencies": {
        "buffer-equal-constant-time": "1.0.1",
        "ecdsa-sig-formatter": "1.0.11",
        "safe-buffer": "^5.0.1"
      }
    },
    "node_modules/jwks-rsa": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/jwks-rsa/-/jwks-rsa-3.1.0.tgz",
      "integrity": "sha512-v7nqlfezb9YfHHzYII3ef2a2j1XnGeSE/bK3WfumaYCqONAIstJbrEGapz4kadScZzEt7zYCN7bucj8C0Mv/Rg==",
      "dependencies": {
        "@types/express": "^4.17.17",
        "@types/jsonwebtoken": "^9.0.2",
        "debug": "^4.3.4",
        "jose": "^4.14.6",
        "limiter": "^1.1.5",
        "lru-memoizer": "^2.2.0"
      },
      "engines": {
        "node": ">=14"
      }
    },
    "node_modules/jwks-rsa/node_modules/jose": {
      "version": "4.15.5",
      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz",
      "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==",
      "funding": {
        "url": "https://github.com/sponsors/panva"
      }
    },
    "node_modules/jws": {
      "version": "3.2.2",
      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
      "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
      "dependencies": {
        "jwa": "^1.4.1",
        "safe-buffer": "^5.0.1"
      }
    },
    "node_modules/keyv": {
      "version": "4.5.3",
      "dev": true,
@ -5518,6 +5703,11 @@
        "node": ">= 0.8.0"
      }
    },
    "node_modules/limiter": {
      "version": "1.1.5",
      "resolved": "https://registry.npmjs.org/limiter/-/limiter-1.1.5.tgz",
      "integrity": "sha512-FWWMIEOxz3GwUI4Ts/IvgVy6LPvoMPgjMdQ185nN6psJyBJ4yOpzqm695/h5umdLJg2vW3GR5iG11MAkR2AzJA=="
    },
    "node_modules/lines-and-columns": {
      "version": "1.2.4",
      "dev": true,
@ -5557,6 +5747,41 @@
      "integrity": "sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==",
      "dev": true
    },
    "node_modules/lodash.clonedeep": {
      "version": "4.5.0",
      "resolved": "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz",
      "integrity": "sha512-H5ZhCF25riFd9uB5UCkVKo61m3S/xZk1x4wA6yp/L3RFP6Z/eHH1ymQcGLo7J3GMPfm0V/7m1tryHuGVxpqEBQ=="
    },
    "node_modules/lodash.includes": {
      "version": "4.3.0",
      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
      "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w=="
    },
    "node_modules/lodash.isboolean": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
      "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg=="
    },
    "node_modules/lodash.isinteger": {
      "version": "4.0.4",
      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
      "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA=="
    },
    "node_modules/lodash.isnumber": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
      "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw=="
    },
    "node_modules/lodash.isplainobject": {
      "version": "4.0.6",
      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA=="
    },
    "node_modules/lodash.isstring": {
      "version": "4.0.1",
      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw=="
    },
    "node_modules/lodash.kebabcase": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/lodash.kebabcase/-/lodash.kebabcase-4.1.1.tgz",
@ -5573,6 +5798,11 @@
      "dev": true,
      "license": "MIT"
    },
    "node_modules/lodash.once": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
      "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg=="
    },
    "node_modules/lodash.snakecase": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/lodash.snakecase/-/lodash.snakecase-4.1.1.tgz",
@ -5672,6 +5902,29 @@
        "yallist": "^3.0.2"
      }
    },
    "node_modules/lru-memoizer": {
      "version": "2.2.0",
      "resolved": "https://registry.npmjs.org/lru-memoizer/-/lru-memoizer-2.2.0.tgz",
      "integrity": "sha512-QfOZ6jNkxCcM/BkIPnFsqDhtrazLRsghi9mBwFAzol5GCvj4EkFT899Za3+QwikCg5sRX8JstioBDwOxEyzaNw==",
      "dependencies": {
        "lodash.clonedeep": "^4.5.0",
        "lru-cache": "~4.0.0"
      }
    },
    "node_modules/lru-memoizer/node_modules/lru-cache": {
      "version": "4.0.2",
      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.0.2.tgz",
      "integrity": "sha512-uQw9OqphAGiZhkuPlpFGmdTU2tEuhxTourM/19qGJrxBPHAr/f8BT1a0i/lOclESnGatdJG/UCkP9kZB/Lh1iw==",
      "dependencies": {
        "pseudomap": "^1.0.1",
        "yallist": "^2.0.0"
      }
    },
    "node_modules/lru-memoizer/node_modules/yallist": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz",
      "integrity": "sha512-ncTzHV7NvsQZkYe1DW7cbDLm0YpzHmZF5r/iyP3ZnQtMiJ+pjzisCiMNI+Sj+xQF5pXhSHxSB3uDbsBTzY/c2A=="
    },
    "node_modules/make-dir": {
      "version": "4.0.0",
      "dev": true,
@ -6046,6 +6299,20 @@
        "node": ">= 0.6"
      }
    },
    "node_modules/nock": {
      "version": "13.5.4",
      "resolved": "https://registry.npmjs.org/nock/-/nock-13.5.4.tgz",
      "integrity": "sha512-yAyTfdeNJGGBFxWdzSKCBYxs5FxLbCg5X5Q4ets974hcQzG1+qCxvIyOo4j2Ry6MUlhWVMX4OoYDefAIIwupjw==",
      "dev": true,
      "dependencies": {
        "debug": "^4.1.0",
        "json-stringify-safe": "^5.0.1",
        "propagate": "^2.0.0"
      },
      "engines": {
        "node": ">= 10.13"
      }
    },
    "node_modules/node-int64": {
      "version": "0.4.0",
      "dev": true,
@ -6676,6 +6943,20 @@
        "node": ">= 6"
      }
    },
    "node_modules/propagate": {
      "version": "2.0.1",
      "resolved": "https://registry.npmjs.org/propagate/-/propagate-2.0.1.tgz",
      "integrity": "sha512-vGrhOavPSTz4QVNuBNdcNXePNdNMaO1xj9yBeH1ScQPjk/rhg9sSlCXPhMkFuaNNW/syTvYqsnbIJxMBfRbbag==",
      "dev": true,
      "engines": {
        "node": ">= 8"
      }
    },
    "node_modules/pseudomap": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz",
      "integrity": "sha512-b/YwNhb8lk1Zz2+bXXpS/LK9OisiZZ1SNsSLxN1x2OXVEhW2Ckr/7mWE5vrC1ZTiJlD9g19jWszTmJsB+oEpFQ=="
    },
    "node_modules/punycode": {
      "version": "2.3.1",
      "dev": true,
@ -6926,6 +7207,25 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/safe-buffer": {
      "version": "5.2.1",
      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
      "funding": [
        {
          "type": "github",
          "url": "https://github.com/sponsors/feross"
        },
        {
          "type": "patreon",
          "url": "https://www.patreon.com/feross"
        },
        {
          "type": "consulting",
          "url": "https://feross.org/support"
        }
      ]
    },
    "node_modules/safe-regex-test": {
      "version": "1.0.3",
      "resolved": "https://registry.npmjs.org/safe-regex-test/-/safe-regex-test-1.0.3.tgz",
@ -7684,7 +7984,6 @@
    },
    "node_modules/undici-types": {
      "version": "5.26.5",
      "dev": true,
      "license": "MIT"
    },
    "node_modules/unique-filename": {
--- a/package.json
+++ b/package.json
@ -1,21 +1,21 @@
 {
-  "name": "typescript-action",
+  "name": "actions/attest-build-provenance",
-  "description": "GitHub Actions TypeScript template",
+  "description": "Generate signed build provenance attestations",
-  "version": "0.0.0",
+  "version": "0.2.0",
  "author": "",
  "private": true,
-  "homepage": "https://github.com/actions/typescript-action",
+  "homepage": "https://github.com/actions/attest-build-provenance",
  "repository": {
    "type": "git",
-    "url": "git+https://github.com/actions/typescript-action.git"
+    "url": "git+https://github.com/actions/attest-build-provenance.git"
  },
  "bugs": {
-    "url": "https://github.com/actions/typescript-action/issues"
+    "url": "https://github.com/actions/attest-build-provenance/issues"
  },
  "keywords": [
    "actions",
-    "node",
+    "attestation",
-    "setup"
+    "provenance"
  ],
  "exports": {
    ".": "./dist/index.js"
@ -70,7 +70,7 @@
    ]
  },
  "dependencies": {
-    "@actions/attest": "^1.0.0",
+    "@actions/attest": "^1.1.0",
    "@actions/core": "^1.10.1"
  },
  "devDependencies": {
@ -85,7 +85,9 @@
    "eslint-plugin-jsonc": "^2.14.1",
    "eslint-plugin-prettier": "^5.1.3",
    "jest": "^29.7.0",
    "jose": "^5.2.3",
    "markdownlint-cli": "^0.39.0",
    "nock": "^13.5.4",
    "prettier": "^3.2.5",
    "prettier-eslint": "^16.3.0",
    "ts-jest": "^29.1.2",
--- a/src/main.ts
+++ b/src/main.ts
@ -8,7 +8,7 @@ import * as core from '@actions/core'
 export async function run(): Promise<void> {
  try {
    // Calculate subject from inputs and generate provenance
-    const predicate = buildSLSAProvenancePredicate(process.env)
+    const predicate = await buildSLSAProvenancePredicate()
    core.setOutput('predicate', predicate.params)
    core.setOutput('predicate-type', predicate.type)