bump @actions/attest from 3.0.0 to 3.1.0 (#362)

Signed-off-by: Brian DeHamer <bdehamer@github.com>

dist/index.js

@@ -108507,6 +108507,27 @@ exports.LRUCache = LRUCache;
 
 /***/ }),
 
+/***/ 60983:
+/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
+
+// This file exists as a CommonJS module to read the version from package.json.
+// In an ESM package, using `require()` directly in .ts files requires disabling
+// ESLint rules and doesn't work reliably across all Node.js versions.
+// By keeping this as a .cjs file, we can use require() naturally and export
+// the version for the ESM modules to import.
+const packageJson = __nccwpck_require__(47849)
+module.exports = {version: packageJson.version}
+
+
+/***/ }),
+
+/***/ 47849:
+/***/ ((module) => {
+
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@actions/attest","version":"3.1.0","description":"Actions attestation lib","keywords":["github","actions","attestation"],"homepage":"https://github.com/actions/toolkit/tree/main/packages/attest","license":"MIT","type":"module","main":"lib/index.js","types":"lib/index.d.ts","exports":{".":{"types":"./lib/index.d.ts","import":"./lib/index.js"}},"directories":{"lib":"lib","test":"__tests__"},"files":["lib"],"publishConfig":{"access":"public","provenance":true},"repository":{"type":"git","url":"git+https://github.com/actions/toolkit.git","directory":"packages/attest"},"scripts":{"test":"echo \\"Error: run tests from root\\" && exit 1","tsc":"tsc && cp src/package-version.cjs lib/"},"bugs":{"url":"https://github.com/actions/toolkit/issues"},"devDependencies":{"@sigstore/mock":"^0.10.0","@sigstore/rekor-types":"^3.0.0","@types/jsonwebtoken":"^9.0.6","nock":"^13.5.1","undici":"^6.23.0"},"dependencies":{"@actions/core":"^3.0.0","@actions/github":"^9.0.0","@actions/http-client":"^4.0.0","@octokit/plugin-retry":"^8.0.3","@sigstore/bundle":"^3.1.0","@sigstore/sign":"^3.1.0","jose":"^5.10.0"}}');
+
+/***/ }),
+
 /***/ 4592:
 /***/ ((module) => {
 
@@ -116109,6 +116130,8 @@ const initBundleBuilder = (opts) => {
     return new sign_dist/* DSSEBundleBuilder */.VV({ signer, witnesses });
 };
 //# sourceMappingURL=sign.js.map
+// EXTERNAL MODULE: ./node_modules/@actions/attest/lib/package-version.cjs
+var package_version = __nccwpck_require__(60983);
 ;// CONCATENATED MODULE: ./node_modules/@actions/attest/lib/store.js
 var store_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@@ -116121,6 +116144,7 @@ var store_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
 };
 
 
+
 const CREATE_ATTESTATION_REQUEST = 'POST /repos/{owner}/{repo}/attestations';
 const store_DEFAULT_RETRY_COUNT = 5;
 /**
@@ -116134,11 +116158,12 @@ const writeAttestation = (attestation_1, token_1, ...args_1) => store_awaiter(vo
     var _a;
     const retries = (_a = options.retry) !== null && _a !== void 0 ? _a : store_DEFAULT_RETRY_COUNT;
     const octokit = getOctokit(token, { retry: { retries } }, retry);
+    const headers = Object.assign({ 'User-Agent': store_getUserAgent() }, options.headers);
     try {
         const response = yield octokit.request(CREATE_ATTESTATION_REQUEST, {
             owner: github_context.repo.owner,
             repo: github_context.repo.repo,
-            headers: options.headers,
+            headers,
             bundle: attestation
         });
         const data = typeof response.data == 'string'
@@ -116151,6 +116176,17 @@ const writeAttestation = (attestation_1, token_1, ...args_1) => store_awaiter(vo
         throw new Error(`Failed to persist attestation: ${message}`);
     }
 });
+const store_getUserAgent = () => {
+    const baseUserAgent = `@actions/attest-${package_version.version}`;
+    const orchId = process.env['ACTIONS_ORCHESTRATION_ID'];
+    if (orchId) {
+        // Sanitize the orchestration ID to ensure it contains only valid characters
+        // Valid characters: 0-9, a-z, _, -, .
+        const sanitizedId = orchId.replace(/[^a-z0-9_.-]/gi, '_');
+        return `${baseUserAgent} actions_orchestration_id/${sanitizedId}`;
+    }
+    return baseUserAgent;
+};
 //# sourceMappingURL=store.js.map
 ;// CONCATENATED MODULE: ./node_modules/@actions/attest/lib/attest.js
 var attest_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {

package-lock.json

@@ -9,7 +9,7 @@
       "version": "4.0.0",
       "license": "MIT",
       "dependencies": {
-        "@actions/attest": "^3.0.0",
+        "@actions/attest": "^3.1.0",
         "@actions/core": "^3.0.0",
         "@actions/github": "^9.0.0",
         "@actions/glob": "^0.6.1",
@@ -42,9 +42,9 @@
       }
     },
     "node_modules/@actions/attest": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.0.0.tgz",
-      "integrity": "sha512-XrGmxFA3rZO4ACtVEUHFUI318lMycHQjHep3SX/AqU8IwR0y9afw8URsGrQZhGqwMDTYxYFST9PaNQCksIyE8A==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@actions/attest/-/attest-3.1.0.tgz",
+      "integrity": "sha512-uJmeYeeL5xM65sZN/SzKq57vA7/9bGhlErASxsKalChG6wxHna1z/o3bnw1guNjd1hWIeCCGg6WM9dfC8SS18A==",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^3.0.0",

package.json

@@ -78,7 +78,7 @@
     ]
   },
   "dependencies": {
-    "@actions/attest": "^3.0.0",
+    "@actions/attest": "^3.1.0",
     "@actions/core": "^3.0.0",
     "@actions/github": "^9.0.0",
     "@actions/glob": "^0.6.1",