diff --git a/.github/workflows/bindgen.yml b/.github/workflows/bindgen.yml index 26d1800..112d6df 100644 --- a/.github/workflows/bindgen.yml +++ b/.github/workflows/bindgen.yml @@ -16,4 +16,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/buckle.yml b/.github/workflows/buckle.yml index cc92e63..4c8c3dc 100644 --- a/.github/workflows/buckle.yml +++ b/.github/workflows/buckle.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d8178f3..9d7279e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,9 +29,6 @@ on: required: false type: boolean default: false - secrets: - private_key: - required: true jobs: build: @@ -59,12 +56,6 @@ jobs: run: echo "which=$(which ${{inputs.bin || inputs.crate}})" >> $GITHUB_OUTPUT - id: version run: echo "version=$(cargo install --list | grep -o '^${{inputs.crate}} \([^ :]\)\+')" >> $GITHUB_OUTPUT - - run: echo "$PRIVATE_KEY" | gpg --import - env: - PRIVATE_KEY: ${{secrets.private_key}} - - run: gpg --output ${{inputs.bin || inputs.crate}}.sig --detach-sig ${{steps.which.outputs.which}} - - run: gpg --output signing-key.gpg --dearmor signing-key.asc - - run: gpg --no-default-keyring --keyring ./signing-key.gpg --verify ${{inputs.bin || inputs.crate}}.sig ${{steps.which.outputs.which}} - uses: actions/attest-build-provenance@v2 with: subject-path: ${{steps.which.outputs.which}} @@ -75,8 +66,6 @@ jobs: with: tag_name: ${{inputs.crate}} target_commitish: ${{github.ref}} - files: | - ${{steps.which.outputs.which}} - ${{inputs.bin || inputs.crate}}.sig + files: ${{steps.which.outputs.which}} fail_on_unmatched_files: true body: ${{steps.version.outputs.version}} diff --git a/.github/workflows/cargo-afl.yml b/.github/workflows/cargo-afl.yml index 63ba093..fa3dc6f 100644 --- a/.github/workflows/cargo-afl.yml +++ b/.github/workflows/cargo-afl.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-bloat.yml b/.github/workflows/cargo-bloat.yml index de3c6da..0610083 100644 --- a/.github/workflows/cargo-bloat.yml +++ b/.github/workflows/cargo-bloat.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-docs-rs.yml b/.github/workflows/cargo-docs-rs.yml index 8ba03ab..7245dd5 100644 --- a/.github/workflows/cargo-docs-rs.yml +++ b/.github/workflows/cargo-docs-rs.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-expand.yml b/.github/workflows/cargo-expand.yml index a229b0b..a0cb582 100644 --- a/.github/workflows/cargo-expand.yml +++ b/.github/workflows/cargo-expand.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-fuzz.yml b/.github/workflows/cargo-fuzz.yml index 8d48884..29f2886 100644 --- a/.github/workflows/cargo-fuzz.yml +++ b/.github/workflows/cargo-fuzz.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-llvm-lines.yml b/.github/workflows/cargo-llvm-lines.yml index b0b41e8..ad57415 100644 --- a/.github/workflows/cargo-llvm-lines.yml +++ b/.github/workflows/cargo-llvm-lines.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-outdated.yml b/.github/workflows/cargo-outdated.yml index 0eeaff3..fb4e662 100644 --- a/.github/workflows/cargo-outdated.yml +++ b/.github/workflows/cargo-outdated.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-tally.yml b/.github/workflows/cargo-tally.yml index 5fb40c1..0b25234 100644 --- a/.github/workflows/cargo-tally.yml +++ b/.github/workflows/cargo-tally.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-unlock.yml b/.github/workflows/cargo-unlock.yml index ed1433a..d5dca57 100644 --- a/.github/workflows/cargo-unlock.yml +++ b/.github/workflows/cargo-unlock.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cargo-web.yml b/.github/workflows/cargo-web.yml index 29b1220..2536aad 100644 --- a/.github/workflows/cargo-web.yml +++ b/.github/workflows/cargo-web.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cbindgen.yml b/.github/workflows/cbindgen.yml index 73d59a6..0df7496 100644 --- a/.github/workflows/cbindgen.yml +++ b/.github/workflows/cbindgen.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/cxxbridge-cmd.yml b/.github/workflows/cxxbridge-cmd.yml index f94a7e0..6c794f2 100644 --- a/.github/workflows/cxxbridge-cmd.yml +++ b/.github/workflows/cxxbridge-cmd.yml @@ -16,4 +16,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/dircnt.yml b/.github/workflows/dircnt.yml index ed269b6..09cfb3f 100644 --- a/.github/workflows/dircnt.yml +++ b/.github/workflows/dircnt.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/dotslash.yml b/.github/workflows/dotslash.yml index 29ffba7..25f5f1a 100644 --- a/.github/workflows/dotslash.yml +++ b/.github/workflows/dotslash.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/faketty.yml b/.github/workflows/faketty.yml index 927ebc4..35088c2 100644 --- a/.github/workflows/faketty.yml +++ b/.github/workflows/faketty.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/honggfuzz.yml b/.github/workflows/honggfuzz.yml index a2c6842..1e0e029 100644 --- a/.github/workflows/honggfuzz.yml +++ b/.github/workflows/honggfuzz.yml @@ -16,4 +16,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/mdbook.yml b/.github/workflows/mdbook.yml index 4e1cfdf..3b3d3f7 100644 --- a/.github/workflows/mdbook.yml +++ b/.github/workflows/mdbook.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/reindeer.yml b/.github/workflows/reindeer.yml index c29253c..f114cb6 100644 --- a/.github/workflows/reindeer.yml +++ b/.github/workflows/reindeer.yml @@ -16,4 +16,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/rustup-toolchain-install-master.yml b/.github/workflows/rustup-toolchain-install-master.yml index 8314214..75f87a0 100644 --- a/.github/workflows/rustup-toolchain-install-master.yml +++ b/.github/workflows/rustup-toolchain-install-master.yml @@ -17,4 +17,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/sha1dir.yml b/.github/workflows/sha1dir.yml index afb75bf..648bdc2 100644 --- a/.github/workflows/sha1dir.yml +++ b/.github/workflows/sha1dir.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/star-history.yml b/.github/workflows/star-history.yml index b46a66a..1b2ae76 100644 --- a/.github/workflows/star-history.yml +++ b/.github/workflows/star-history.yml @@ -15,4 +15,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/.github/workflows/taplo-cli.yml b/.github/workflows/taplo-cli.yml index 8181b42..3ec9d0d 100644 --- a/.github/workflows/taplo-cli.yml +++ b/.github/workflows/taplo-cli.yml @@ -17,4 +17,3 @@ jobs: id-token: write contents: write attestations: write - secrets: inherit diff --git a/signing-key.asc b/signing-key.asc deleted file mode 100644 index e5b3529..0000000 --- a/signing-key.asc +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBGFfhJUBEADsvu8a4X+CmPIna6STuN4/zIYVhseoD3oe3AG/rP8N+nZwbPbC -Pa72MrJyTqXlZhS7KStIyOM85UhjMTdacsfdARMOsSb/42+LiEkXQix8iJrSi0oi -l8ZRBt50bNQipOXRuNobz2p/vVO98aAhrwqzLuzSEGvLbJtSgXoz6DPy70Ds4YRr -pLCDTI6u8dybUJWeVLFbqNLtejZ44RkHMGJB7fHMue7to8mh99Gn3uD6O+0O/0pz -c5KLVeLzOUQFnV4mq7sjDjpSk8vlYGp/tDQdWDpzpijLFmG0SECgsXdI3pJZj2iV -lWo3mO9GBeBSHdTp57Uioqm2/diGA2T+sZZt3lNIyeqKtSg5CCJlNBeFlHwEbqjm -1LShrJ4PP+703DmKa2vqSNWoVj2I2qLfti6hlKvGtynpvMmZN7r3YvumgOz227of -ZloI3xghlpRm5V75G/UuCBdn9fPk/WnIhFs6aGebJB3ziy+MJvYpDymtvrrXJ7R9 -M4ApFg9uCzMYfhia63RGmFkeTw6J8OmsVFSwUjPtv2L39oKVTcPqNDVlaen1kd9f -xdMDqzivUjoR2e2fFCGHiRwmLlr23mB4Mhff6truIW0FKs7hjmzA52b8R0M/CytF -8ta38n/BVJlol8Z98Q3BtK+8aaW4eOY8D5Mva7goNuxPNJ4WTB10QyU6SwARAQAB -tBpnaXRodWIuY29tL2R0b2xuYXkvaW5zdGFsbIkCTgQTAQoAOBYhBLqplnyp4oYs -nxtztoMDNNamAQxBBQJhX4SVAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ -EIMDNNamAQxBrQwP/2p52CmzqcI208Tra4ZO6Rv75ka5y7RBtoEfhGD4YEkRlgou -wYMLTzHHxT0ISoxWoQTqXEiH3ckH7oEDxKRutxw4jMwMKXd48eapro0/Bk/dyj8g -AGSt6+Uz5FhNFE4IUnf3iVa+c0QIqP/tSkAX4HM/U+zoMflK0BuBQ/bXVehl5gzQ -MggF1nvJhlAWWyWBltRNx9obI5mg5fK3ZGofQ+ptU5HY1Nr7F0MOkGAPF88DuZCE -OMr/Qy34+Sq79yI8u8vLlZu1tFEj+hh/OtyumUW2vbeVRfSDIXvdAw49wALe0P5v -ArwnPgdepSj0B3SvEH0//B28Bdh+iXcxevKwZLtiQmde3CgfpGL6GbeYITTGA8xn -AFnQEQUa0wSfJyXNnh1lmogoEG59XpeQUzrCpxFL1GK5TpQR609zHOofL39nwrxJ -jp5U/6pFlEysxBVXdX2hp5iVVzKUtZwiL06sa59KmdwG6uEr1Y8hEpElmRrmF1I0 -rOsdGgvlOfVvzoZsBrBjxj74s+rJ1dC/k3ls46h3kvzqn7qU6HqsK5FmFGSmgZGT -W22mf56UhXqMkHeC6sVKTtY8SDicHxWz6da7OPB8Qulg7h9d0N9sBbriMEhOSWNE -pCk6yGgRsAM091qLkfNK1zy6DRPnlrnPPiXfTnjKLwDMz96yJqQbAuomN+On -=T/8O ------END PGP PUBLIC KEY BLOCK-----