From 417a14792a17906a5c68a90ebe0240f0c046baca Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 4 Dec 2024 00:18:11 +0000
Subject: [PATCH] feat: upgrade @sigstore/bundle from 2.3.2 to 3.0.0

Snyk has created this PR to upgrade @sigstore/bundle from 2.3.2 to 3.0.0.

See this package in npm:
@sigstore/bundle

See this project in Snyk:
https://app.snyk.io/org/nerds-github/project/00eaf84d-a05e-4e1a-923e-697960352bb8?utm_source=github&utm_medium=referral&page=upgrade-pr
---
 packages/attest/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/attest/package.json b/packages/attest/package.json
index 22f01f4d7b..5745a63301 100644
--- a/packages/attest/package.json
+++ b/packages/attest/package.json
@@ -46,7 +46,7 @@
     "@actions/github": "^6.0.0",
     "@actions/http-client": "^2.2.3",
     "@octokit/plugin-retry": "^6.0.1",
-    "@sigstore/bundle": "^2.3.2",
+    "@sigstore/bundle": "^3.0.0",
     "@sigstore/sign": "^2.3.2",
     "jose": "^5.2.3"
   },