chore: Update doc for v2.4.0 (#699)

How to LGTM this PR (I'll work on a proper doc for this in https://github.com/slsa-framework/slsa-github-generator/issues/112): 1. Clone repo ``` $ git clone git@github.com:slsa-framework/slsa-verifier.git $ cd slsa-verifier $ bash verify-release.sh v2.4.0 # NOTE: use the file in _this_ PR. # Note down the path to the temporary dir use. The bash script will print its first line as "INFO: using dir: /tmp/tmp.VaYi6HfbmL" ``` 2. Run command below and compare to SHA256SUM.md in this PR ``` $sha256sum /tmp/tmp.VaYi6HfbmL/* ``` The output hash should be the hash I'm updating to in this PR. If they match, LGTM. If they don't, someone tampered with the released binary and don't LGTM --------- Signed-off-by: laurentsimon <laurentsimon@google.com>
2026-02-14 17:49:58 +00:00 · 2023-08-25 12:09:40 -07:00
parent 886eb4b109
commit d23c97947e
5 changed files with 54 additions and 4 deletions
--- a/actions/installer/README.md
+++ b/actions/installer/README.md
@@ -11,7 +11,7 @@ For more information about SLSA in general, see [https://slsa.dev](https://slsa.
 To install a specific version of `slsa-verifier`, use:

 ```yaml
-uses: slsa-framework/slsa-verifier/actions/installer@v2.3.0
+uses: slsa-framework/slsa-verifier/actions/installer@v2.4.0
 ```

 See https://github.com/slsa-framework/slsa-verifier/releases for the list of available `slsa-verifier` releases. Only versions greater or equal to 2.0.1 are supported.