Upgrade: [dependabot] - bump actions/attest-build-provenance from 3.2.0 to 4.1.0 (#36)

Bumps
[actions/attest-build-provenance](https://github.com/actions/attest-build-provenance)
from 3.2.0 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest-build-provenance/releases">actions/attest-build-provenance's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<blockquote>
<p>[!NOTE]
As of version 4, <code>actions/attest-build-provenance</code> is simply
a wrapper on top of <a
href="https://github.com/actions/attest"><code>actions/attest</code></a>.</p>
<p>Existing applications may continue to use the
<code>attest-build-provenance</code> action, but new implementations
should use <code>actions/attest</code> instead.</p>
</blockquote>
<h2>What's Changed</h2>
<ul>
<li>Update RELEASE.md docs by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest-build-provenance/pull/836">actions/attest-build-provenance#836</a></li>
<li>Bump <code>actions/attest</code> from 4.0.0 to 4.1.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest-build-provenance/pull/838">actions/attest-build-provenance#838</a>
<ul>
<li>Bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/362">actions/attest#362</a></li>
<li>Bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/365">actions/attest#365</a></li>
<li>Add new <code>subject-version</code> input for inclusion in storage
record by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/364">actions/attest#364</a></li>
<li>Add storage record content to README by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/366">actions/attest#366</a></li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest-build-provenance/compare/v4.0.0...v4.1.0">https://github.com/actions/attest-build-provenance/compare/v4.0.0...v4.1.0</a></p>
<h2>v4.0.0</h2>
<blockquote>
<p>[!NOTE]
As of version 4, <code>actions/attest-build-provenance</code> is simply
a wrapper on top of <a
href="https://github.com/actions/attest"><code>actions/attest</code></a>.</p>
<p>Existing applications may continue to use the
<code>attest-build-provenance</code> action, but new implementations
should use <code>actions/attest</code> instead.</p>
</blockquote>
<h2>What's Changed</h2>
<ul>
<li>Prepare v4 release by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest-build-provenance/pull/835">actions/attest-build-provenance#835</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest-build-provenance/compare/v3.2.0...v4.0.0">https://github.com/actions/attest-build-provenance/compare/v3.2.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32"><code>a2bbfa2</code></a>
bump actions/attest from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/838">#838</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/0856891a35570e4ac506b510f0358a4308f82385"><code>0856891</code></a>
update RELEASE.md docs (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/836">#836</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/e4d4f7c39adfa4c260fb5c147f0622000aa14b99"><code>e4d4f7c</code></a>
prepare v4 release (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/835">#835</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/02a49bdc410a809733602220c6f6275925d6b578"><code>02a49bd</code></a>
Bump github/codeql-action in the actions-minor group (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/824">#824</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/7c757df4145fcd233331998e58b20b422c833a00"><code>7c757df</code></a>
Bump the npm-development group with 2 updates (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/825">#825</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/c44148e5bf178192efd8947e07a0d439a356c60b"><code>c44148e</code></a>
Bump github/codeql-action in the actions-minor group (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/818">#818</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/32343527f2ec94583cf7b31280de0f60dc9f0bf9"><code>3234352</code></a>
Bump <code>@​types/node</code> from 25.0.10 to 25.2.0 in the
npm-development group (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/819">#819</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/18db12979d4cecda10c1cf295bcb159f3e59866d"><code>18db129</code></a>
Bump tar from 7.5.6 to 7.5.7 (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/816">#816</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/90fadfae6ba2e2ef59f8d38e61ec3cf16443a18e"><code>90fadfa</code></a>
Bump <code>@​actions/core</code> from 2.0.1 to 2.0.2 in the
npm-production group (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/799">#799</a>)</li>
<li><a
href="https://github.com/actions/attest-build-provenance/commit/57db8ba356515a4c8608990f2aa27a6972235ccc"><code>57db8ba</code></a>
Bump the npm-development group across 1 directory with 3 updates (<a
href="https://redirect.github.com/actions/attest-build-provenance/issues/808">#808</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/attest-build-provenance/compare/96278af6caaf10aea03fd8d33a09a777ca52d62f...a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/attest-build-provenance&package-manager=github_actions&previous-version=3.2.0&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/build_multi_arch_image.yml

@@ -149,7 +149,7 @@ jobs:
           CONTAINER_NAME: '${{ inputs.container_name }}'
           ARCHITECTURE: '${{ matrix.arch }}'
       - name: Attest image
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_arch_digest.outputs.digest }}
@@ -173,7 +173,7 @@ jobs:
           CONTAINER_NAME: '${{ inputs.container_name }}'
           ARCHITECTURE: '${{ matrix.arch }}'
       - name: Attest github actions image
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_githubactions_arch_digest.outputs.digest }}
@@ -214,7 +214,7 @@ jobs:
           ARCHITECTURE: '${{ matrix.arch }}'
       - name: Attest github actions latest image
         if: ${{ inputs.tag_latest }}
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_githubactions_latest_arch_digest.outputs.digest }}
@@ -239,7 +239,7 @@ jobs:
           ARCHITECTURE: '${{ matrix.arch }}'
       - name: Attest latest image
         if: ${{ inputs.tag_latest }}
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_latest_arch_digest.outputs.digest }}
@@ -334,7 +334,7 @@ jobs:
           CONTAINER_NAME: '${{ inputs.container_name }}'
 
       - name: Attest combined image
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_combined_digest.outputs.digest }}
@@ -358,7 +358,7 @@ jobs:
           CONTAINER_NAME: '${{ inputs.container_name }}'
 
       - name: Attest combined github actions image
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_githubactions_combined_digest.outputs.digest }}
@@ -383,7 +383,7 @@ jobs:
 
       - name: Attest latest github actions image
         if: ${{ inputs.tag_latest }}
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_githubactions_latest_digest.outputs.digest }}
@@ -408,7 +408,7 @@ jobs:
 
       - name: Attest latest image
         if: ${{ inputs.tag_latest }}
-        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
         with:
           subject-name: ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}
           subject-digest: ${{ steps.resolve_latest_digest.outputs.digest }}