From 36619d05ccae823c721dd08900ab00451570f081 Mon Sep 17 00:00:00 2001
From: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Date: Thu, 20 Oct 2022 01:45:59 -0700
Subject: [PATCH 1/2] Use tag instead of has pin for SLSA generator

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f41c25f659c..8ed2a88355d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -40,7 +40,7 @@ jobs:
       actions: read # To read the workflow path.
       id-token: write # To sign the provenance.
       contents: write # To add assets to a release.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@dc705baf82c5178c9d1555594b0652f569e22779 # tag=v1.2.1
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.1
     with:
       base64-subjects: "${{ needs.goreleaser.outputs.hashes }}"
       upload-assets: true # upload to a new release

From c528653aba2fb8cb252d62b1be9295ff46de88d2 Mon Sep 17 00:00:00 2001
From: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Date: Thu, 20 Oct 2022 01:49:04 -0700
Subject: [PATCH 2/2] Update renovate.json

---
 renovate.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/renovate.json b/renovate.json
index 6681d36e99b..59656d8638d 100644
--- a/renovate.json
+++ b/renovate.json
@@ -35,6 +35,11 @@
                 "github-pages"
             ],
             "enabled": false
+        },
+        {
+            "matchManagers": ["github-actions"],
+            "matchPackageNames": ["slsa-framework/slsa-github-generator"],
+            "pinDigests": false
         }
     ]
 }