The GitHub Actions job "Java CI" on commons-build-plugin.git/feat/slsa has failed. Run started by GitHub user ppkarwasz (triggered by ppkarwasz).
Head commit for run: c244b62f382a608b57ac048aeba8348b6569f18c / Piotr P. Karwasz <[email protected]> Add `build-attestation` goal This goal generates a [SLSA](https://slsa.dev/) build attestation and attaches it to the build as a file with the `.intoto.json` extension. The attestation records the following information about the build environment: - The Java version used (vendor, version string) - The Maven version used - The `gitTree` hash of the unpacked Java distribution - The `gitTree` hash of the unpacked Maven distribution ### Motivation The `gitTree` hashes uniquely and verifiably identify the exact content of the Java and Maven distributions used during the build, independently of how or where they were obtained. This allows consumers of the attestation to verify that the build environment matches a known distribution. Report URL: https://github.com/apache/commons-build-plugin/actions/runs/23663183498 With regards, GitHub Actions via GitBox
