diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index fc237e8..a0415f7 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -89,8 +89,8 @@ jobs: # would cause the push to fail on the referrer PUT. The Grype scan step # above is the compensating control — it fails the build on any unfixed # high-severity CVE before the image reaches the registry. - provenance: false - sbom: false + provenance: true + sbom: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }}