From d079860923ddd47d2a1c5c8eab60f9b7b2fd71a8 Mon Sep 17 00:00:00 2001
From: Victor Zverovich <victor.zverovich@gmail.com>
Date: Sun, 31 May 2026 18:15:24 -0700
Subject: [PATCH] Remove a temporary workflow

---
 .../workflows/backfill-slsa-provenance.yml    | 56 -------------------
 1 file changed, 56 deletions(-)
 delete mode 100644 .github/workflows/backfill-slsa-provenance.yml

diff --git a/.github/workflows/backfill-slsa-provenance.yml b/.github/workflows/backfill-slsa-provenance.yml
deleted file mode 100644
index 17bb2754..00000000
--- a/.github/workflows/backfill-slsa-provenance.yml
+++ /dev/null
@@ -1,56 +0,0 @@
-# One-shot workflow to retrofit SLSA provenance onto previously published
-# releases. Trigger via "Run workflow" with the existing release tag.
-#
-# This is intended to be deleted (along with its branch) once the last five
-# non-source-only releases each carry a *.intoto.jsonl asset. New releases
-# should produce provenance through the regular release workflow rather than
-# through this one.
-
-name: backfill-slsa-provenance
-
-on:
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: "Existing release tag (e.g. 11.1.4)"
-        required: true
-        type: string
-
-permissions: read-all
-
-jobs:
-  hash:
-    name: Hash existing release assets
-    runs-on: ubuntu-latest
-    outputs:
-      hashes: ${{ steps.hash.outputs.hashes }}
-    steps:
-      - name: Download release assets
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          mkdir dist
-          cd dist
-          gh release download "${{ inputs.tag }}" \
-            --repo "${{ github.repository }}" \
-            --pattern 'fmt-*.zip'
-          ls -la
-
-      - name: Compute base64-encoded SHA-256 subjects
-        id: hash
-        working-directory: dist
-        run: |
-          echo "hashes=$(sha256sum * | base64 -w0)" >> "$GITHUB_OUTPUT"
-
-  provenance:
-    needs: [hash]
-    permissions:
-      actions: read
-      id-token: write
-      contents: write
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
-    with:
-      base64-subjects: ${{ needs.hash.outputs.hashes }}
-      provenance-name: "fmt-${{ inputs.tag }}.intoto.jsonl"
-      upload-assets: true
-      upload-tag-name: ${{ inputs.tag }}