Rakefile in oidc-test-0.8.2 vs Rakefile in oidc-test-0.8.3

- old
+ new
@@ -39,14 +39,14 @@
 
       ENV["ACTIONS_ID_TOKEN_REQUEST_URL"] && ENV["ACTIONS_ID_TOKEN_REQUEST_TOKEN"]
     end
 
     def attest
-      ruby "-rnet/http", "-rsigstore/signer", "-e", <<~RUBY
-        file = @build_gem_path
+      sh [Gem.ruby, "-rnet/http", "-rsigstore", "-rsigstore/signer", "-e", <<~RUBY, @build_gem_path]
+        file = ARGV.first
         jwt = Net::HTTP.get_response(
           URI(ENV.fetch("ACTIONS_ID_TOKEN_REQUEST_URL") + "&audience=sigstore"),
-          { "Authorization" => "bearer #{ENV.fetch("ACTIONS_ID_TOKEN_REQUEST_TOKEN")}" },
+          { "Authorization" => "bearer \#{ENV.fetch("ACTIONS_ID_TOKEN_REQUEST_TOKEN")}" },
           &:value
         ).body.then { JSON.parse(_1).fetch("value") }
 
         contents = File.binread(file)
         bundle = Sigstore::Signer.new(jwt:, trusted_root: Sigstore::TrustedRoot.production).sign(contents)