diff --git a/witness.yaml b/witness.yaml
index 74344134e50..b8ab323ca2f 100644
--- a/witness.yaml
+++ b/witness.yaml
@@ -1,7 +1,7 @@
 package:
   name: witness
   version: "0.10.1"
-  epoch: 3 # GHSA-f83f-xpx7-ffpw
+  epoch: 4
   description: Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
   copyright:
     - license: Apache-2.0
@@ -21,6 +21,7 @@ pipeline:
     with:
       deps: |-
         golang.org/x/crypto@v0.45.0
+        github.com/sigstore/timestamp-authority@v2.0.3
         github.com/sigstore/fulcio@v1.8.3
 
   - uses: go/build