dependabot[bot]
|
3af9982280
|
chore(deps): Bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/e7f100cf4c008499ea8adda475de1042d6975c7b...254c19bd240aabef8777f48595e9d2d7b972184b)
---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
dependency-version: 6.2.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-01 13:54:03 +00:00 |
|
CrazyMax
|
910f6850a6
|
Merge pull request #1568 from docker/dependabot/npm_and_yarn/sigstore/core-3.2.1
chore(deps): Bump @sigstore/core from 3.1.0 to 3.2.1
|
2026-07-01 15:49:14 +02:00 |
|
CrazyMax
|
33baeb834f
|
Merge pull request #1563 from docker/dependabot/npm_and_yarn/vite-7.3.5
chore(deps): Bump vite from 7.3.2 to 7.3.6
|
2026-07-01 15:48:47 +02:00 |
|
CrazyMax
|
841b976440
|
Merge pull request #1560 from docker/dependabot/github_actions/github/codeql-action-4.36.2
chore(deps): Bump github/codeql-action from 4.36.0 to 4.36.2
|
2026-07-01 15:46:24 +02:00 |
|
CrazyMax
|
dd7abbf170
|
Merge pull request #1559 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0
|
2026-07-01 15:46:01 +02:00 |
|
CrazyMax
|
7c45d1eb06
|
Merge pull request #1558 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
chore(deps): Bump the crazy-max-dot-github group across 1 directory with 2 updates
|
2026-07-01 15:45:36 +02:00 |
|
CrazyMax
|
8a43ac101c
|
Merge pull request #1556 from docker/dependabot/github_actions/actions/checkout-6.0.3
chore(deps): Bump actions/checkout from 6.0.2 to 6.0.3
|
2026-07-01 15:45:12 +02:00 |
|
CrazyMax
|
b40e3ca8bc
|
Merge pull request #1552 from docker/dependabot/github_actions/docker/setup-qemu-action-4.1.0
chore(deps): Bump docker/setup-qemu-action from 4.0.0 to 4.1.0
|
2026-07-01 15:44:47 +02:00 |
|
CrazyMax
|
5f1f2303ad
|
Merge pull request #1569 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
|
2026-07-01 13:59:34 +02:00 |
|
CrazyMax
|
55f5969fae
|
Merge pull request #1570 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
|
2026-07-01 13:59:31 +02:00 |
|
CrazyMax
|
4876fd8314
|
chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-07-01 11:43:30 +02:00 |
|
dependabot[bot]
|
d187480585
|
chore(deps): Bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)
Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)
---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-30 11:52:20 +00:00 |
|
CrazyMax
|
a64725ae19
|
dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-30 11:08:52 +02:00 |
|
dependabot[bot]
|
2aea2d4e15
|
chore(deps): Bump vite from 7.3.2 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.2 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 7.3.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:17:53 +00:00 |
|
github-actions[bot]
|
f28b5fb763
|
chore: update generated content
|
2026-06-29 14:17:29 +00:00 |
|
dependabot[bot]
|
15204538a5
|
chore(deps): Bump @sigstore/core from 3.1.0 to 3.2.1
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/core@3.2.1)
---
updated-dependencies:
- dependency-name: "@sigstore/core"
dependency-version: 3.2.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:16:26 +00:00 |
|
CrazyMax
|
b99c92828a
|
Merge pull request #1567 from crazy-max/fix-esbuild
preserve names in esbuild bundle
|
2026-06-29 16:14:40 +02:00 |
|
CrazyMax
|
16ce5c6012
|
preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-29 14:58:08 +02:00 |
|
CrazyMax
|
ff26911fd3
|
Merge pull request #1562 from docker/sec-cli/npm-ci-20260612-145940
fix: replace npm install with npm ci (20260612-145940)
|
2026-06-12 17:16:13 +02:00 |
|
securityeng-bot[bot]
|
c2245a368f
|
fix: use lockfile-aware install commands
|
2026-06-12 14:59:41 +00:00 |
|
CrazyMax
|
d2aace88c2
|
Merge pull request #1561 from docker/e2e-aws-ecr-oidc
ci(e2e): use OIDC for AWS ECR
|
2026-06-11 23:21:40 +02:00 |
|
CrazyMax
|
ffca5157f0
|
ci(e2e): use OIDC for AWS ECR
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-11 21:54:33 +02:00 |
|
CrazyMax
|
f72b3cf665
|
Merge pull request #1555 from crazy-max/e2e-dockerhub
ci(e2e): use org-owned Docker Hub credentials for e2e pushes
|
2026-06-08 19:08:26 +02:00 |
|
dependabot[bot]
|
371801e73e
|
chore(deps): Bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 11:54:12 +00:00 |
|
dependabot[bot]
|
b3a9933cc8
|
chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 11:52:43 +00:00 |
|
CrazyMax
|
405b217da0
|
ci(e2e): use org-owned Docker Hub credentials for e2e pushes
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-04 16:03:24 +02:00 |
|
CrazyMax
|
7b93b2b85c
|
Merge pull request #1554 from crazy-max/e2e-ghcr
ci(e2e): use GITHUB_TOKEN for GHCR e2e
|
2026-06-04 16:00:12 +02:00 |
|
dependabot[bot]
|
27ef6d9c76
|
chore(deps): Bump actions/checkout from 6.0.2 to 6.0.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 6.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-04 00:14:44 +00:00 |
|
CrazyMax
|
f55bd083f2
|
ci(e2e): use GITHUB_TOKEN for GHCR e2e
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-02 14:18:39 +02:00 |
|
dependabot[bot]
|
1ff3662da6
|
chore(deps): Bump docker/setup-qemu-action from 4.0.0 to 4.1.0
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/ce360397dd3f832beb865e1373c09c0e9f86d70a...06116385d9baf250c9f4dcb4858b16962ea869c3)
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-version: 4.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-29 12:40:56 +00:00 |
|
Tõnis Tiigi
|
1d0c110a5d
|
Merge pull request #1548 from crazy-max/docs-link-secret-inputs
readme: link secret inputs to the GitHub Actions secrets guide
|
2026-05-28 17:30:01 -07:00 |
|
Tõnis Tiigi
|
8db8ba8e45
|
Merge pull request #1549 from crazy-max/ci-e2e-dockerhub-push-scope
ci(e2e): limit push-scoped login to Docker Hub
|
2026-05-28 17:29:24 -07:00 |
|
CrazyMax
|
abf612226d
|
Merge pull request #1551 from crazy-max/yarn-update
update yarn to 4.15.0
|
2026-05-28 18:41:31 +02:00 |
|
CrazyMax
|
fe2165d9f3
|
update yarn to 4.15.0
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 15:13:15 +02:00 |
|
CrazyMax
|
77c0af9da9
|
ci(e2e): limit push-scoped login to Docker Hub
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 11:38:49 +02:00 |
|
CrazyMax
|
2258452e7c
|
readme: link secret inputs to the GitHub Actions secrets guide
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 11:22:02 +02:00 |
|
CrazyMax
|
c0132ad86b
|
Merge pull request #1545 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0
chore(deps): Bump @docker/actions-toolkit from 0.90.0 to 0.91.0
|
2026-05-28 10:27:20 +02:00 |
|
github-actions[bot]
|
eaa27f4741
|
chore: update generated content
|
2026-05-28 08:19:42 +00:00 |
|
dependabot[bot]
|
6d21a1aa84
|
chore(deps): Bump @docker/actions-toolkit from 0.90.0 to 0.91.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.90.0...v0.91.0)
---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
dependency-version: 0.91.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 08:18:45 +00:00 |
|
CrazyMax
|
799faff3ac
|
Merge pull request #1547 from docker/dependabot/npm_and_yarn/tmp-0.2.7
chore(deps): Bump tmp from 0.2.5 to 0.2.7
|
2026-05-28 10:16:11 +02:00 |
|
CrazyMax
|
9c9a2860cb
|
Merge pull request #1546 from docker/sec-cli/ignore-scripts-fix-20260527-192735
ci: add ignore-scripts to Node package manager config (20260527-192735)
|
2026-05-28 09:51:59 +02:00 |
|
github-actions[bot]
|
3bef58aab7
|
chore: update generated content
|
2026-05-28 02:50:37 +00:00 |
|
dependabot[bot]
|
a92e9d178d
|
chore(deps): Bump tmp from 0.2.5 to 0.2.7
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.7)
---
updated-dependencies:
- dependency-name: tmp
dependency-version: 0.2.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 02:49:37 +00:00 |
|
securityeng-bot[bot]
|
6d45611f19
|
ci: enforce ignore-scripts policy for Node package managers
|
2026-05-27 20:02:21 +00:00 |
|
Tõnis Tiigi
|
473e09f9b5
|
Merge pull request #1539 from crazy-max/e2e-scope-login
ci(e2e): scope login to push
|
2026-05-26 10:11:53 -07:00 |
|
Tõnis Tiigi
|
d4bf874859
|
Merge pull request #1538 from crazy-max/secrets-no-trim
preserve trailing whitespace in secrets input
|
2026-05-26 10:11:03 -07:00 |
|
CrazyMax
|
a00e37fb35
|
Merge pull request #1540 from docker/dependabot/github_actions/docker/metadata-action-6.1.0
chore(deps): Bump docker/metadata-action from 6.0.0 to 6.1.0
|
2026-05-26 17:22:51 +02:00 |
|
CrazyMax
|
43af6b15d8
|
Merge pull request #1541 from docker/dependabot/github_actions/github/codeql-action-4.36.0
chore(deps): Bump github/codeql-action from 4.35.5 to 4.36.0
|
2026-05-26 17:22:40 +02:00 |
|
CrazyMax
|
79aa6fa61a
|
Merge pull request #1542 from docker/dependabot/github_actions/docker/setup-buildx-action-4.1.0
chore(deps): Bump docker/setup-buildx-action from 4.0.0 to 4.1.0
|
2026-05-26 17:22:38 +02:00 |
|
CrazyMax
|
d0a02127dc
|
Merge pull request #1544 from docker/dependabot/github_actions/docker/login-action-4.2.0
chore(deps): Bump docker/login-action from 4.1.0 to 4.2.0
|
2026-05-26 17:22:36 +02:00 |
|