dependabot[bot]
|
1a44f13eda
|
build(deps): bump undici from 6.24.1 to 6.27.0
Bumps [undici](https://github.com/nodejs/undici) from 6.24.1 to 6.27.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.24.1...v6.27.0)
---
updated-dependencies:
- dependency-name: undici
dependency-version: 6.27.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-01 15:15:42 +00:00 |
|
CrazyMax
|
4691d54c76
|
Merge pull request #1023 from docker/dependabot/npm_and_yarn/sigstore/core-3.2.1
build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
|
2026-07-01 17:13:37 +02:00 |
|
CrazyMax
|
2564fa2273
|
Merge pull request #1019 from docker/dependabot/npm_and_yarn/vite-7.3.5
build(deps): bump vite from 7.3.3 to 7.3.6
|
2026-07-01 17:13:08 +02:00 |
|
CrazyMax
|
1d117b3de6
|
Merge pull request #1009 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.2.0
build(deps): bump aws-actions/configure-aws-credentials from 6.1.2 to 6.2.1
|
2026-07-01 17:12:12 +02:00 |
|
CrazyMax
|
54354cec26
|
Merge pull request #1014 from docker/dependabot/github_actions/github/codeql-action-4.36.2
build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
|
2026-07-01 17:11:38 +02:00 |
|
CrazyMax
|
291ce15746
|
Merge pull request #1015 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
|
2026-07-01 17:10:49 +02:00 |
|
dependabot[bot]
|
d144cc9aaf
|
build(deps): bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.2 to 6.2.1.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/acca2b1b2070338fb9fd1ca27ecee81d687e58e5...254c19bd240aabef8777f48595e9d2d7b972184b)
---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
dependency-version: 6.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-01 15:10:47 +00:00 |
|
CrazyMax
|
9bc29939f1
|
Merge pull request #1013 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
|
2026-07-01 17:10:25 +02:00 |
|
CrazyMax
|
42702f7ab5
|
Merge pull request #1012 from docker/dependabot/github_actions/actions/checkout-6.0.3
build(deps): bump actions/checkout from 6.0.2 to 6.0.3
|
2026-07-01 17:08:58 +02:00 |
|
CrazyMax
|
c5a66b573f
|
Merge pull request #1025 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
|
2026-07-01 14:00:00 +02:00 |
|
CrazyMax
|
f356dc0f57
|
Merge pull request #1024 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
|
2026-07-01 13:59:57 +02:00 |
|
CrazyMax
|
82c046b85a
|
chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-07-01 11:43:31 +02:00 |
|
CrazyMax
|
f482210217
|
dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-30 11:08:58 +02:00 |
|
dependabot[bot]
|
528895cbd3
|
build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)
Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)
---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-30 05:52:19 +00:00 |
|
dependabot[bot]
|
3be61c42c8
|
build(deps): bump vite from 7.3.3 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.3 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 7.3.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:17:42 +00:00 |
|
github-actions[bot]
|
3d128cd17b
|
chore: update generated content
|
2026-06-29 14:17:09 +00:00 |
|
dependabot[bot]
|
4755f4fe4d
|
build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/core@3.2.1)
---
updated-dependencies:
- dependency-name: "@sigstore/core"
dependency-version: 3.2.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:16:11 +00:00 |
|
CrazyMax
|
17f7c1809f
|
Merge pull request #1022 from crazy-max/fix-esbuild
preserve names in esbuild bundle
|
2026-06-29 16:14:30 +02:00 |
|
CrazyMax
|
a2447fe0f6
|
preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-29 14:56:24 +02:00 |
|
temenuzhka-thede
|
3864d6aed8
|
Merge pull request #1018 from docker/sec-cli/npm-ci-20260612-182458
fix: replace npm install with npm ci (20260612-182458)
|
2026-06-12 14:10:03 -05:00 |
|
securityeng-bot[bot]
|
64b25388de
|
fix: use lockfile-aware install commands
|
2026-06-12 18:24:59 +00:00 |
|
dependabot[bot]
|
17162ab65f
|
build(deps): bump actions/checkout from 6.0.2 to 6.0.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 6.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-11 21:24:12 +00:00 |
|
CrazyMax
|
37a9a4b333
|
Merge pull request #1016 from docker/ci-ecr-oidc
ci: test AWS ECR with OIDC
|
2026-06-11 23:22:05 +02:00 |
|
CrazyMax
|
eb1946f59c
|
ci: test AWS ECR with OIDC
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-10 14:32:23 +02:00 |
|
CrazyMax
|
946f94de75
|
Merge pull request #1007 from crazy-max/ci-creds-update
ci: update registry auth credentials
|
2026-06-09 10:45:03 +02:00 |
|
dependabot[bot]
|
c07548e8a6
|
build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-09 05:53:38 +00:00 |
|
dependabot[bot]
|
20036e466f
|
build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 05:53:38 +00:00 |
|
CrazyMax
|
f50e5f80f8
|
ci: update registry to auth to gar
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-04 16:19:19 +02:00 |
|
CrazyMax
|
c5e5fd0017
|
ci: update registry to auth to acr
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-04 16:19:18 +02:00 |
|
CrazyMax
|
60e5331f1c
|
ci: update registry to auth to ecr
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-04 16:19:18 +02:00 |
|
CrazyMax
|
6a848e5a16
|
ci: update secrets to auth to docker hub
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-04 16:19:18 +02:00 |
|
CrazyMax
|
0267638d8a
|
Merge pull request #1008 from crazy-max/ci-ghcr-dind-test-image
ci: replace GHCR PAT in DinD test
|
2026-06-04 16:12:23 +02:00 |
|
CrazyMax
|
250c56f969
|
ci: replace GHCR PAT in DinD test
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-02 14:16:24 +02:00 |
|
CrazyMax
|
3999a1f436
|
Merge pull request #1005 from crazy-max/yarn-update
update yarn to 4.15.0
|
2026-05-28 18:43:24 +02:00 |
|
CrazyMax
|
0c083d7a7a
|
update yarn to 4.15.0
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 15:13:23 +02:00 |
|
CrazyMax
|
d74126fafb
|
Merge pull request #1004 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0
build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0
|
2026-05-28 12:15:32 +02:00 |
|
github-actions[bot]
|
008abcd773
|
chore: update generated content
|
2026-05-28 08:20:36 +00:00 |
|
dependabot[bot]
|
b3d0cb50ae
|
build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.90.0...v0.91.0)
---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
dependency-version: 0.91.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 08:19:41 +00:00 |
|
CrazyMax
|
d1f19df6c2
|
Merge pull request #1003 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.1.2
build(deps): bump aws-actions/configure-aws-credentials from 6.1.1 to 6.1.2
|
2026-05-28 10:18:22 +02:00 |
|
CrazyMax
|
f9a14677ff
|
Merge pull request #1002 from docker/dependabot/npm_and_yarn/tmp-0.2.7
build(deps): bump tmp from 0.2.5 to 0.2.7
|
2026-05-28 10:17:21 +02:00 |
|
CrazyMax
|
72b845d964
|
Merge pull request #1001 from docker/sec-cli/ignore-scripts-fix-20260527-193038
ci: add ignore-scripts to Node package manager config (20260527-193038)
|
2026-05-28 09:53:26 +02:00 |
|
dependabot[bot]
|
22319e3a05
|
build(deps): bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/d979d5b3a71173a29b74b5b88418bfda9437d885...acca2b1b2070338fb9fd1ca27ecee81d687e58e5)
---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
dependency-version: 6.1.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 05:52:36 +00:00 |
|
github-actions[bot]
|
9ff664c6c9
|
chore: update generated content
|
2026-05-28 03:24:42 +00:00 |
|
dependabot[bot]
|
394f625bb6
|
build(deps): bump tmp from 0.2.5 to 0.2.7
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.7)
---
updated-dependencies:
- dependency-name: tmp
dependency-version: 0.2.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 03:23:48 +00:00 |
|
securityeng-bot[bot]
|
42471eb9ff
|
ci: enforce ignore-scripts policy for Node package managers
|
2026-05-27 20:04:14 +00:00 |
|
CrazyMax
|
04bf81902c
|
Merge pull request #996 from crazy-max/azure-oidc
document ACR OIDC login with Azure Login
|
2026-05-27 13:37:45 +02:00 |
|
CrazyMax
|
5dbe09f08d
|
Merge pull request #997 from docker/dependabot/github_actions/github/codeql-action-4.36.0
build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
|
2026-05-26 17:24:21 +02:00 |
|
dependabot[bot]
|
652059025f
|
build(deps): bump github/codeql-action from 4.35.5 to 4.36.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-26 07:53:28 +00:00 |
|
CrazyMax
|
2ff7bc63ff
|
Merge pull request #998 from docker/dependabot/github_actions/docker/bake-action-7.2.0
build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
|
2026-05-26 09:50:52 +02:00 |
|
dependabot[bot]
|
8f60ab8910
|
build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.1.0 to 7.2.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/a66e1c87e2eca0503c343edf1d208c716d54b8a8...6614cfa25eff9a0b2b2697efb0b6159e7680d584)
---
updated-dependencies:
- dependency-name: docker/bake-action
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-25 07:44:22 +00:00 |
|