Bump the ci group across 1 directory with 10 updates#456
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the ci group across 1 directory with 10 updates#456dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the ci group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [docker/setup-docker-action](https://github.com/docker/setup-docker-action) | `5.1.0` | `5.3.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.4.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.2.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.3.0` | | [docker/scout-action](https://github.com/docker/scout-action) | `1.20.4` | `1.23.1` | | [score-spec/setup-score](https://github.com/score-spec/setup-score) | `3.2.3` | `3.2.4` | | [docker/github-builder/.github/workflows/build.yml](https://github.com/docker/github-builder) | `1.8.0` | `1.12.0` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.2.0` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.5` | `4.36.3` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...9c091bb) Updates `docker/setup-docker-action` from 5.1.0 to 5.3.0 - [Release notes](https://github.com/docker/setup-docker-action/releases) - [Commits](docker/setup-docker-action@b2189fb...6d7cfa6) Updates `docker/login-action` from 4.1.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@4907a6d...af1e73f) Updates `docker/setup-buildx-action` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4d04d5d...bb05f3f) Updates `docker/build-push-action` from 7.1.0 to 7.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@bcafcac...53b7df9) Updates `docker/scout-action` from 1.20.4 to 1.23.1 - [Release notes](https://github.com/docker/scout-action/releases) - [Commits](docker/scout-action@bacf462...2688993) Updates `score-spec/setup-score` from 3.2.3 to 3.2.4 - [Release notes](https://github.com/score-spec/setup-score/releases) - [Commits](score-spec/setup-score@1db7966...888a7de) Updates `docker/github-builder/.github/workflows/build.yml` from 1.8.0 to 1.12.0 - [Release notes](https://github.com/docker/github-builder/releases) - [Commits](docker/github-builder@c2782c5...5f637c8) Updates `docker/setup-qemu-action` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@ce36039...96fe6ef) Updates `github/codeql-action/upload-sarif` from 4.35.5 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@9e0d7b8...54f647b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: docker/setup-docker-action dependency-version: 5.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/setup-buildx-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/build-push-action dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/scout-action dependency-version: 1.23.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: score-spec/setup-score dependency-version: 3.2.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: docker/github-builder/.github/workflows/build.yml dependency-version: 1.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/setup-qemu-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
OutdatedOverview
Policies (0 improved, 0 worsened)
|
Contributor
Overview
Policies (0 improved, 0 worsened)
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the ci group with 10 updates in the / directory:
6.0.27.0.05.1.05.3.04.1.04.4.04.0.04.2.07.1.07.3.01.20.41.23.13.2.33.2.41.8.01.12.04.0.04.2.04.35.54.36.3Updates
actions/checkoutfrom 6.0.2 to 7.0.0Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
9c091bbupdate error wording (#2467)1044a6dgetting ready for checkout v7 release (#2464)f028218Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)d914b26upgrade module to esm and update dependencies (#2463)537c7efBump@actions/coreand@actions/tool-cacheand Remove uuid (#2459)130a169Bump js-yaml from 4.1.0 to 4.2.0 (#2461)7d09575Bump flatted from 3.3.1 to 3.4.2 (#2460)0f9f3aaBump actions/publish-immutable-action (#2458)f9e715ablock checking out fork pr for pull_request_target and workflow_run (#2454)df4cb1cUpdate changelog for v6.0.3 (#2446)Updates
docker/setup-docker-actionfrom 5.1.0 to 5.3.0Release notes
Sourced from docker/setup-docker-action's releases.
Commits
6d7cfa6Merge pull request #290 from docker/dependabot/npm_and_yarn/docker/actions-to...77ac140[dependabot skip] chore: update generated contentb9f0330build(deps): bump@docker/actions-toolkitfrom 0.91.0 to 0.92.08ec1dbeMerge pull request #283 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0d85e7e7Merge pull request #282 from docker/dependabot/npm_and_yarn/undici-6.27.0d79fe8d[dependabot skip] chore: update generated contentfdb834dbuild(deps): bump undici from 6.25.0 to 6.27.08a78e70Merge pull request #280 from docker/dependabot/npm_and_yarn/tmp-0.2.71089dbeMerge pull request #289 from docker/dependabot/github_actions/actions/checkou...a544c85build(deps): bump actions/checkout from 6.0.3 to 7.0.0Updates
docker/login-actionfrom 4.1.0 to 4.4.0Release notes
Sourced from docker/login-action's releases.
Commits
af1e73fMerge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...da722bd[dependabot skip] chore: update generated content2916ad6build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...ca0a662Merge pull request #1035 from crazy-max/fix-registry-auth-empty-maskc455755chore: update generated content4835190skip empty registry-auth secret mask992421cMerge pull request #1033 from docker/dependabot/github_actions/docker/bake-ac...b249b43Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-ac...1b67977build(deps): bump docker/bake-action from 7.2.0 to 7.3.09d49d6abuild(deps): bump docker/bake-action/subaction/matrixUpdates
docker/setup-buildx-actionfrom 4.0.0 to 4.2.0Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
bb05f3fMerge pull request #580 from docker/dependabot/npm_and_yarn/docker/actions-to...321c814[dependabot skip] chore: update generated contentb9a36efbuild(deps): bump@docker/actions-toolkitfrom 0.91.0 to 0.92.0ebeab24Merge pull request #570 from docker/dependabot/npm_and_yarn/undici-6.27.05c7b8ae[dependabot skip] chore: update generated content037e618build(deps): bump undici from 6.25.0 to 6.27.066080e5Merge pull request #577 from docker/dependabot/npm_and_yarn/sigstore-4.1.1409aef0Merge pull request #562 from docker/dependabot/npm_and_yarn/js-yaml-4.2.049c6e42build(deps): bump sigstore from 4.1.0 to 4.1.12211273[dependabot skip] chore: update generated contentUpdates
docker/build-push-actionfrom 7.1.0 to 7.3.0Release notes
Sourced from docker/build-push-action's releases.
Commits
53b7df9Merge pull request #1572 from docker/dependabot/npm_and_yarn/docker/actions-t...154298c[dependabot skip] chore: update generated contentcb1238bchore(deps): Bump@docker/actions-toolkitfrom 0.91.0 to 0.92.024f845dMerge pull request #1566 from docker/dependabot/npm_and_yarn/js-yaml-4.2.09c69730[dependabot skip] chore: update generated contentbc3a3a5Merge pull request #1574 from docker/dependabot/github_actions/aws-actions/co...a82c504chore(deps): Bump js-yaml from 4.1.1 to 4.3.00285a75Merge pull request #1573 from docker/dependabot/github_actions/actions/cache-...c6ad2a3Merge pull request #1575 from docker/dependabot/github_actions/actions/checko...d37484fMerge pull request #1564 from docker/dependabot/npm_and_yarn/undici-6.27.0Updates
docker/scout-actionfrom 1.20.4 to 1.23.1Release notes
Sourced from docker/scout-action's releases.
Commits
2688993Merge pull request #109 from docker/release/v1.23.17b86e1c[BOT] Update assets for v1.23.1 releasece97ec1Merge pull request #108 from docker/release/v1.23.02da9adb[BOT] Update assets for v1.23.0 release7520205Merge pull request #107 from docker/release/v1.22.06b2b3b1[BOT] Update assets for v1.22.0 release3a14fc8chore: pin GitHub Actions to commit SHA (#103)cd72f26Merge pull request #104 from docker/release/v1.21.0b9ceaba[BOT] Update assets for v1.21.0 releaseUpdates
score-spec/setup-scorefrom 3.2.3 to 3.2.4Release notes
Sourced from score-spec/setup-score's releases.
Commits
888a7deMerge pull request #106 from score-spec/mathieu-benoit-patch-15933d32Add Harden Runner step to GitHub Actions workflow9692890Bump the ci group with 2 updates (#105)eee5f67Bump undici from 6.24.1 to 6.27.0 (#104)c01ab5dBump actions/checkout from 6.0.3 to 7.0.0 in the ci group (#103)3578608Bump the ci group with 2 updates (#102)a31e192Bump actions/checkout from 6.0.2 to 6.0.3 in the ci group (#101)4b72262Bump eslint from 10.4.0 to 10.4.1 in the ci group (#100)107ee81Bump the ci group with 2 updates (#99)445273fBump jest from 30.3.0 to 30.4.1 in the ci group (#98)Updates
docker/github-builder/.github/workflows/build.ymlfrom 1.8.0 to 1.12.0Release notes
Sourced from docker/github-builder/.github/workflows/build.yml's releases.
Commits
5f637c8Merge pull request #231 from crazy-max/fix-tag-git-context-checksum0d9a08dbuild/bake: preserve tag refs in git contexts5f32361Merge pull request #228 from docker/deps/binfmt-imagefb769ecchore(deps): update Binfmt image to qemu-v10.2.3-68eac7322Merge pull request #229 from docker/dependabot/github_actions/crazy-max-dot-g...c79e119Merge pull request #230 from crazy-max/aws-ecr-to-docker-hub26108c5test: replace AWS ECR with Docker Hub in test workflows2ffaff4build(deps): Bump the crazy-max-dot-github group with 2 updates04e22bcMerge pull request #224 from crazy-max/test-dockerhub-stage-rm70ac3fcMerge pull request #227 from crazy-max/disable-buildx-metadata-provenanceUpdates
docker/setup-qemu-actionfrom 4.0.0 to 4.2.0Release notes
Sourced from docker/setup-qemu-action's releases.
Commits
96fe6efMerge pull request #315 from docker/dependabot/npm_and_yarn/docker/actions-to...31f08d3[dependabot skip] chore: update generated content4e7017abuild(deps): bump@docker/actions-toolkitfrom 0.91.0 to 0.92.00eca235Merge pull request #314 from crazy-max/fix-yarn-preapprove-actions-toolkitea66a41chore: allow actions-toolkit to bypass yarn age gate451542bMerge pull request #308 from docker/dependabot/npm_and_yarn/undici-6.27.0532ae00[dependabot skip] chore: update generated contentb6f5af6build(deps): bump undici from 6.26.0 to 6.27.0cf96b86Merge pull request #304 from docker/dependabot/npm_and_yarn/tmp-0.2.7f0ba643[dependabot skip] chore: update generated contentUpdates
github/codeql-action/upload-sariffrom 4.35.5 to 4.36.3Release notes
Sourced from github/codeql-action/upload-sarif's releases.
Changelog
Sourced from github/codeql-action/upload-sarif's changelog.