Skip to content

Commit 8e0af8d

Browse files
build(deps): bump the actions group across 1 directory with 2 updates (#933)
Bumps the actions group with 2 updates in the / directory: [docker/login-action](https://github.com/docker/login-action) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `docker/login-action` from 3.6.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@​dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/915">#915</a> from docker/dependabot/npm_and_yarn/lodash-4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/912">#912</a> from docker/scope</li> <li><a href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a> build(deps): bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a> documentation for scope input</li> <li><a href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a> Add scope input to set scopes for the authentication token</li> <li><a href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/914">#914</a> from dphi/add-support-for-amazonaws.eu</li> <li><a href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a> feat: add support for AWS European Sovereign Cloud ECR registries</li> <li><a href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/911">#911</a> from crazy-max/ensure-redact</li> <li><a href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare view</a></li> </ul> </details> <br /> Updates `anchore/sbom-action` from 0.22.1 to 0.22.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.22.2</h2> <h2>⬆️ Dependencies</h2> <ul> <li>chore(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 (<a href="https://redirect.github.com/anchore/sbom-action/issues/581">#581</a>) [@<a href="https://github.com/apps/dependabot">dependabot[bot]</a>]</li> <li>chore(deps): update Syft to v1.41.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/582">#582</a>) [@<a href="https://github.com/apps/anchore-actions-token-generator">anchore-actions-token-generator[bot]</a>]</li> <li>chore(deps-dev): bump the dev-dependencies group with 2 updates (<a href="https://redirect.github.com/anchore/sbom-action/issues/580">#580</a>) [@<a href="https://github.com/apps/dependabot">dependabot[bot]</a>]</li> <li>chore(deps): update Syft to v1.41.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/579">#579</a>) [@<a href="https://github.com/apps/anchore-actions-token-generator">anchore-actions-token-generator[bot]</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/anchore/sbom-action/commit/28d71544de8eaf1b958d335707167c5f783590ad"><code>28d7154</code></a> chore(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 (<a href="https://redirect.github.com/anchore/sbom-action/issues/581">#581</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/5e3583419a7a45f6568946ee1fbf3adbb19ec71f"><code>5e35834</code></a> chore(deps): update Syft to v1.41.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/582">#582</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/a30a06a2ced4c3266c52bb0325339a8e2e861f2c"><code>a30a06a</code></a> chore(deps-dev): bump the dev-dependencies group with 2 updates (<a href="https://redirect.github.com/anchore/sbom-action/issues/580">#580</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/750e84c055ffddba88685739b50e5d5b32890853"><code>750e84c</code></a> chore(deps): update Syft to v1.41.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/579">#579</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/5620efe7f17de3b70cbc020fc49ce9048f1bbacf"><code>5620efe</code></a> chore(deps): bump release-drafter/release-drafter from 6.1.0 to 6.2.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/578">#578</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/ec824c76adadff5f864555fc41ee33001b02fcd2"><code>ec824c7</code></a> chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/577">#577</a>)</li> <li>See full diff in <a href="https://github.com/anchore/sbom-action/compare/v0.22.1...v0.22.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Radoslav Dimitrov <radoslav@stacklok.com>
1 parent d33b3f5 commit 8e0af8d

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

.github/workflows/deploy-staging.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ jobs:
3434
uses: ko-build/setup-ko@v0.9
3535

3636
- name: Log in to Container Registry
37-
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef
37+
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
3838
with:
3939
registry: ghcr.io
4040
username: ${{ github.actor }}

.github/workflows/release.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ jobs:
2828
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
2929

3030
- name: Install Syft
31-
uses: anchore/sbom-action/download-syft@v0.22.1
31+
uses: anchore/sbom-action/download-syft@v0.22.2
3232

3333
- name: Run GoReleaser
3434
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a
@@ -57,7 +57,7 @@ jobs:
5757
uses: ko-build/setup-ko@v0.9
5858

5959
- name: Log in to Container Registry
60-
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef
60+
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
6161
with:
6262
registry: ghcr.io
6363
username: ${{ github.actor }}

0 commit comments

Comments
 (0)