Michael Zampani
df9c7450bf
feat(e2e): replace AWS_ACCESS_KEY_ID secrets with OIDC role assumption
...
Adds aws-role-to-assume input to .e2e-run.yml. Adds configure-aws-credentials
step (pinned SHA, with role-session-name) before the Login to Registry step,
conditioned on ECR registry detection. Updates e2e.yml to pass the OIDC role
ARN and remove AWS secrets from the matrix credential expressions.
Role: arn:aws:iam::175142243308:role/official_gha_cicd
Action: aws-actions/configure-aws-credentials@7474bc4690
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com >
2026-05-29 23:16:53 -07:00
CrazyMax
f9f3042f7e
Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.88.0
...
chore(deps): Bump @docker/actions-toolkit from 0.87.0 to 0.90.0
2026-05-21 17:17:52 +02:00
github-actions[bot]
812d5fd921
chore: update generated content
2026-05-21 15:14:24 +00:00
dependabot[bot]
b6f6693076
chore(deps): Bump @docker/actions-toolkit from 0.87.0 to 0.90.0
...
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit ) from 0.87.0 to 0.90.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases )
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.87.0...v0.90.0 )
---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
dependency-version: 0.88.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-21 15:13:14 +00:00
CrazyMax
c1c626eced
Merge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
...
chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
2026-05-21 17:02:09 +02:00
github-actions[bot]
51bb284cd4
chore: update generated content
2026-05-21 14:59:33 +00:00
dependabot[bot]
5f7884def8
chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
...
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core ) from 3.0.0 to 3.0.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core )
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-version: 3.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-21 14:58:26 +00:00
CrazyMax
e01deff7d9
Merge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-5.7.1
...
chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
2026-05-21 16:56:15 +02:00
github-actions[bot]
3804d49793
chore: update generated content
2026-05-21 14:54:16 +00:00
dependabot[bot]
71e8947aac
chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
...
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser ) from 5.5.7 to 5.8.0.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases )
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.7...v5.8.0 )
---
updated-dependencies:
- dependency-name: fast-xml-parser
dependency-version: 5.7.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-21 14:53:05 +00:00
CrazyMax
4925ad24cd
Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10
...
chore(deps): Bump postcss from 8.5.6 to 8.5.10
2026-05-21 16:50:55 +02:00
CrazyMax
08c59e6569
Merge pull request #1529 from docker/dependabot/npm_and_yarn/fast-xml-builder-1.2.0
...
chore(deps): Bump fast-xml-builder from 1.1.4 to 1.2.0
2026-05-21 16:50:28 +02:00
github-actions[bot]
63e6a3e1d8
chore: update generated content
2026-05-21 14:48:38 +00:00
dependabot[bot]
7c3825ea74
chore(deps): Bump fast-xml-builder from 1.1.4 to 1.2.0
...
Bumps [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder ) from 1.1.4 to 1.2.0.
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md )
- [Commits](https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.4...v1.2.0 )
---
updated-dependencies:
- dependency-name: fast-xml-builder
dependency-version: 1.2.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-21 14:47:34 +00:00
CrazyMax
d7cd9d7a35
Merge pull request #1533 from docker/dependabot/npm_and_yarn/tar-7.5.15
...
chore(deps): Bump tar from 6.2.1 to 7.5.15
2026-05-21 16:45:18 +02:00
CrazyMax
157becc75e
Merge pull request #1534 from docker/dependabot/npm_and_yarn/brace-expansion-5.0.6
...
chore(deps): Bump brace-expansion from 2.0.2 to 5.0.6
2026-05-21 16:41:57 +02:00
CrazyMax
5ae6a4a064
Merge pull request #1531 from docker/dependabot/github_actions/crazy-max-dot-github-6667ecc476
...
chore(deps): Bump the crazy-max-dot-github group with 2 updates
2026-05-21 16:26:51 +02:00
CrazyMax
422287b25a
Merge pull request #1532 from docker/dependabot/github_actions/actions/create-github-app-token-3.2.0
...
chore(deps): Bump actions/create-github-app-token from 3.1.1 to 3.2.0
2026-05-21 16:26:28 +02:00
CrazyMax
af6a07f739
Merge pull request #1535 from docker/dependabot/github_actions/github/codeql-action-4.35.5
...
chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.5
2026-05-21 16:25:59 +02:00
CrazyMax
3d01f53c7b
Merge pull request #1536 from docker/dependabot/github_actions/codecov/codecov-action-6.0.1
...
chore(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
2026-05-21 16:24:51 +02:00
CrazyMax
e46f50c06e
Merge pull request #1537 from crazy-max/zizmor-fixes
...
ci: restrict update-dist GitHub App token scope
2026-05-21 14:57:22 +02:00
CrazyMax
69b698e993
ci: restrict update-dist GitHub App token scope
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com >
2026-05-21 14:23:33 +02:00
dependabot[bot]
f8538d20fd
chore(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](57e3a136b7...e79a6962e0support@github.com >
2026-05-20 17:44:10 +00:00
dependabot[bot]
c39566cf62
chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.1 to 4.35.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c10b8064de...9e0d7b8d25support@github.com >
2026-05-18 21:19:09 +00:00
github-actions[bot]
c707ca9135
chore: update generated content
2026-05-18 16:49:19 +00:00
dependabot[bot]
ffa52ef3ea
chore(deps): Bump brace-expansion from 2.0.2 to 5.0.6
...
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion ) from 2.0.2 to 5.0.6.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases )
- [Commits](https://github.com/juliangruber/brace-expansion/compare/v2.0.2...v5.0.6 )
---
updated-dependencies:
- dependency-name: brace-expansion
dependency-version: 5.0.6
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-18 16:48:14 +00:00
dependabot[bot]
7a8bc15c71
chore(deps): Bump tar from 6.2.1 to 7.5.15
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 6.2.1 to 7.5.15.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v6.2.1...v7.5.15 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.15
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-05-15 00:39:31 +00:00
dependabot[bot]
f66d2d71bf
chore(deps): Bump actions/create-github-app-token from 3.1.1 to 3.2.0
...
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token ) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md )
- [Commits](1b10c78c78...bcd2ba4921support@github.com >
2026-05-14 11:52:51 +00:00
dependabot[bot]
eef0e2e2ee
chore(deps): Bump the crazy-max-dot-github group with 2 updates
...
Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github ) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github ).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.7.1 to 1.8.0
- [Release notes](https://github.com/crazy-max/.github/releases )
- [Commits](64a0bfaf6e...9ba6e6f945https://github.com/crazy-max/.github/releases )
- [Commits](64a0bfaf6e...9ba6e6f945support@github.com >
2026-05-12 17:51:43 +00:00
CrazyMax
789f686580
Merge pull request #1524 from docker/dependabot/github_actions/crazy-max-dot-github-a3893cf95f
...
chore(deps): Bump the crazy-max-dot-github group with 2 updates
2026-04-27 09:36:37 +02:00
dependabot[bot]
152d4297d0
chore(deps): Bump postcss from 8.5.6 to 8.5.10
...
Bumps [postcss](https://github.com/postcss/postcss ) from 8.5.6 to 8.5.10.
- [Release notes](https://github.com/postcss/postcss/releases )
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md )
- [Commits](https://github.com/postcss/postcss/compare/8.5.6...8.5.10 )
---
updated-dependencies:
- dependency-name: postcss
dependency-version: 8.5.10
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-24 17:40:31 +00:00
Tõnis Tiigi
21f7630a74
Merge pull request #1523 from crazy-max/esbuild
...
replace ncc with esbuild for action bundling
2026-04-24 10:38:43 -07:00
dependabot[bot]
3ff27d3602
chore(deps): Bump the crazy-max-dot-github group with 2 updates
...
Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github ) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github ).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.7.0 to 1.7.1
- [Release notes](https://github.com/crazy-max/.github/releases )
- [Commits](4a17dbaa9c...64a0bfaf6ehttps://github.com/crazy-max/.github/releases )
- [Commits](4a17dbaa9c...64a0bfaf6esupport@github.com >
2026-04-24 11:52:30 +00:00
CrazyMax
d70693f4ae
replace ncc with esbuild for action bundling
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com >
2026-04-24 11:09:46 +02:00
CrazyMax
e0fea16cbf
Merge pull request #1519 from docker/dependabot/github_actions/actions/setup-node-6.4.0
...
chore(deps): Bump actions/setup-node from 6.3.0 to 6.4.0
2026-04-24 09:48:12 +02:00
CrazyMax
f832d4c773
Merge pull request #1520 from docker/dependabot/github_actions/crazy-max-dot-github-6f136b1f9e
...
chore(deps): Bump the crazy-max-dot-github group with 2 updates
2026-04-24 09:46:03 +02:00
dependabot[bot]
17a24e14ed
chore(deps): Bump the crazy-max-dot-github group with 2 updates
...
Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github ) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github ).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/crazy-max/.github/releases )
- [Commits](d89fe92d80...4a17dbaa9chttps://github.com/crazy-max/.github/releases )
- [Commits](d89fe92d80...4a17dbaa9csupport@github.com >
2026-04-22 11:52:24 +00:00
dependabot[bot]
ad938becb9
chore(deps): Bump actions/setup-node from 6.3.0 to 6.4.0
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](53b83947a5...48b55a011bsupport@github.com >
2026-04-21 11:52:31 +00:00
Tõnis Tiigi
c269a24fa2
Merge pull request #1516 from crazy-max/fix-zizmor
...
ci(zizmor): update rules
2026-04-15 14:25:13 -07:00
CrazyMax
64fda479ac
ci(zizmor): update rules
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com >
2026-04-15 16:01:32 +02:00
CrazyMax
c1d0c0cc42
Merge pull request #1514 from docker/dependabot/github_actions/actions/create-github-app-token-3.1.1
...
chore(deps): Bump actions/create-github-app-token from 3.0.0 to 3.1.1
2026-04-15 14:48:56 +02:00
CrazyMax
d5c8665698
Merge pull request #1515 from docker/dependabot/github_actions/actions/cache-5.0.5
...
chore(deps): Bump actions/cache from 5.0.4 to 5.0.5
2026-04-15 14:48:40 +02:00
dependabot[bot]
e4086eff94
chore(deps): Bump actions/cache from 5.0.4 to 5.0.5
...
Bumps [actions/cache](https://github.com/actions/cache ) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](668228422a...27d5ce7f10support@github.com >
2026-04-15 11:54:10 +00:00
CrazyMax
e6ed27f63f
Merge pull request #1513 from docker/dependabot/github_actions/docker/bake-action-7.1.0
...
chore(deps): Bump docker/bake-action from 7.0.0 to 7.1.0
2026-04-14 10:54:30 +02:00
dependabot[bot]
dba6f6cfd6
chore(deps): Bump actions/create-github-app-token from 3.0.0 to 3.1.1
...
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token ) from 3.0.0 to 3.1.1.
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Commits](f8d387b68d...1b10c78c78support@github.com >
2026-04-13 12:35:24 +00:00
dependabot[bot]
4fc600fc62
chore(deps): Bump docker/bake-action from 7.0.0 to 7.1.0
...
Bumps [docker/bake-action](https://github.com/docker/bake-action ) from 7.0.0 to 7.1.0.
- [Release notes](https://github.com/docker/bake-action/releases )
- [Commits](82490499d2...a66e1c87e2support@github.com >
2026-04-13 12:34:56 +00:00
CrazyMax
bcafcacb16
Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
...
chore(deps): Bump vite from 7.3.1 to 7.3.2
2026-04-09 19:49:37 +02:00
CrazyMax
18e62f1158
Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
...
chore(deps): Bump lodash from 4.17.23 to 4.18.1
2026-04-09 19:48:40 +02:00
github-actions[bot]
46580d2c9d
chore: update generated content
2026-04-09 17:44:17 +00:00
dependabot[bot]
3f80b252ca
chore(deps): Bump lodash from 4.17.23 to 4.18.1
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.23 to 4.18.1.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1 )
---
updated-dependencies:
- dependency-name: lodash
dependency-version: 4.18.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-09 17:43:05 +00:00
