chore(deps): Bump @actions/core from 1.11.1 to 3.0.0

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.11.1 to 3.0.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/update-dist.yml

@@ -0,0 +1,49 @@
+name: update-dist
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+
+jobs:
+  update-dist:
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: GitHub auth token from GitHub App
+        id: docker-read-app
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.GHACTIONS_REPO_WRITE_APP_ID }}
+          private-key: ${{ secrets.GHACTIONS_REPO_WRITE_APP_PRIVATE_KEY }}
+          owner: docker
+      -
+        name: Checkout
+        uses: actions/checkout@v6
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
+          token: ${{ steps.docker-read-app.outputs.token || github.token }}
+      -
+        name: Build
+        uses: docker/bake-action@v6
+        with:
+          source: .
+          targets: build
+      -
+        name: Commit and push dist
+        run: |
+          if [ -n "$(git status --porcelain -- dist)" ]; then
+            (
+              set -x
+              git config user.name "github-actions[bot]"
+              git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+              git add dist
+              git commit -m "chore: update generated content"
+              git push
+            )
+          else
+            echo "No changes in dist"
+          fi

.yarnrc.yml

@@ -1,3 +1,9 @@
+# https://yarnpkg.com/configuration/yarnrc
+
+compressionLevel: mixed
+enableGlobalCache: false
+enableHardenedMode: true
+
 logFilters:
   - code: YN0013
     level: discard
@@ -5,9 +11,7 @@ logFilters:
     level: discard
   - code: YN0076
     level: discard
+  - code: YN0086
+    level: discard
 
 nodeLinker: node-modules
-
-plugins:
-  - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
-    spec: "@yarnpkg/plugin-interactive-tools"

__tests__/context.test.ts

@@ -232,7 +232,7 @@ ccc"`],
       [
         'build',
         '--output', '.',
-        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
+        '--secret', `id=GIT_AUTH_TOKEN.github.com,src=${tmpName}`,
         'https://github.com/docker/build-push-action.git#refs/heads/master'
       ],
       undefined
@@ -478,7 +478,7 @@ nproc=3`],
       [
         'build',
         '--iidfile', imageIDFilePath,
-        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
+        '--secret', `id=GIT_AUTH_TOKEN.github.com,src=${tmpName}`,
         '--metadata-file', metadataJson,
         'https://github.com/docker/build-push-action.git#refs/heads/master:subdir'
       ],

package.json

@@ -24,9 +24,9 @@
   ],
   "author": "Docker Inc.",
   "license": "Apache-2.0",
-  "packageManager": "yarn@3.6.3",
+  "packageManager": "yarn@4.9.2",
   "dependencies": {
-    "@actions/core": "^1.11.1",
+    "@actions/core": "^3.0.0",
     "@docker/actions-toolkit": "0.62.1",
     "handlebars": "^4.7.7"
   },

src/context.ts

@@ -183,7 +183,7 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
     }
   });
   if (inputs['github-token'] && !Build.hasGitAuthTokenSecret(inputs.secrets) && context.startsWith(Context.gitContext())) {
-    args.push('--secret', Build.resolveSecretString(`GIT_AUTH_TOKEN=${inputs['github-token']}`));
+    args.push('--secret', Build.resolveSecretString(`GIT_AUTH_TOKEN.${new URL(GitHub.serverURL).hostname.trimEnd()}=${inputs['github-token']}`));
   }
   if (inputs['shm-size']) {
     args.push('--shm-size', inputs['shm-size']);