Merge pull request #1452 from crazy-max/update-yarn

update yarn to 4.9.2
Merge pull request #1456 from crazy-max/auth-token-dyn-host
2026-02-12 06:08:19 +00:00 · 2026-02-11 19:59:17 +01:00 · 2026-02-11 16:43:48 +01:00 · 2026-02-11 13:59:06 +01:00 · 2026-02-11 13:47:42 +01:00 · 2026-02-10 17:54:01 +01:00
8 changed files with 2076 additions and 2626 deletions
--- a/.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
+++ b/.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1,3 +1,9 @@
 # https://yarnpkg.com/configuration/yarnrc
 compressionLevel: mixed
 enableGlobalCache: false
 enableHardenedMode: true
 logFilters:
  - code: YN0013
    level: discard
@@ -5,9 +11,7 @@ logFilters:
    level: discard
  - code: YN0076
    level: discard
  - code: YN0086
    level: discard
 nodeLinker: node-modules
 plugins:
  - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
    spec: "@yarnpkg/plugin-interactive-tools"
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@@ -232,7 +232,7 @@ ccc"`],
      [
        'build',
        '--output', '.',
-        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
+        '--secret', `id=GIT_AUTH_TOKEN.github.com,src=${tmpName}`,
        'https://github.com/docker/build-push-action.git#refs/heads/master'
      ],
      undefined
@@ -478,7 +478,7 @@ nproc=3`],
      [
        'build',
        '--iidfile', imageIDFilePath,
-        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
+        '--secret', `id=GIT_AUTH_TOKEN.github.com,src=${tmpName}`,
        '--metadata-file', metadataJson,
        'https://github.com/docker/build-push-action.git#refs/heads/master:subdir'
      ],
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
  ],
  "author": "Docker Inc.",
  "license": "Apache-2.0",
-  "packageManager": "yarn@3.6.3",
+  "packageManager": "yarn@4.9.2",
  "dependencies": {
    "@actions/core": "^1.11.1",
    "@docker/actions-toolkit": "0.62.1",
--- a/src/context.ts
+++ b/src/context.ts
@@ -183,7 +183,7 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
    }
  });
  if (inputs['github-token'] && !Build.hasGitAuthTokenSecret(inputs.secrets) && context.startsWith(Context.gitContext())) {
-    args.push('--secret', Build.resolveSecretString(`GIT_AUTH_TOKEN=${inputs['github-token']}`));
+    args.push('--secret', Build.resolveSecretString(`GIT_AUTH_TOKEN.${new URL(GitHub.serverURL).hostname.trimEnd()}=${inputs['github-token']}`));
  }
  if (inputs['shm-size']) {
    args.push('--shm-size', inputs['shm-size']);
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
CrazyMax	806c75105a	Merge pull request #1452 from crazy-max/update-yarn update yarn to 4.9.2	2026-02-11 19:59:17 +01:00
CrazyMax	601a80b39c	Merge pull request #1456 from crazy-max/auth-token-dyn-host derive GIT_AUTH_TOKEN host from GitHub server URL	2026-02-11 16:43:48 +01:00
CrazyMax	8f7fd7c8c7	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-02-11 13:59:06 +01:00
CrazyMax	710e335474	derive GIT_AUTH_TOKEN host from GitHub server URL Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-02-11 13:47:42 +01:00
CrazyMax	c4ca8486a6	update yarn to 4.9.2 Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-02-10 17:54:01 +01:00
CrazyMax	ee4ca427a2	Merge pull request #1398 from docker/dependabot/npm_and_yarn/tmp-0.2.4 chore(deps): Bump tmp from 0.2.3 to 0.2.4	2026-02-10 17:34:08 +01:00
github-actions[bot]	f1b3bb51af	chore: update generated content	2026-02-10 16:31:49 +00:00
dependabot[bot]	db35f80311	chore(deps): Bump tmp from 0.2.3 to 0.2.4 Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.3 to 0.2.4. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](https://github.com/raszi/node-tmp/compare/v0.2.3...v0.2.4) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-10 16:30:28 +00:00
CrazyMax	a129300020	Merge pull request #1397 from docker/dependabot/npm_and_yarn/undici-5.29.0 chore(deps): Bump undici from 5.28.4 to 5.29.0	2026-02-10 17:28:15 +01:00
github-actions[bot]	ba15693834	chore: update generated content	2026-02-10 16:20:42 +00:00
dependabot[bot]	367ff5effe	chore(deps): Bump undici from 5.28.4 to 5.29.0 Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.29.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.29.0) --- updated-dependencies: - dependency-name: undici dependency-version: 5.29.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-10 16:19:23 +00:00
CrazyMax	0149a90b0f	Merge pull request #1396 from docker/dependabot/npm_and_yarn/brace-expansion-1.1.12 chore(deps): Bump brace-expansion from 1.1.11 to 1.1.12	2026-02-10 17:16:59 +01:00
github-actions[bot]	d1d3988951	chore: update generated content	2026-02-10 16:01:19 +00:00
dependabot[bot]	b88979e155	chore(deps): Bump brace-expansion from 1.1.11 to 1.1.12 Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-10 15:59:52 +00:00
CrazyMax	176babefcc	Merge pull request #1429 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2 chore(deps): Bump js-yaml from 3.14.1 to 3.14.2	2026-02-10 16:57:14 +01:00
CrazyMax	469bed9e93	Merge pull request #1446 from docker/dependabot/npm_and_yarn/lodash-4.17.23 chore(deps): Bump lodash from 4.17.21 to 4.17.23	2026-02-10 16:56:47 +01:00
CrazyMax	f477955db5	Merge pull request #1451 from crazy-max/fix-git-auth-token scope default git auth token to github.com	2026-02-10 16:55:36 +01:00
CrazyMax	9760b3030f	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-02-10 15:39:22 +01:00
CrazyMax	d40bd56b13	scope default git auth token to github.com Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-02-10 15:39:21 +01:00
dependabot[bot]	073b0e6385	chore(deps): Bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-01-22 00:11:31 +00:00
dependabot[bot]	6d01ebc3b0	chore(deps): Bump js-yaml from 3.14.1 to 3.14.2 Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2025-11-17 19:01:34 +00:00