build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.4 to 6.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](75cd11691c...57e3a136b7) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #955 from crazy-max/zizmor
2026-03-31 03:58:18 +01:00 · 2026-03-31 01:51:57 +00:00 · 2026-03-30 18:49:37 -07:00 · 2026-03-30 13:44:09 +02:00 · 2026-03-30 13:37:19 +02:00 · 2026-03-30 09:58:21 +02:00
16 changed files with 164 additions and 87 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,6 +4,12 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
+    cooldown:
+      default-days: 2
+    groups:
+      crazy-max-dot-github:
+        patterns:
+          - "crazy-max/.github/*"
    labels:
      - "dependencies"
      - "bot"
@@ -11,6 +17,8 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
+    cooldown:
+      default-days: 2
    versioning-strategy: "increase"
    groups:
      aws-sdk-dependencies:
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,5 +1,8 @@
 name: ci

+permissions:
+  contents: read
+
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
@@ -19,7 +22,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Stop docker
        run: |
@@ -43,7 +46,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitHub Container Registry
        uses: ./
@@ -60,7 +63,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitHub Container Registry
        uses: ./
@@ -70,7 +73,7 @@ jobs:
          password: ${{ secrets.GHCR_PAT }}
      -
        name: DinD
-        uses: docker://docker
+        uses: docker://docker:29.3@sha256:4d90f1f6c400315c2dba96d3ec93c01e64198395cbba04f79d12adce4f737029
        with:
          entrypoint: docker
          args: pull ghcr.io/docker-ghactiontest/test
@@ -85,7 +88,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to ACR
        uses: ./
@@ -105,7 +108,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Docker Hub
        uses: ./
@@ -124,7 +127,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to ECR
        uses: ./
@@ -144,10 +147,10 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v6
+        uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -169,7 +172,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Public ECR
        continue-on-error: ${{ matrix.os == 'windows-latest' }}
@@ -192,10 +195,10 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v6
+        uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -218,7 +221,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitHub Container Registry
        uses: ./
@@ -238,7 +241,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitLab
        uses: ./
@@ -258,7 +261,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Google Artifact Registry
        uses: ./
@@ -278,7 +281,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Google Container Registry
        uses: ./
@@ -292,7 +295,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to registries
        uses: ./
@@ -315,7 +318,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to registries
        uses: ./
@@ -336,7 +339,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to registries
        id: login
@@ -368,7 +371,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Docker Hub
        uses: ./
@@ -398,7 +401,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to Docker Hub
        uses: ./
@@ -428,7 +431,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitHub Container Registry
        uses: ./
@@ -459,7 +462,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Login to GitHub Container Registry
        uses: ./
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,50 +1,46 @@
 name: codeql

+permissions:
+  contents: read
+
 on:
  push:
    branches:
      - 'master'
      - 'releases/v*'
-    paths:
-      - '.github/workflows/codeql.yml'
-      - 'dist/**'
-      - 'src/**'
  pull_request:
-    paths:
-      - '.github/workflows/codeql.yml'
-      - 'dist/**'
-      - 'src/**'

-permissions:
-  actions: read
-  contents: read
-  security-events: write
+env:
+  NODE_VERSION: "24"

 jobs:
  analyze:
    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        language:
-          - javascript-typescript
+    permissions:
+      contents: read
+      security-events: write
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      -
+        name: Enable corepack
+        run: |
+          corepack enable
+          yarn --version
+      -
+        name: Set up Node
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        with:
+          node-version: ${{ env.NODE_VERSION }}
      -
        name: Initialize CodeQL
-        uses: github/codeql-action/init@v4
+        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
        with:
-          languages: ${{ matrix.language }}
-          config: |
-            paths:
-              - src
-      -
-        name: Autobuild
-        uses: github/codeql-action/autobuild@v4
+          languages: javascript-typescript
+          build-mode: none
      -
        name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v4
+        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
        with:
-          category: "/language:${{matrix.language}}"
+          category: "/language:javascript-typescript"
--- a/.github/workflows/pr-assign-author.yml
+++ b/.github/workflows/pr-assign-author.yml
@@ -4,14 +4,14 @@ permissions:
  contents: read

 on:
-  pull_request_target:
+  pull_request_target: # zizmor: ignore[dangerous-triggers] safe to use without checkout
    types:
      - opened
      - reopened

 jobs:
  run:
-    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@1b673f36fad86812f538c1df9794904038a23cbf
+    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
    permissions:
      contents: read
      pull-requests: write
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,5 +1,12 @@
 name: publish

+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 on:
  release:
    types:
@@ -15,7 +22,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Publish
-        uses: actions/publish-immutable-action@v0.0.4
+        uses: actions/publish-immutable-action@4bc8754ffc40f27910afb20287dbbbb675a4e978 # v0.0.4
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,5 +1,8 @@
 name: test

+permissions:
+  contents: read
+
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
@@ -17,16 +20,16 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Test
-        uses: docker/bake-action@v6
+        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
        with:
          source: .
          targets: test
      -
        name: Upload coverage
-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          files: ./coverage/clover.xml
          token: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/update-dist.yml
+++ b/.github/workflows/update-dist.yml
@@ -1,5 +1,12 @@
 name: update-dist

+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 on:
  pull_request:
    types:
@@ -8,27 +15,27 @@ on:

 jobs:
  update-dist:
-    if: github.actor == 'dependabot[bot]'
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == github.event.pull_request.head.repo.full_name
    runs-on: ubuntu-latest
    steps:
      -
        name: GitHub auth token from GitHub App
        id: docker-read-app
-        uses: actions/create-github-app-token@v2
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.GHACTIONS_REPO_WRITE_APP_ID }}
          private-key: ${{ secrets.GHACTIONS_REPO_WRITE_APP_PRIVATE_KEY }}
          owner: docker
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ github.event.pull_request.head.ref }}
          fetch-depth: 0
-          token: ${{ steps.docker-read-app.outputs.token || github.token }}
+          token: ${{ steps.docker-read-app.outputs.token }}
      -
        name: Build
-        uses: docker/bake-action@v6
+        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
        with:
          source: .
          targets: build
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -1,5 +1,8 @@
 name: validate

+permissions:
+  contents: read
+
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
@@ -15,15 +18,15 @@ jobs:
  prepare:
    runs-on: ubuntu-latest
    outputs:
-      targets: ${{ steps.generate.outputs.targets }}
+      matrix: ${{ steps.generate.outputs.matrix }}
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
-        name: List targets
+        name: Generate matrix
        id: generate
-        uses: docker/bake-action/subaction/list-targets@v6
+        uses: docker/bake-action/subaction/matrix@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
        with:
          target: validate

@@ -34,10 +37,10 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        target: ${{ fromJson(needs.prepare.outputs.targets) }}
+        include: ${{ fromJson(needs.prepare.outputs.matrix) }}
    steps:
      -
        name: Validate
-        uses: docker/bake-action@v6
+        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
        with:
          targets: ${{ matrix.target }}
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -0,0 +1,29 @@
+name: zizmor
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+      - 'releases/v*'
+    tags:
+      - 'v*'
+  pull_request:
+
+jobs:
+  zizmor:
+    uses: crazy-max/.github/.github/workflows/zizmor.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
+    permissions:
+      contents: read
+      security-events: write
+    with:
+      min-severity: medium
+      min-confidence: medium
+      persona: pedantic
--- a/.github/zizmor.yml
+++ b/.github/zizmor.yml
@@ -0,0 +1,3 @@
+rules:
+  secrets-outside-env: # FIXME: remove this rule when zizmor 1.24.0 is released, fixing the right persona attached to this rule: https://github.com/zizmorcore/zizmor/pull/1783
+    disable: true
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@@ -1,6 +1,17 @@
-import {expect, test} from 'vitest';
+import {afterEach, expect, test} from 'vitest';
+import * as path from 'path';

-import {getInputs} from '../src/context.js';
+import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
+
+import {getAuthList, getInputs} from '../src/context.js';
+
+afterEach(() => {
+  for (const key of Object.keys(process.env)) {
+    if (key.startsWith('INPUT_')) {
+      delete process.env[key];
+    }
+  }
+});

 test('with password and username getInputs does not throw error', async () => {
  process.env['INPUT_USERNAME'] = 'dbowie';
@@ -10,3 +21,15 @@ test('with password and username getInputs does not throw error', async () => {
    getInputs();
  }).not.toThrow();
 });
+
+test('getAuthList uses the default Docker Hub registry when computing scoped config dir', async () => {
+  process.env['INPUT_USERNAME'] = 'dbowie';
+  process.env['INPUT_PASSWORD'] = 'groundcontrol';
+  process.env['INPUT_SCOPE'] = 'myscope';
+  process.env['INPUT_LOGOUT'] = 'false';
+  const [auth] = getAuthList(getInputs());
+  expect(auth).toMatchObject({
+    registry: 'docker.io',
+    configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
+  });
+});
--- a/tests/docker.test.ts
+++ b/tests/docker.test.ts
@@ -1,15 +1,10 @@
 import {expect, test, vi} from 'vitest';
-import * as path from 'path';

 import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js';

 import {loginStandard, logout} from '../src/docker.js';

-process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner');
-
 test('loginStandard calls exec', async () => {
-  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-  // @ts-ignore
  const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
    return {
      exitCode: expect.any(Number),
@@ -38,8 +33,6 @@ test('loginStandard calls exec', async () => {
 });

 test('logout calls exec', async () => {
-  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-  // @ts-ignore
  const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
    return {
      exitCode: expect.any(Number),
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/src/context.ts
+++ b/src/context.ts
@@ -42,24 +42,26 @@ export function getAuthList(inputs: Inputs): Array<Auth> {
  }
  let auths: Array<Auth> = [];
  if (!inputs.registryAuth) {
+    const registry = inputs.registry || 'docker.io';
    auths.push({
-      registry: inputs.registry || 'docker.io',
+      registry,
      username: inputs.username,
      password: inputs.password,
      scope: inputs.scope,
      ecr: inputs.ecr || 'auto',
-      configDir: scopeToConfigDir(inputs.registry, inputs.scope)
+      configDir: scopeToConfigDir(registry, inputs.scope)
    });
  } else {
    auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
      core.setSecret(auth.password); // redacted in workflow logs
+      const registry = auth.registry || 'docker.io';
      return {
-        registry: auth.registry || 'docker.io',
+        registry,
        username: auth.username,
        password: auth.password,
        scope: auth.scope,
        ecr: auth.ecr || 'auto',
-        configDir: scopeToConfigDir(auth.registry || 'docker.io', auth.scope)
+        configDir: scopeToConfigDir(registry, auth.scope)
      };
    });
  }
--- a/yarn.lock
+++ b/yarn.lock
@@ -3639,9 +3639,9 @@ __metadata:
  linkType: hard

 "flatted@npm:^3.2.9":
-  version: 3.3.3
-  resolution: "flatted@npm:3.3.3"
-  checksum: 10/8c96c02fbeadcf4e8ffd0fa24983241e27698b0781295622591fc13585e2f226609d95e422bcf2ef044146ffacb6b68b1f20871454eddf75ab3caa6ee5f4a1fe
+  version: 3.4.2
+  resolution: "flatted@npm:3.4.2"
+  checksum: 10/a9e78fe5c2c1fcd98209a015ccee3a6caa953e01729778e83c1fe92e68601a63e1e69cd4e573010ca99eaf585a581b80ccf1018b99283e6cbc2117bcba1e030f
  languageName: node
  linkType: hard
Author	SHA1	Message	Date
dependabot[bot]	5ac140e711	build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.4 to 6.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`75cd11691c...57e3a136b7`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-31 01:51:57 +00:00
Tõnis Tiigi	bb9683dca2	Merge pull request #955 from crazy-max/zizmor ci: zizmor workflow	2026-03-30 18:49:37 -07:00
CrazyMax	abb6787042	fix zizmor findings Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-30 13:44:09 +02:00
CrazyMax	a40c6a7122	ci: zizmor workflow Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-30 13:37:19 +02:00
CrazyMax	5c42dd293b	Merge pull request #954 from docker/dependabot/github_actions/crazy-max/dot-github/dot-github/workflows/pr-assign-author.yml-1.3.0 build(deps): bump crazy-max/.github/.github/workflows/pr-assign-author.yml from 1.1.0 to 1.3.0	2026-03-30 09:58:21 +02:00
dependabot[bot]	1615afe9d3	build(deps): bump crazy-max/.github/.github/workflows/pr-assign-author.yml Bumps [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) from 1.1.0 to 1.3.0. - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](`20ef82212d...bb328ea508`) --- updated-dependencies: - dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-30 05:52:17 +00:00
Tõnis Tiigi	a0d57b8e43	Merge pull request #947 from crazy-max/update-crazy-max-actions ci: bump crazy-max/.github to 1.1.0	2026-03-25 10:43:18 -07:00
CrazyMax	6eab1c84d2	ci: bump crazy-max/.github to 1.1.0 Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-25 12:36:10 +01:00
CrazyMax	292fe2d7ee	Merge pull request #944 from docker/dependabot/npm_and_yarn/flatted-3.4.2 build(deps): bump flatted from 3.3.3 to 3.4.2	2026-03-24 17:19:58 +01:00
CrazyMax	717e062c09	Merge pull request #945 from crazy-max/fix-scope-dir-dockerhub fix scoped Docker Hub cleanup path when registry is omitted	2026-03-24 17:19:19 +01:00
CrazyMax	b9381571b7	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-24 10:29:02 +01:00
CrazyMax	7277d4d442	fix scoped Docker Hub cleanup path when registry is omitted Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-24 10:28:31 +01:00
dependabot[bot]	955b3c705f	build(deps): bump flatted from 3.3.3 to 3.4.2 Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2. - [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2) --- updated-dependencies: - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-20 15:58:55 +00:00
CrazyMax	da5b89b92c	Merge pull request #943 from crazy-max/codeql ci: update codeql workflow	2026-03-20 16:57:15 +01:00
CrazyMax	b78dc2c156	ci: update codeql workflow Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-20 11:48:51 +01:00
CrazyMax	c144859092	Merge pull request #939 from docker/dependabot/github_actions/actions/create-github-app-token-3 build(deps): bump actions/create-github-app-token from 2 to 3	2026-03-16 12:45:34 +01:00
dependabot[bot]	cf45a603d2	build(deps): bump actions/create-github-app-token from 2 to 3 Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-16 05:52:18 +00:00
Tõnis Tiigi	9fe7774c8f	Merge pull request #934 from docker/dependabot/github_actions/docker/bake-action-7 build(deps): bump docker/bake-action from 6 to 7	2026-03-09 12:35:04 -07:00
CrazyMax	2b784c0f37	ci: switch to matrix subaction Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-03-06 09:53:04 +01:00
dependabot[bot]	89452f99ba	build(deps): bump docker/bake-action from 6 to 7 Bumps [docker/bake-action](https://github.com/docker/bake-action) from 6 to 7. - [Release notes](https://github.com/docker/bake-action/releases) - [Commits](https://github.com/docker/bake-action/compare/v6...v7) --- updated-dependencies: - dependency-name: docker/bake-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-06 05:52:22 +00:00