chore: update generated content

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 3.0.0 to 3.0.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/dependabot.yml

@@ -19,6 +19,8 @@ updates:
       interval: "daily"
     cooldown:
       default-days: 2
+      exclude:
+        - "@docker/actions-toolkit"
     versioning-strategy: "increase"
     allow:
       - dependency-type: "production"

.github/workflows/ci.yml

@@ -125,3 +125,23 @@ jobs:
         uses: ./
         with:
           image: ${{ matrix.image }}
+
+  reset:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      -
+        name: Install multiarch/qemu-user-static
+        run: |
+          docker run --rm --privileged multiarch/qemu-user-static --reset -p yes -c yes
+      -
+        name: Set up QEMU
+        id: qemu
+        uses: ./
+        with:
+          reset: true
+      -
+        name: Available platforms
+        run: echo ${{ steps.qemu.outputs.platforms }}

.github/workflows/codeql.yml

@@ -30,17 +30,17 @@ jobs:
           yarn --version
       -
         name: Set up Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version: ${{ env.NODE_VERSION }}
       -
         name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           languages: javascript-typescript
           build-mode: none
       -
         name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           category: "/language:javascript-typescript"

.github/workflows/pr-assign-author.yml

@@ -11,7 +11,7 @@ on:
 
 jobs:
   run:
-    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
+    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
     permissions:
       contents: read
       pull-requests: write

.github/workflows/test.yml

@@ -23,7 +23,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       -
         name: Test
-        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           source: .
           targets: test

.github/workflows/update-dist.yml

@@ -21,11 +21,13 @@ jobs:
       -
         name: GitHub auth token from GitHub App
         id: docker-read-app
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           app-id: ${{ secrets.GHACTIONS_REPO_WRITE_APP_ID }}
           private-key: ${{ secrets.GHACTIONS_REPO_WRITE_APP_PRIVATE_KEY }}
           owner: docker
+          repositories: setup-qemu-action
+          permission-contents: write
       -
         name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -35,7 +37,7 @@ jobs:
           token: ${{ steps.docker-read-app.outputs.token }}
       -
         name: Build
-        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           source: .
           targets: build

.github/workflows/validate.yml

@@ -26,7 +26,7 @@ jobs:
       -
         name: Generate matrix
         id: generate
-        uses: docker/bake-action/subaction/matrix@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
+        uses: docker/bake-action/subaction/matrix@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           target: validate
 
@@ -41,6 +41,6 @@ jobs:
     steps:
       -
         name: Validate
-        uses: docker/bake-action@82490499d2e5613fcead7e128237ef0b0ea210f7 # v7.0.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           targets: ${{ matrix.target }}

.github/workflows/zizmor.yml

@@ -19,7 +19,7 @@ on:
 
 jobs:
   zizmor:
-    uses: crazy-max/.github/.github/workflows/zizmor.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
+    uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
     permissions:
       contents: read
       security-events: write

.github/zizmor.yml

@@ -1,3 +0,0 @@
-rules:
-  secrets-outside-env: # FIXME: remove this rule when zizmor 1.24.0 is released, fixing the right persona attached to this rule: https://github.com/zizmorcore/zizmor/pull/1783
-    disable: true

README.md

@@ -35,6 +35,34 @@ jobs:
         uses: docker/setup-qemu-action@v4
 ```
 
+This action registers QEMU emulators with `binfmt_misc`, so later steps can run
+containers built for another architecture on the GitHub-hosted runner.
+
+```yaml
+name: run-cross-platform-container
+
+on:
+  workflow_dispatch:
+
+jobs:
+  qemu-example:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v4
+      -
+        name: Run an arm64 container
+        run: docker run --rm --platform linux/arm64 alpine uname -m
+```
+
+The command above prints `aarch64` even though the job itself is running on
+`ubuntu-latest`.
+
+> [!TIP]
+> `setup-qemu-action` enables user-mode emulation for registered platforms. It
+> does not install `qemu-system-*` tools or add `qemu-*` binaries to your PATH.
+
 > [!NOTE]
 > If you are using [`docker/setup-buildx-action`](https://github.com/docker/setup-buildx-action),
 > this action should come before it:
@@ -58,6 +86,7 @@ The following inputs can be used as `step.with` keys:
 |---------------|--------|-------------------------------------------------------------------------------|----------------------------------------------------|
 | `image`       | String | [`tonistiigi/binfmt:latest`](https://hub.docker.com/r/tonistiigi/binfmt/tags) | QEMU static binaries Docker image                  |
 | `platforms`   | String | `all`                                                                         | Platforms to install (e.g., `arm64,riscv64,arm`)   |
+| `reset`       | Bool   | `false`                                                                       | Uninstall current emulators before installation    |
 | `cache-image` | Bool   | `true`                                                                        | Cache binfmt image to GitHub Actions cache backend |
 
 ### outputs

__tests__/context.test.ts

@@ -17,11 +17,13 @@ describe('getInputs', () => {
     [
       0,
       new Map<string, string>([
+        ['reset', 'false'],
         ['cache-image', 'true'],
       ]),
       {
         image: 'docker.io/tonistiigi/binfmt:latest',
         platforms: 'all',
+        reset: false,
         cacheImage: true,
       }
     ],
@@ -30,11 +32,13 @@ describe('getInputs', () => {
       new Map<string, string>([
         ['image', 'docker/binfmt:latest'],
         ['platforms', 'arm64,riscv64,arm'],
+        ['reset', 'false'],
         ['cache-image', 'false'],
       ]),
       {
         image: 'docker/binfmt:latest',
         platforms: 'arm64,riscv64,arm',
+        reset: false,
         cacheImage: false,
       }
     ],
@@ -42,11 +46,13 @@ describe('getInputs', () => {
       2,
       new Map<string, string>([
         ['platforms', 'arm64, riscv64, arm '],
+        ['reset', 'false'],
         ['cache-image', 'true'],
       ]),
       {
         image: 'docker.io/tonistiigi/binfmt:latest',
         platforms: 'arm64,riscv64,arm',
+        reset: false,
         cacheImage: true,
       }
     ]

action.yml

@@ -15,6 +15,10 @@ inputs:
     description: 'Platforms to install (e.g. arm64,riscv64,arm)'
     default: 'all'
     required: false
+  reset:
+    description: 'Uninstall current emulators before installation'
+    default: 'false'
+    required: false
   cache-image:
     description: 'Cache binfmt image to GitHub Actions cache backend'
     default: 'true'
@@ -26,5 +30,5 @@ outputs:
 
 runs:
   using: 'node24'
-  main: 'dist/index.js'
-  post: 'dist/index.js'
+  main: 'dist/index.cjs'
+  post: 'dist/index.cjs'

dist/package.json

@@ -1,3 +0,0 @@
-{
-  "type": "module"
-}

package.json

@@ -4,10 +4,11 @@
   "type": "module",
   "main": "src/main.ts",
   "scripts": {
-    "build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
+    "build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify && yarn run license",
     "lint": "eslint --max-warnings=0 .",
     "format": "eslint --fix .",
-    "test": "vitest run"
+    "test": "vitest run",
+    "license": "generate-license-file --input package.json --output dist/licenses.txt --overwrite --ci --no-spinner --eol lf"
   },
   "repository": {
     "type": "git",
@@ -22,20 +23,21 @@
   "license": "Apache-2.0",
   "packageManager": "yarn@4.9.2",
   "dependencies": {
-    "@actions/core": "^3.0.0",
-    "@docker/actions-toolkit": "^0.79.0"
+    "@actions/core": "^3.0.1",
+    "@docker/actions-toolkit": "^0.91.0"
   },
   "devDependencies": {
     "@eslint/js": "^9.39.3",
     "@types/node": "^24.11.0",
     "@typescript-eslint/eslint-plugin": "^8.56.1",
     "@typescript-eslint/parser": "^8.56.1",
-    "@vercel/ncc": "^0.38.4",
     "@vitest/coverage-v8": "^4.0.18",
     "@vitest/eslint-plugin": "^1.6.9",
+    "esbuild": "^0.28.0",
     "eslint": "^9.39.3",
     "eslint-config-prettier": "^10.1.8",
     "eslint-plugin-prettier": "^5.5.5",
+    "generate-license-file": "^4.1.1",
     "globals": "^17.3.0",
     "prettier": "^3.8.1",
     "typescript": "^5.9.3",

src/context.ts

@@ -4,6 +4,7 @@ import {Util} from '@docker/actions-toolkit/lib/util.js';
 export interface Inputs {
   image: string;
   platforms: string;
+  reset: boolean;
   cacheImage: boolean;
 }
 
@@ -11,6 +12,7 @@ export function getInputs(): Inputs {
   return {
     image: core.getInput('image') || 'docker.io/tonistiigi/binfmt:latest',
     platforms: Util.getInputList('platforms').join(',') || 'all',
+    reset: core.getBooleanInput('reset'),
     cacheImage: core.getBooleanInput('cache-image')
   };
 }

src/main.ts

@@ -44,6 +44,18 @@ actionsToolkit.run(
       });
     });
 
+    if (input.reset) {
+      await core.group(`Uninstalling current emulators`, async () => {
+        await Docker.getExecOutput(['run', '--rm', '--privileged', input.image, '--uninstall', 'qemu-*'], {
+          ignoreReturnCode: true
+        }).then(res => {
+          if (res.stderr.length > 0 && res.exitCode != 0) {
+            throw new Error(res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error');
+          }
+        });
+      });
+    }
+
     await core.group(`Installing QEMU static binaries`, async () => {
       await Docker.getExecOutput(['run', '--rm', '--privileged', input.image, '--install', input.platforms], {
         ignoreReturnCode: true