1
0

Compare commits

..

59 Commits

Author SHA1 Message Date
CrazyMax af1e73f918 Merge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependencies-853218ef63
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
2026-07-03 15:02:31 +02:00
github-actions[bot] da722bde43 [dependabot skip] chore: update generated content 2026-07-03 13:00:13 +00:00
dependabot[bot] 2916ad60bd build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
Bumps the aws-sdk-dependencies group with 2 updates in the / directory: [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public).


Updates `@aws-sdk/client-ecr` from 3.1076.0 to 3.1077.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1077.0/clients/client-ecr)

Updates `@aws-sdk/client-ecr-public` from 3.1076.0 to 3.1077.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1077.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-version: 3.1077.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-version: 3.1077.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-03 12:59:24 +00:00
CrazyMax ca0a662f78 Merge pull request #1035 from crazy-max/fix-registry-auth-empty-mask
skip empty registry-auth secret mask
2026-07-03 14:56:11 +02:00
CrazyMax c455755a57 chore: update generated content
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-07-03 14:12:13 +02:00
CrazyMax 48351901f8 skip empty registry-auth secret mask
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-07-03 14:12:12 +02:00
CrazyMax 992421c6e6 Merge pull request #1033 from docker/dependabot/github_actions/docker/bake-action-7.3.0
build(deps): bump docker/bake-action from 7.2.0 to 7.3.0
2026-07-03 11:10:14 +02:00
CrazyMax b249b43765 Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-action/subaction/matrix-7.3.0
build(deps): bump docker/bake-action/subaction/matrix from 7.2.0 to 7.3.0
2026-07-03 11:09:46 +02:00
dependabot[bot] 1b67977736 build(deps): bump docker/bake-action from 7.2.0 to 7.3.0
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.2.0 to 7.3.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/6614cfa25eff9a0b2b2697efb0b6159e7680d584...d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-03 05:53:41 +00:00
dependabot[bot] 9d49d6a323 build(deps): bump docker/bake-action/subaction/matrix
Bumps [docker/bake-action/subaction/matrix](https://github.com/docker/bake-action) from 7.2.0 to 7.3.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/6614cfa25eff9a0b2b2697efb0b6159e7680d584...d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b)

---
updated-dependencies:
- dependency-name: docker/bake-action/subaction/matrix
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-03 05:53:34 +00:00
CrazyMax c99871dec2 Merge pull request #1030 from docker/dependabot/npm_and_yarn/aws-sdk-dependencies-7bb15b6937
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
2026-07-02 09:45:29 +02:00
github-actions[bot] b43355553d [dependabot skip] chore: update generated content 2026-07-02 07:41:45 +00:00
dependabot[bot] 678a46a45e build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
Bumps the aws-sdk-dependencies group with 2 updates in the / directory: [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public).


Updates `@aws-sdk/client-ecr` from 3.1075.0 to 3.1076.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1076.0/clients/client-ecr)

Updates `@aws-sdk/client-ecr-public` from 3.1075.0 to 3.1076.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1076.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-version: 3.1076.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-version: 3.1076.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-02 07:40:49 +00:00
CrazyMax f9a0aea0f2 Merge pull request #1031 from docker/dependabot/npm_and_yarn/sigstore-4.1.1
build(deps): bump sigstore from 4.1.0 to 4.1.1
2026-07-02 09:37:57 +02:00
dependabot[bot] cc1e4cb459 build(deps): bump sigstore from 4.1.0 to 4.1.1
Bumps [sigstore](https://github.com/sigstore/sigstore-js) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@4.1.0...sigstore@4.1.1)

---
updated-dependencies:
- dependency-name: sigstore
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-02 07:36:15 +00:00
CrazyMax 02e1730369 Merge pull request #1029 from docker/dependabot/npm_and_yarn/sigstore/verify-3.1.1
build(deps): bump @sigstore/verify from 3.1.0 to 3.1.1
2026-07-02 09:34:34 +02:00
dependabot[bot] b548518374 build(deps): bump @sigstore/verify from 3.1.0 to 3.1.1
Bumps [@sigstore/verify](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/verify@3.1.1)

---
updated-dependencies:
- dependency-name: "@sigstore/verify"
  dependency-version: 3.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-02 04:47:55 +00:00
CrazyMax a244be3944 Merge pull request #1027 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.92.0
build(deps): bump @docker/actions-toolkit from 0.91.0 to 0.92.0
2026-07-01 18:21:39 +02:00
github-actions[bot] ee0d698156 [dependabot skip] chore: update generated content 2026-07-01 15:53:52 +00:00
dependabot[bot] 127dc2c62e build(deps): bump @docker/actions-toolkit from 0.91.0 to 0.92.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.91.0 to 0.92.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.91.0...v0.92.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-version: 0.92.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:52:52 +00:00
CrazyMax 28d93c8e86 Merge pull request #999 from docker/dependabot/npm_and_yarn/aws-sdk-dependencies-b2b0f464cc
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
2026-07-01 17:50:44 +02:00
github-actions[bot] bb4abc2b4e [dependabot skip] chore: update generated content 2026-07-01 15:49:15 +00:00
dependabot[bot] 46b0f7f7db build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 updates
Bumps the aws-sdk-dependencies group with 2 updates in the / directory: [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public).


Updates `@aws-sdk/client-ecr` from 3.1052.0 to 3.1075.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1075.0/clients/client-ecr)

Updates `@aws-sdk/client-ecr-public` from 3.1052.0 to 3.1075.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1075.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-version: 3.1053.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-version: 3.1053.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:48:13 +00:00
CrazyMax 02ce84ffb2 Merge pull request #1017 from docker/dependabot/npm_and_yarn/proxy-agent-dependencies-c4582b8cb5
build(deps): bump the proxy-agent-dependencies group across 1 directory with 2 updates
2026-07-01 17:34:10 +02:00
github-actions[bot] aac44b8023 [dependabot skip] chore: update generated content 2026-07-01 15:31:48 +00:00
dependabot[bot] e6a67367bb build(deps): bump the proxy-agent-dependencies group across 1 directory with 2 updates
Bumps the proxy-agent-dependencies group with 2 updates in the / directory: [http-proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/http-proxy-agent) and [https-proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/https-proxy-agent).


Updates `http-proxy-agent` from 9.0.0 to 9.1.0
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/http-proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/http-proxy-agent@9.1.0/packages/http-proxy-agent)

Updates `https-proxy-agent` from 9.0.0 to 9.1.0
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/https-proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/https-proxy-agent@9.1.0/packages/https-proxy-agent)

---
updated-dependencies:
- dependency-name: http-proxy-agent
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: proxy-agent-dependencies
- dependency-name: https-proxy-agent
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: proxy-agent-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:30:48 +00:00
CrazyMax e12cbe383a Merge pull request #1026 from docker/dependabot/github_actions/actions/checkout-7.0.0
build(deps): bump actions/checkout from 6.0.3 to 7.0.0
2026-07-01 17:28:18 +02:00
CrazyMax 9ef03105cf Merge pull request #1028 from docker/dependabot/npm_and_yarn/js-yaml-5.2.0
build(deps): bump js-yaml from 4.1.1 to 5.2.0
2026-07-01 17:27:51 +02:00
github-actions[bot] cca864db18 [dependabot skip] chore: update generated content 2026-07-01 15:24:52 +00:00
dependabot[bot] ecd3da5c9a build(deps): bump js-yaml from 4.1.1 to 5.2.0
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 5.2.0.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.1...5.2.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:23:59 +00:00
dependabot[bot] 9f1db17ebe build(deps): bump actions/checkout from 6.0.3 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:22:55 +00:00
CrazyMax c52380340b Merge pull request #1020 from docker/dependabot/npm_and_yarn/undici-6.27.0
build(deps): bump undici from 6.24.1 to 6.27.0
2026-07-01 17:19:54 +02:00
github-actions[bot] f941705c01 [dependabot skip] chore: update generated content 2026-07-01 15:16:40 +00:00
dependabot[bot] 1a44f13eda build(deps): bump undici from 6.24.1 to 6.27.0
Bumps [undici](https://github.com/nodejs/undici) from 6.24.1 to 6.27.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.24.1...v6.27.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 6.27.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:15:42 +00:00
CrazyMax 4691d54c76 Merge pull request #1023 from docker/dependabot/npm_and_yarn/sigstore/core-3.2.1
build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
2026-07-01 17:13:37 +02:00
CrazyMax 2564fa2273 Merge pull request #1019 from docker/dependabot/npm_and_yarn/vite-7.3.5
build(deps): bump vite from 7.3.3 to 7.3.6
2026-07-01 17:13:08 +02:00
CrazyMax 1d117b3de6 Merge pull request #1009 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.2.0
build(deps): bump aws-actions/configure-aws-credentials from 6.1.2 to 6.2.1
2026-07-01 17:12:12 +02:00
CrazyMax 54354cec26 Merge pull request #1014 from docker/dependabot/github_actions/github/codeql-action-4.36.2
build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
2026-07-01 17:11:38 +02:00
CrazyMax 291ce15746 Merge pull request #1015 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
2026-07-01 17:10:49 +02:00
dependabot[bot] d144cc9aaf build(deps): bump aws-actions/configure-aws-credentials
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.2 to 6.2.1.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/acca2b1b2070338fb9fd1ca27ecee81d687e58e5...254c19bd240aabef8777f48595e9d2d7b972184b)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-01 15:10:47 +00:00
CrazyMax 9bc29939f1 Merge pull request #1013 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
2026-07-01 17:10:25 +02:00
CrazyMax 42702f7ab5 Merge pull request #1012 from docker/dependabot/github_actions/actions/checkout-6.0.3
build(deps): bump actions/checkout from 6.0.2 to 6.0.3
2026-07-01 17:08:58 +02:00
CrazyMax c5a66b573f Merge pull request #1025 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
2026-07-01 14:00:00 +02:00
CrazyMax f356dc0f57 Merge pull request #1024 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
2026-07-01 13:59:57 +02:00
CrazyMax 82c046b85a chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-07-01 11:43:31 +02:00
CrazyMax f482210217 dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-30 11:08:58 +02:00
dependabot[bot] 528895cbd3 build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).


Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)

Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...46267a6e61cd56aac2fc79943df180152f4c89d6)

---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 05:52:19 +00:00
dependabot[bot] 3be61c42c8 build(deps): bump vite from 7.3.3 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.3 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-29 14:17:42 +00:00
github-actions[bot] 3d128cd17b chore: update generated content 2026-06-29 14:17:09 +00:00
dependabot[bot] 4755f4fe4d build(deps): bump @sigstore/core from 3.1.0 to 3.2.1
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/core@3.2.1)

---
updated-dependencies:
- dependency-name: "@sigstore/core"
  dependency-version: 3.2.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-29 14:16:11 +00:00
CrazyMax 17f7c1809f Merge pull request #1022 from crazy-max/fix-esbuild
preserve names in esbuild bundle
2026-06-29 16:14:30 +02:00
CrazyMax a2447fe0f6 preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-29 14:56:24 +02:00
temenuzhka-thede 3864d6aed8 Merge pull request #1018 from docker/sec-cli/npm-ci-20260612-182458
fix: replace npm install with npm ci (20260612-182458)
2026-06-12 14:10:03 -05:00
securityeng-bot[bot] 64b25388de fix: use lockfile-aware install commands 2026-06-12 18:24:59 +00:00
dependabot[bot] 17162ab65f build(deps): bump actions/checkout from 6.0.2 to 6.0.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-11 21:24:12 +00:00
CrazyMax 37a9a4b333 Merge pull request #1016 from docker/ci-ecr-oidc
ci: test AWS ECR with OIDC
2026-06-11 23:22:05 +02:00
CrazyMax eb1946f59c ci: test AWS ECR with OIDC
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2026-06-10 14:32:23 +02:00
dependabot[bot] c07548e8a6 build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-09 05:53:38 +00:00
dependabot[bot] 20036e466f build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-08 05:53:38 +00:00
17 changed files with 810 additions and 2120 deletions
+78 -23
View File
@@ -25,7 +25,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Stop docker
run: |
@@ -49,7 +49,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -67,7 +67,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -97,7 +97,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -122,7 +122,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to ACR
uses: ./
@@ -142,7 +142,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
@@ -161,7 +161,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to ECR
uses: ./
@@ -181,10 +181,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -195,6 +195,33 @@ jobs:
with:
registry: 175142243308.dkr.ecr.us-east-1.amazonaws.com
ecr-oidc:
permissions:
contents: read
id-token: write
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
role-to-assume: arn:aws:iam::175142243308:role/official_gha_cicd_login_action
aws-region: us-east-1
-
name: Login to ECR
uses: ./
with:
registry: 175142243308.dkr.ecr.us-east-1.amazonaws.com
ecr-public:
runs-on: ${{ matrix.os }}
strategy:
@@ -206,7 +233,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Public ECR
continue-on-error: ${{ matrix.os == 'windows-latest' }}
@@ -229,10 +256,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -244,6 +271,34 @@ jobs:
with:
registry: public.ecr.aws
ecr-public-oidc:
permissions:
contents: read
id-token: write
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1
with:
role-to-assume: arn:aws:iam::175142243308:role/official_gha_cicd_login_action
aws-region: us-east-1
-
name: Login to Public ECR
continue-on-error: ${{ matrix.os == 'windows-latest' }}
uses: ./
with:
registry: public.ecr.aws
ghcr:
runs-on: ${{ matrix.os }}
strategy:
@@ -255,7 +310,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -275,7 +330,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitLab
uses: ./
@@ -295,7 +350,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Google Artifact Registry
uses: ./
@@ -315,7 +370,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Google Container Registry
uses: ./
@@ -329,7 +384,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
uses: ./
@@ -352,7 +407,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
uses: ./
@@ -373,7 +428,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to registries
id: login
@@ -405,7 +460,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
@@ -435,7 +490,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to Docker Hub
uses: ./
@@ -465,7 +520,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
@@ -496,7 +551,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Login to GitHub Container Registry
uses: ./
+3 -3
View File
@@ -22,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Enable corepack
run: |
@@ -35,12 +35,12 @@ jobs:
node-version: ${{ env.NODE_VERSION }}
-
name: Initialize CodeQL
uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: javascript-typescript
build-mode: none
-
name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
category: "/language:javascript-typescript"
+1 -1
View File
@@ -11,7 +11,7 @@ on:
jobs:
run:
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
pull-requests: write
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Publish
uses: actions/publish-immutable-action@4bc8754ffc40f27910afb20287dbbbb675a4e978 # v0.0.4
+3 -3
View File
@@ -20,16 +20,16 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Test
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
uses: docker/bake-action@d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b # v7.3.0
with:
source: .
targets: test
-
name: Upload coverage
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
with:
files: ./coverage/clover.xml
token: ${{ secrets.CODECOV_TOKEN }}
+3 -3
View File
@@ -30,14 +30,14 @@ jobs:
permission-contents: write
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
token: ${{ steps.docker-read-app.outputs.token }}
-
name: Build
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
uses: docker/bake-action@d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b # v7.3.0
with:
source: .
targets: build
@@ -50,7 +50,7 @@ jobs:
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add dist
git commit -m "chore: update generated content"
git commit -m "[dependabot skip] chore: update generated content"
git push
)
else
+3 -3
View File
@@ -22,11 +22,11 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
uses: docker/bake-action/subaction/matrix@d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b # v7.3.0
with:
target: validate
@@ -41,6 +41,6 @@ jobs:
steps:
-
name: Validate
uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
uses: docker/bake-action@d3418bd7d0e9324001bca92fa8ba175ea7e6dc9b # v7.3.0
with:
targets: ${{ matrix.target }}
+1 -1
View File
@@ -19,7 +19,7 @@ on:
jobs:
zizmor:
uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/zizmor.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
security-events: write
+3
View File
@@ -14,6 +14,9 @@ logFilters:
- code: YN0086
level: discard
npmPreapprovedPackages:
- "@docker/actions-toolkit"
compressionLevel: mixed
enableGlobalCache: false
enableHardenedMode: true
+36 -1
View File
@@ -1,4 +1,4 @@
import {afterEach, expect, test} from 'vitest';
import {afterEach, expect, test, vi} from 'vitest';
import * as path from 'path';
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
@@ -6,6 +6,7 @@ import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
import {getAuthList, getInputs} from '../src/context.js';
afterEach(() => {
vi.restoreAllMocks();
for (const key of Object.keys(process.env)) {
if (key.startsWith('INPUT_')) {
delete process.env[key];
@@ -33,3 +34,37 @@ test('getAuthList uses the default Docker Hub registry when computing scoped con
configDir: path.join(Buildx.configDir, 'config', 'registry-1.docker.io', 'myscope')
});
});
test('getAuthList skips secret masking when registry-auth password is absent', async () => {
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
const [auth] = getAuthList({
registry: '',
username: '',
password: '',
scope: '',
ecr: '',
logout: true,
registryAuth: '- registry: public.ecr.aws\n'
});
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).not.toContain('::add-mask::');
expect(auth).toMatchObject({
registry: 'public.ecr.aws',
ecr: 'auto'
});
});
test('getAuthList masks registry-auth password when present', async () => {
const stdoutWriteSpy = vi.spyOn(process.stdout, 'write').mockImplementation(() => true);
getAuthList({
registry: '',
username: '',
password: '',
scope: '',
ecr: '',
logout: true,
registryAuth: '- registry: ghcr.io\n username: dbowie\n password: groundcontrol\n'
});
expect(stdoutWriteSpy.mock.calls.map(call => call[0]).join('')).toContain('::add-mask::groundcontrol');
});
+1 -1
View File
@@ -17,7 +17,7 @@ FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/.yarn/cache \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /vendor && cp yarn.lock /vendor
yarn install --immutable && mkdir /vendor && cp yarn.lock /vendor
FROM scratch AS vendor-update
COPY --from=deps /vendor /
Generated Vendored
+155 -167
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+4 -4
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+46 -1360
View File
File diff suppressed because it is too large Load Diff
+7 -7
View File
@@ -4,7 +4,7 @@
"type": "module",
"main": "src/main.ts",
"scripts": {
"build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify && yarn run license",
"build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify --keep-names && yarn run license",
"lint": "eslint --max-warnings=0 .",
"format": "eslint --fix .",
"test": "vitest run",
@@ -24,12 +24,12 @@
"packageManager": "yarn@4.15.0",
"dependencies": {
"@actions/core": "^3.0.1",
"@aws-sdk/client-ecr": "^3.1050.0",
"@aws-sdk/client-ecr-public": "^3.1050.0",
"@docker/actions-toolkit": "^0.91.0",
"http-proxy-agent": "^9.0.0",
"https-proxy-agent": "^9.0.0",
"js-yaml": "^4.1.1"
"@aws-sdk/client-ecr": "^3.1077.0",
"@aws-sdk/client-ecr-public": "^3.1077.0",
"@docker/actions-toolkit": "^0.92.0",
"http-proxy-agent": "^9.1.0",
"https-proxy-agent": "^9.1.0",
"js-yaml": "^5.2.0"
},
"devDependencies": {
"@eslint/js": "^9.39.3",
+3 -1
View File
@@ -53,7 +53,9 @@ export function getAuthList(inputs: Inputs): Array<Auth> {
});
} else {
auths = (yaml.load(inputs.registryAuth) as Array<Auth>).map(auth => {
core.setSecret(auth.password); // redacted in workflow logs
if (auth.password) {
core.setSecret(auth.password); // redacted in workflow logs
}
const registry = auth.registry || 'docker.io';
return {
registry,
+462 -541
View File
File diff suppressed because it is too large Load Diff