Bump the github-actions group with 5 updates #682

dependabot · 2024-06-01T06:44:38Z

Bumps the github-actions group with 5 updates:

Package	From	To
sigstore/cosign-installer	`3.4.0`	`3.5.0`
docker/setup-buildx-action	`3.0.0`	`3.3.0`
docker/login-action	`3.0.0`	`3.2.0`
docker/metadata-action	`5.0.0`	`5.5.1`
docker/build-push-action	`5.0.0`	`5.3.0`

Updates sigstore/cosign-installer from 3.4.0 to 3.5.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.5.0

What's Changed

Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in sigstore/cosign-installer#157

use go 1.22 now by @bobcallaway in sigstore/cosign-installer#160

bump default version to v2.2.4, prep for v3.5.0 release by @bobcallaway in sigstore/cosign-installer#159

Full Changelog: sigstore/cosign-installer@v3.4.0...v3.5.0

Commits

59acb62 bump default version to v2.2.4, prep for v3.5.0 release (#159)
22be4ce use go 1.22 now (#160)
162dfdf Bump actions/checkout from 4.1.1 to 4.1.2 (#157)
See full diff in compare view

Updates docker/setup-buildx-action from 3.0.0 to 3.3.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.3.0

Bump @docker/actions-toolkit from 0.19.0 to 0.20.0 by @crazy-max in docker/setup-buildx-action#307

Full Changelog: docker/setup-buildx-action@v3.2.0...v3.3.0

v3.2.0

Rename and align config inputs by @crazy-max in docker/setup-buildx-action#303

config to buildkitd-config

config-inline to buildkitd-config-inline

Bump @docker/actions-toolkit from 0.17.0 to 0.19.0 in docker/setup-buildx-action#302 docker/setup-buildx-action#306

[!NOTE] config and config-inline input names are deprecated and will be removed in next major release.

Full Changelog: docker/setup-buildx-action@v3.1.0...v3.2.0

v3.1.0

cache-binary input to enable/disable caching binary to GHA cache backend by @crazy-max in docker/setup-buildx-action#300

build(deps): bump @babel/traverse from 7.17.3 to 7.23.2 in docker/setup-buildx-action#282

build(deps): bump @docker/actions-toolkit from 0.12.0 to 0.17.0 in docker/setup-buildx-action#281 docker/setup-buildx-action#284 docker/setup-buildx-action#299

build(deps): bump uuid from 9.0.0 to 9.0.1 in docker/setup-buildx-action#271

build(deps): bump undici from 5.26.3 to 5.28.3 in docker/setup-buildx-action#297

Full Changelog: docker/setup-buildx-action@v3.0.0...v3.1.0

Commits

d70bba7 Merge pull request #307 from crazy-max/bump-toolkit
7638634 chore: update generated content
c68420f bump @docker/actions-toolkit from 0.19.0 to 0.20.0
2b51285 Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...
0f00370 chore: update generated content
11c9683 build(deps): bump @docker/actions-toolkit from 0.18.0 to 0.19.0
56a16b8 Merge pull request #303 from crazy-max/fix-inputs
c23f46e chore: update generated content
f876da6 rename and align config inputs
b7cf918 Merge pull request #304 from crazy-max/rm-docs-dir
Additional commits viewable in compare view

Updates docker/login-action from 3.0.0 to 3.2.0

Release notes

Sourced from docker/login-action's releases.

v3.2.0

Improve missing username/password by @Frankkkkk in docker/login-action#706

Bump @docker/actions-toolkit from 0.18.0 to 0.24.0 in docker/login-action#715 docker/login-action#721

Bump aws-sdk-dependencies to 3.583.0 in docker/login-action#720

Bump undici from 5.28.3 to 5.28.4 in docker/login-action#694

Full Changelog: docker/login-action@v3.1.0...v3.2.0

v3.1.0

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/login-action#618

Bump @docker/actions-toolkit from 0.12.0 to 0.18.0 in docker/login-action#616 docker/login-action#636 docker/login-action#682

Bump aws-sdk dependencies to 3.529.1 in docker/login-action#624 docker/login-action#685

Bump http-proxy-agent to 7.0.2 in docker/login-action#676

Bump https-proxy-agent to 7.0.4 in docker/login-action#676

Bump undici from 5.26.5 to 5.28.3 in docker/login-action#677

Full Changelog: docker/login-action@v3.0.0...v3.1.0

Commits

0d4c9c5 Merge pull request #722 from crazy-max/update-readme
b29e14f add contributing section to README
218a70c Merge pull request #721 from docker/dependabot/npm_and_yarn/docker/actions-to...
b820080 build(deps): bump @docker/actions-toolkit from 0.23.0 to 0.24.0
27530a9 Merge pull request #720 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
d072a60 chore: update generated content
7c627b5 build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
787cfc6 Merge pull request #694 from docker/dependabot/npm_and_yarn/undici-5.28.4
8e66e91 chore: update generated content
5ba5e97 build(deps): bump undici from 5.28.3 to 5.28.4
Additional commits viewable in compare view

Updates docker/metadata-action from 5.0.0 to 5.5.1

Release notes

Sourced from docker/metadata-action's releases.

v5.5.1

Don't set cwd:// prefix for local bake files by @crazy-max in docker/metadata-action#382

Full Changelog: docker/metadata-action@v5.5.0...v5.5.1

v5.5.0

Set cwd:// prefix for bake files path by @crazy-max in docker/metadata-action#370

Bump @docker/actions-toolkit from 0.16.0 to 0.16.1 in docker/metadata-action#371

Bump moment from 2.29.4 to 2.30.1 in docker/metadata-action#373

Bump moment-timezone from 0.5.43 to 0.5.44 in docker/metadata-action#374

Full Changelog: docker/metadata-action@v5.4.0...v5.5.0

v5.4.0

Bump @docker/actions-toolkit from 0.15.0 to 0.16.0 in docker/metadata-action#369

Bump csv-parse from 5.5.2 to 5.5.3 in docker/metadata-action#365

Full Changelog: docker/metadata-action@v5.3.0...v5.4.0

v5.3.0

Bump @docker/actions-toolkit from 0.14.0 to 0.15.0 in docker/metadata-action#363 (fixes #362)

Full Changelog: docker/metadata-action@v5.2.0...v5.3.0

v5.2.0

Custom annotations support by @crazy-max in docker/metadata-action#361

Full Changelog: docker/metadata-action@v5.1.0...v5.2.0

v5.1.0

Annotations support by @crazy-max in docker/metadata-action#352

Split bake definition into two files by @crazy-max in docker/metadata-action#353

Allow images input to be empty to output bare tags by @crazy-max in docker/metadata-action#358

Bump @actions/github from 5.1.1 to 6.0.0 in docker/metadata-action#348

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/metadata-action#350

Bump @docker/actions-toolkit from 0.12.0 to 0.14.0 in docker/metadata-action#349 docker/metadata-action#357

Bump csv-parse from 5.5.0 to 5.5.2 in docker/metadata-action#346

Bump semver from 7.5.3 to 7.5.4 in docker/metadata-action#335

Full Changelog: docker/metadata-action@v5.0.0...v5.1.0

Commits

8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
eda41b7 chore: update generated content
388c08f don't set cwd:// prefix for local bake files
dbef880 Merge pull request #374 from docker/dependabot/npm_and_yarn/moment-timezone-0...
b73e7a7 chore: update generated content
b9fba69 chore(deps): Bump moment-timezone from 0.5.43 to 0.5.44
ac82374 Merge pull request #373 from docker/dependabot/npm_and_yarn/moment-2.30.1
c92519a chore: update generated content
3b4179d chore(deps): Bump moment from 2.29.4 to 2.30.1
0784993 Merge pull request #371 from docker/dependabot/npm_and_yarn/docker/actions-to...
Additional commits viewable in compare view

Updates docker/build-push-action from 5.0.0 to 5.3.0

Release notes

Sourced from docker/build-push-action's releases.

v5.3.0

Bump @docker/actions-toolkit from 0.18.0 to 0.19.0 in docker/build-push-action#1080

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Disable quotes detection for outputs input by @crazy-max in docker/build-push-action#1074

Warn about ignored inputs by @favonia in docker/build-push-action#1019

Bump @docker/actions-toolkit from 0.14.0 to 0.18.0 in docker/build-push-action#1070

Bump undici from 5.26.3 to 5.28.3 in docker/build-push-action#1057

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

v5.1.0

Add annotations input by @crazy-max in docker/build-push-action#992

Add secret-envs input by @elias-lundgren in docker/build-push-action#980

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/build-push-action#991

Bump @docker/actions-toolkit from 0.13.0-rc.1 to 0.14.0 in docker/build-push-action#990 docker/build-push-action#1006

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

Commits

2cdde99 Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...
008747a chore: update generated content
1580753 chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0
2a7db1d Merge pull request #1075 from crazy-max/ci-multi-output
35e7dd5 ci: test multi output
af5a7ed Merge pull request #1074 from crazy-max/build-cmd-debug
2a85189 chore: update generated content
6c20794 disable quotes detection for "outputs" input
afdf0c0 chore: debug build cmd and args
00ae31a Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.4.0` | `3.5.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.3.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.0.0` | `3.2.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.0.0` | `5.5.1` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.0.0` | `5.3.0` | Updates `sigstore/cosign-installer` from 3.4.0 to 3.5.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@e1523de...59acb62) Updates `docker/setup-buildx-action` from 3.0.0 to 3.3.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@f95db51...d70bba7) Updates `docker/login-action` from 3.0.0 to 3.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@343f7c4...0d4c9c5) Updates `docker/metadata-action` from 5.0.0 to 5.5.1 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@96383f4...8e5442c) Updates `docker/build-push-action` from 5.0.0 to 5.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@0565240...2cdde99) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 1, 2024

florianfesti merged commit f9c99d2 into master Jun 1, 2024
3 checks passed

dependabot bot deleted the dependabot/github_actions/github-actions-45b2b8abcc branch June 1, 2024 09:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the github-actions group with 5 updates #682

Bump the github-actions group with 5 updates #682

dependabot bot commented on behalf of github Jun 1, 2024

Bump the github-actions group with 5 updates #682

Bump the github-actions group with 5 updates #682

Conversation

dependabot bot commented on behalf of github Jun 1, 2024

v3.5.0

What's Changed

v3.3.0

v3.2.0

v3.1.0

v3.2.0

v3.1.0

v5.5.1

v5.5.0

v5.4.0

v5.3.0

v5.2.0

v5.1.0

v5.3.0

v5.2.0

v5.1.0