Bump the ci group across 1 directory with 10 updates #53
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the ci group with 10 updates in the / directory:
3.0.0
3.3.0
1
3
5.4.0
5.5.1
5.1.0
5.4.0
3.3.0
3.5.0
1.9.0
2.0.0
5.0.0
5.0.1
0.15.1
0.16.0
5.0.0
6.0.0
1.2.2
1.9.3
Updates
docker/setup-buildx-action
from 3.0.0 to 3.3.0Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
d70bba7
Merge pull request #307 from crazy-max/bump-toolkit7638634
chore: update generated contentc68420f
bump@docker/actions-toolkit
from 0.19.0 to 0.20.02b51285
Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...0f00370
chore: update generated content11c9683
build(deps): bump@docker/actions-toolkit
from 0.18.0 to 0.19.056a16b8
Merge pull request #303 from crazy-max/fix-inputsc23f46e
chore: update generated contentf876da6
rename and align config inputsb7cf918
Merge pull request #304 from crazy-max/rm-docs-dirUpdates
docker/login-action
from 1 to 3Release notes
Sourced from docker/login-action's releases.
... (truncated)
Commits
0d4c9c5
Merge pull request #722 from crazy-max/update-readmeb29e14f
add contributing section to README218a70c
Merge pull request #721 from docker/dependabot/npm_and_yarn/docker/actions-to...b820080
build(deps): bump@docker/actions-toolkit
from 0.23.0 to 0.24.027530a9
Merge pull request #720 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...d072a60
chore: update generated content7c627b5
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...787cfc6
Merge pull request #694 from docker/dependabot/npm_and_yarn/undici-5.28.48e66e91
chore: update generated content5ba5e97
build(deps): bump undici from 5.28.3 to 5.28.4Updates
docker/metadata-action
from 5.4.0 to 5.5.1Release notes
Sourced from docker/metadata-action's releases.
Commits
8e5442c
Merge pull request #382 from crazy-max/dont-set-cwd-prefixeda41b7
chore: update generated content388c08f
don't set cwd:// prefix for local bake filesdbef880
Merge pull request #374 from docker/dependabot/npm_and_yarn/moment-timezone-0...b73e7a7
chore: update generated contentb9fba69
chore(deps): Bump moment-timezone from 0.5.43 to 0.5.44ac82374
Merge pull request #373 from docker/dependabot/npm_and_yarn/moment-2.30.1c92519a
chore: update generated content3b4179d
chore(deps): Bump moment from 2.29.4 to 2.30.10784993
Merge pull request #371 from docker/dependabot/npm_and_yarn/docker/actions-to...Updates
docker/build-push-action
from 5.1.0 to 5.4.0Release notes
Sourced from docker/build-push-action's releases.
Commits
ca052bb
Merge pull request #1128 from crazy-max/builder-info025c205
chore: update generated content12076d2
show builder information before buildingef6cba3
Merge pull request #1127 from docker/dependabot/npm_and_yarn/docker/actions-t...4c16cf9
chore: update generated contenta3118a8
fixes since moved typesc86eb8b
chore(deps): Bump@docker/actions-toolkit
from 0.23.0 to 0.24.02a53c6c
Merge pull request #1122 from crazy-max/update-dev-depsccef1f2
chore: update generated content79117b6
chore: update dev dependenciesUpdates
sigstore/cosign-installer
from 3.3.0 to 3.5.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
59acb62
bump default version to v2.2.4, prep for v3.5.0 release (#159)22be4ce
use go 1.22 now (#160)162dfdf
Bump actions/checkout from 4.1.1 to 4.1.2 (#157)e1523de
default cosign install to release v2.2.3 (#156)b18d21a
Use examples that work with multiple tags (#155)Updates
slsa-framework/slsa-github-generator
from 1.9.0 to 2.0.0Release notes
Sourced from slsa-framework/slsa-github-generator's releases.
Changelog
Sourced from slsa-framework/slsa-github-generator's changelog.
Commits
5a775b3
chore: v2.0.0: update tags (#3583)41733f7
chore: v2.0.0-rc.0: update tags (#3578)3789345
docs: v.2.0.0: finalize CHANGELOG.md (#3577)02fc78b
fix: deadlock and improve debugging experience (#3570)4534a0b
break: Revert "chore: Revert "fix: upload-artifact and download-artifact v4""...e8c2dcf
fix(deps): Update Sigstore Dep to Sigstore 2.2.2 (#3491)2512315
feat(breaking): remove attestation-name input and output (#3456)4fbc6a9
chore: add ramonpetgrave64 to CODEOWNERS (#3490)8869c8a
fix: Switch to newer DSSE rekor type (#3299)9d81ca7
chore: Update slsa-verifier version (#3454)Updates
actions/setup-go
from 5.0.0 to 5.0.1Release notes
Sourced from actions/setup-go's releases.
Commits
cdcb360
Remove the description of the old go.mod specification (#458)99176a8
Update README.md with V5 release notes (#459)be1aa11
Bump undici from 5.28.2 to 5.28.3 (#465)6c1fd22
docs: bumpactions/setup-go
to v5 (#449)Updates
anchore/sbom-action
from 0.15.1 to 0.16.0Release notes
Sourced from anchore/sbom-action's releases.
... (truncated)
Commits
e8d2a69
chore(deps): update Syft to v1.4.1 (#465)610bea4
chore: update GitHub artifact client (#463)0445e23
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#464)a66e2f3
chore(deps): bump actions/checkout from 4.1.2 to 4.1.4 (#461)1abd786
chore(deps): bump peter-evans/create-pull-request from 6.0.2 to 6.0.5 (#462)7ccf588
chore(deps): update Syft to v1.3.0 (#456)7f33cf5
chore: remove outdated snapshot workflow (#457)04a486a
fix: extend existing environment when invoking syft instead of creating a new...ab5d7b5
chore(deps): update Syft to v1.1.0 (#454)6e7f9d7
chore(deps): bump release-drafter/release-drafter from 5.25.0 to 6.0.0 (#450)Updates
goreleaser/goreleaser-action
from 5.0.0 to 6.0.0Release notes
Sourced from goreleaser/goreleaser-action's releases.
Commits
286f3b1
ci: fix testsbeac410
ci: update workflow and .goreleaser.yml18bbabc
feat!: use "~> v2" as default (#463)5742e2a
chore: re-generate70ccc5d
chore(deps): bump@actions/http-client
from 2.2.0 to 2.2.1 (#451)d55bec7
chore(deps): bump semver from 7.6.0 to 7.6.2 (#462)f1dbd53
feat: lock this major version of the action to use '~> v1' as 'latest' (#461)2953d07
chore(deps): update http-client62d4b8a
chore: use corepack to install yarn (#458)f09f1a7
chore(deps): bump tar from 6.1.14 to 6.2.1 (#456)Updates
docker/scout-action
from 1.2.2 to 1.9.3Release notes
Sourced from docker/scout-action's releases.
... (truncated)
Commits
5dae9c7
Merge ce525ad95663800f78d7bf5d823d9b7162948178 into b0c66a3ccc2a4a8233b31a370...ce525ad
[BOT] Publish v1.9.3 releaseb0c66a3
Merge 71a25ddf64ec7e637d7a8c7f36df4b1ad53aca29 into cc6a9c02565075538531ec235...71a25dd
[BOT] Publish v1.9.1 releasecc6a9c0
Merge 60cde59fff2e094c9d80379e0071c43b7b38fde5 into 391866bddbb044600a1c5a476...60cde59
[BOT] Publish v1.8.0 release391866b
Merge dc175d65ad4d18d962520f8e5eee2648f4280dc7 into f7a51f737dc10e079eadcadfc...dc175d6
[BOT] Publish v1.7.1 releasef7a51f7
Merge 78d4ab6c12b92f3204838e250e8545a02566b290 into c01629436921e4c567967cbfa...78d4ab6
[BOT] Publish v1.7.0 releaseDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions