github-actions[bot]
|
146a460e6d
|
[dependabot skip] chore: update generated content
|
2026-07-01 12:10:56 +00:00 |
|
dependabot[bot]
|
e04d0bad3c
|
chore(deps): bump js-yaml from 4.1.1 to 4.3.0
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 4.3.0.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.1...4.3.0)
---
updated-dependencies:
- dependency-name: js-yaml
dependency-version: 4.3.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-01 12:09:59 +00:00 |
|
CrazyMax
|
6ba698af1b
|
Merge pull request #106 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
|
2026-07-01 14:08:41 +02:00 |
|
CrazyMax
|
daf7ec5eda
|
Merge pull request #104 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
chore(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
|
2026-07-01 14:08:14 +02:00 |
|
CrazyMax
|
bf10f6e6a0
|
Merge pull request #105 from docker/dependabot/github_actions/github/codeql-action-4.36.2
chore(deps): bump github/codeql-action from 4.36.0 to 4.36.2
|
2026-07-01 14:07:51 +02:00 |
|
CrazyMax
|
a55b08de68
|
Merge pull request #110 from docker/dependabot/npm_and_yarn/vite-7.3.5
chore(deps): bump vite from 7.3.3 to 7.3.6
|
2026-07-01 14:07:01 +02:00 |
|
CrazyMax
|
2a56b96c64
|
Merge pull request #115 from docker/dependabot/npm_and_yarn/sigstore/core-3.2.1
chore(deps): bump @sigstore/core from 3.1.0 to 3.2.1
|
2026-07-01 14:06:21 +02:00 |
|
CrazyMax
|
398185fd5e
|
Merge pull request #117 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
|
2026-07-01 12:50:50 +02:00 |
|
CrazyMax
|
0b6d64dd19
|
Merge pull request #116 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
|
2026-07-01 12:50:41 +02:00 |
|
CrazyMax
|
b7884b55c0
|
chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-07-01 11:43:34 +02:00 |
|
CrazyMax
|
31417945f5
|
dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-30 11:09:28 +02:00 |
|
dependabot[bot]
|
9668eca79b
|
chore(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)
Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)
---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-30 01:32:44 +00:00 |
|
dependabot[bot]
|
a4632bf49a
|
chore(deps): bump vite from 7.3.3 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.3 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 7.3.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:18:30 +00:00 |
|
github-actions[bot]
|
e94f5ff3d8
|
chore: update generated content
|
2026-06-29 14:17:52 +00:00 |
|
dependabot[bot]
|
51d5930742
|
chore(deps): bump @sigstore/core from 3.1.0 to 3.2.1
Bumps [@sigstore/core](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.2.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/core@3.2.1)
---
updated-dependencies:
- dependency-name: "@sigstore/core"
dependency-version: 3.2.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:17:00 +00:00 |
|
CrazyMax
|
a8074e13c2
|
Merge pull request #114 from crazy-max/fix-esbuild
ci / main (latest) (push) Has been cancelled
ci / main (v2.32.4) (push) Has been cancelled
ci / multi (push) Has been cancelled
ci / standalone (push) Has been cancelled
ci / main () (push) Has been cancelled
ci / main (cloud:latest) (push) Has been cancelled
ci / main (cloud:v2.29.1-desktop.2) (push) Has been cancelled
codeql / analyze (push) Has been cancelled
test / test (push) Has been cancelled
validate / prepare (push) Has been cancelled
ci / cache-binary (false) (push) Has been cancelled
ci / cache-binary (true) (push) Has been cancelled
zizmor / zizmor (push) Has been cancelled
validate / validate (push) Has been cancelled
preserve names in esbuild bundle
|
2026-06-29 16:15:18 +02:00 |
|
CrazyMax
|
7fbdfd3c1a
|
preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-29 15:04:20 +02:00 |
|
Alexandre Vallières-Lagacé
|
6fe408f5ba
|
Merge pull request #107 from docker/sec-cli/npm-ci-20260615-142203
ci / main () (push) Has been cancelled
ci / main (cloud:latest) (push) Has been cancelled
ci / main (cloud:v2.29.1-desktop.2) (push) Has been cancelled
ci / main (latest) (push) Has been cancelled
ci / main (v2.32.4) (push) Has been cancelled
ci / multi (push) Has been cancelled
ci / standalone (push) Has been cancelled
ci / cache-binary (false) (push) Has been cancelled
ci / cache-binary (true) (push) Has been cancelled
zizmor / zizmor (push) Has been cancelled
codeql / analyze (push) Has been cancelled
validate / prepare (push) Has been cancelled
test / test (push) Has been cancelled
validate / validate (push) Has been cancelled
fix: replace npm install with npm ci (20260615-142203)
|
2026-06-15 11:53:25 -04:00 |
|
securityeng-bot[bot]
|
f6cde28f68
|
fix: use lockfile-aware install commands
|
2026-06-15 14:22:04 +00:00 |
|
dependabot[bot]
|
c1ee995bf9
|
chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e79a6962e0...fb8b3582c8)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 01:34:29 +00:00 |
|
dependabot[bot]
|
de9dc1b95d
|
chore(deps): bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](7211b7c807...8aad20d150)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 01:34:24 +00:00 |
|
CrazyMax
|
dd8b913e80
|
Merge pull request #101 from crazy-max/yarn-update
ci / main () (push) Has been cancelled
ci / main (cloud:latest) (push) Has been cancelled
validate / prepare (push) Has been cancelled
zizmor / zizmor (push) Has been cancelled
ci / main (v2.32.4) (push) Has been cancelled
ci / multi (push) Has been cancelled
validate / validate (push) Has been cancelled
ci / standalone (push) Has been cancelled
codeql / analyze (push) Has been cancelled
test / test (push) Has been cancelled
ci / main (cloud:v2.29.1-desktop.2) (push) Has been cancelled
ci / main (latest) (push) Has been cancelled
ci / cache-binary (false) (push) Has been cancelled
ci / cache-binary (true) (push) Has been cancelled
update yarn to 4.15.0
|
2026-05-28 18:45:01 +02:00 |
|
CrazyMax
|
168cd6c426
|
update yarn to 4.15.0
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 15:13:46 +02:00 |
|
CrazyMax
|
410c00e878
|
Merge pull request #100 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
ci / cache-binary (true) (push) Waiting to run
ci / main (cloud:v2.29.1-desktop.2) (push) Waiting to run
ci / main (latest) (push) Waiting to run
ci / multi (push) Waiting to run
validate / prepare (push) Waiting to run
ci / main (v2.32.4) (push) Waiting to run
ci / standalone (push) Waiting to run
ci / cache-binary (false) (push) Waiting to run
codeql / analyze (push) Waiting to run
test / test (push) Waiting to run
validate / validate (push) Blocked by required conditions
zizmor / zizmor (push) Waiting to run
ci / main () (push) Waiting to run
ci / main (cloud:latest) (push) Waiting to run
chore(deps): bump @actions/core from 3.0.0 to 3.0.1
|
2026-05-28 10:22:30 +02:00 |
|
CrazyMax
|
5d29e18d06
|
Merge pull request #99 from docker/sec-cli/ignore-scripts-fix-20260527-193420
ci: add ignore-scripts to Node package manager config (20260527-193420)
|
2026-05-28 09:59:38 +02:00 |
|
github-actions[bot]
|
70b1359563
|
chore: update generated content
|
2026-05-28 01:58:55 +00:00 |
|
dependabot[bot]
|
f0bcefd12e
|
chore(deps): bump @actions/core from 3.0.0 to 3.0.1
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 3.0.0 to 3.0.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-version: 3.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 01:58:09 +00:00 |
|
securityeng-bot[bot]
|
41e3c799a3
|
ci: enforce ignore-scripts policy for Node package managers
|
2026-05-27 20:05:06 +00:00 |
|
CrazyMax
|
16feee727c
|
Merge pull request #55 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.80.0
ci / main () (push) Waiting to run
ci / main (cloud:latest) (push) Waiting to run
ci / main (cloud:v2.29.1-desktop.2) (push) Waiting to run
ci / main (latest) (push) Waiting to run
ci / main (v2.32.4) (push) Waiting to run
ci / multi (push) Waiting to run
ci / standalone (push) Waiting to run
ci / cache-binary (false) (push) Waiting to run
ci / cache-binary (true) (push) Waiting to run
codeql / analyze (push) Waiting to run
test / test (push) Waiting to run
validate / prepare (push) Waiting to run
validate / validate (push) Blocked by required conditions
zizmor / zizmor (push) Waiting to run
chore(deps): bump @docker/actions-toolkit from 0.79.0 to 0.91.0
|
2026-05-27 12:04:17 +02:00 |
|
github-actions[bot]
|
739694b2b5
|
chore: update generated content
|
2026-05-27 10:02:59 +00:00 |
|
dependabot[bot]
|
ae3c6883b5
|
chore(deps): bump @docker/actions-toolkit from 0.79.0 to 0.91.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.79.0 to 0.91.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.79.0...v0.91.0)
---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
dependency-version: 0.80.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 10:02:11 +00:00 |
|
CrazyMax
|
f399cc13d4
|
Merge pull request #98 from docker/dependabot/npm_and_yarn/tmp-0.2.6
chore(deps): bump tmp from 0.2.5 to 0.2.6
|
2026-05-27 11:59:30 +02:00 |
|
github-actions[bot]
|
edef9342ff
|
chore: update generated content
|
2026-05-27 09:55:31 +00:00 |
|
dependabot[bot]
|
4c2012ebac
|
chore(deps): bump tmp from 0.2.5 to 0.2.6
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.6.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.6)
---
updated-dependencies:
- dependency-name: tmp
dependency-version: 0.2.6
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 09:54:37 +00:00 |
|
CrazyMax
|
430a1543b5
|
Merge pull request #70 from docker/dependabot/npm_and_yarn/handlebars-4.7.9
chore(deps): bump handlebars from 4.7.8 to 4.7.9
|
2026-05-27 11:52:40 +02:00 |
|
CrazyMax
|
929bb642cc
|
Merge pull request #69 from docker/dependabot/npm_and_yarn/brace-expansion-1.1.13
chore(deps): bump brace-expansion from 1.1.11 to 1.1.15
|
2026-05-27 11:52:14 +02:00 |
|
github-actions[bot]
|
86f8217480
|
chore: update generated content
|
2026-05-27 09:48:55 +00:00 |
|
dependabot[bot]
|
98cd8afa8b
|
chore(deps): bump brace-expansion from 1.1.11 to 1.1.15
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.15.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15)
---
updated-dependencies:
- dependency-name: brace-expansion
dependency-version: 1.1.13
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 09:48:03 +00:00 |
|
CrazyMax
|
7007c0e690
|
Merge pull request #63 from docker/dependabot/npm_and_yarn/flatted-3.4.2
chore(deps): bump flatted from 3.3.3 to 3.4.2
|
2026-05-27 11:47:38 +02:00 |
|
CrazyMax
|
39dc2ab81a
|
Merge pull request #66 from docker/dependabot/npm_and_yarn/picomatch-4.0.4
chore(deps): bump picomatch from 4.0.3 to 4.0.4
|
2026-05-27 11:47:14 +02:00 |
|
CrazyMax
|
63d8b08073
|
Merge pull request #61 from docker/dependabot/npm_and_yarn/fast-xml-parser-5.5.7
chore(deps): bump fast-xml-parser from 5.4.1 to 5.8.0
|
2026-05-27 11:46:40 +02:00 |
|
github-actions[bot]
|
3f89bb310a
|
chore: update generated content
|
2026-05-27 09:25:33 +00:00 |
|
dependabot[bot]
|
d1b512a64d
|
chore(deps): bump fast-xml-parser from 5.4.1 to 5.8.0
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.4.1 to 5.8.0.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.4.1...v5.8.0)
---
updated-dependencies:
- dependency-name: fast-xml-parser
dependency-version: 5.5.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 09:24:40 +00:00 |
|
CrazyMax
|
10b1732771
|
Merge pull request #60 from docker/dependabot/npm_and_yarn/glob-10.5.0
chore(deps): bump glob from 10.3.12 to 10.5.0
|
2026-05-27 11:22:29 +02:00 |
|
github-actions[bot]
|
458aba5714
|
chore: update generated content
|
2026-05-27 09:19:48 +00:00 |
|
dependabot[bot]
|
fa4cd0b677
|
chore(deps): bump glob from 10.3.12 to 10.5.0
Bumps [glob](https://github.com/isaacs/node-glob) from 10.3.12 to 10.5.0.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v10.3.12...v10.5.0)
---
updated-dependencies:
- dependency-name: glob
dependency-version: 10.5.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 09:18:45 +00:00 |
|
CrazyMax
|
2f86995c1e
|
Merge pull request #56 from docker/dependabot/npm_and_yarn/undici-6.24.0
chore(deps): bump undici from 6.23.0 to 6.26.0
|
2026-05-27 11:16:32 +02:00 |
|
github-actions[bot]
|
7928dbcb29
|
chore: update generated content
|
2026-05-27 09:15:03 +00:00 |
|
dependabot[bot]
|
765536d1ed
|
chore(deps): bump undici from 6.23.0 to 6.26.0
Bumps [undici](https://github.com/nodejs/undici) from 6.23.0 to 6.26.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.23.0...v6.26.0)
---
updated-dependencies:
- dependency-name: undici
dependency-version: 6.24.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-27 09:14:12 +00:00 |
|
CrazyMax
|
86497b0f6e
|
Merge pull request #78 from docker/dependabot/npm_and_yarn/lodash-4.18.1
chore(deps): bump lodash from 4.17.23 to 4.18.1
|
2026-05-27 11:11:35 +02:00 |
|