chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.4

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](c10b8064de...68bde559de) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #1524 from docker/dependabot/github_actions/crazy-max-dot-github-a3893cf95f
2026-05-14 09:59:35 +08:00 · 2026-05-11 18:38:21 +00:00 · 2026-04-27 09:36:37 +02:00 · 2026-04-24 11:52:30 +00:00
3 changed files with 4 additions and 4 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,12 +35,12 @@ jobs:
          node-version: ${{ env.NODE_VERSION }}
      -
        name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
        with:
          languages: javascript-typescript
          build-mode: none
      -
        name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
        with:
          category: "/language:javascript-typescript"
--- a/.github/workflows/pr-assign-author.yml
+++ b/.github/workflows/pr-assign-author.yml
@@ -11,7 +11,7 @@ on:

 jobs:
  run:
-    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@4a17dbaa9ce13920fc5bb8824eb89c16301e5ab2 # v1.7.0
+    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@64a0bfaf6e6bb1c448d6e4c42b11034ee7094f16 # v1.7.1
    permissions:
      contents: read
      pull-requests: write
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -19,7 +19,7 @@ on:

 jobs:
  zizmor:
-    uses: crazy-max/.github/.github/workflows/zizmor.yml@4a17dbaa9ce13920fc5bb8824eb89c16301e5ab2 # v1.7.0
+    uses: crazy-max/.github/.github/workflows/zizmor.yml@64a0bfaf6e6bb1c448d6e4c42b11034ee7094f16 # v1.7.1
    permissions:
      contents: read
      security-events: write
Author	SHA1	Message	Date
dependabot[bot]	736a522e58	chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`c10b8064de...68bde559de`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-11 18:38:21 +00:00
CrazyMax	789f686580	Merge pull request #1524 from docker/dependabot/github_actions/crazy-max-dot-github-a3893cf95f Some checks failed codeql / analyze (push) Failing after 59s Details zizmor / zizmor (push) Failing after 1s Details validate / prepare (push) Successful in 22s Details test / test (push) Successful in 1m13s Details validate / validate (push) Successful in 1m9s Details e2e / build (acr, Azure Container Registry, officialgithubactions.azurecr.io, officialgithubactions.azurecr.io/test-docker-action, remote) (push) Failing after 5s Details e2e / build (dockerhub, Docker Hub, , ghactionstest/ghactionstest, remote) (push) Failing after 4s Details e2e / build (none, harbor, Harbor, local) (push) Failing after 4s Details e2e / build (none, nexus, Nexus, local) (push) Failing after 4s Details e2e / build (aws, AWS ECR, 175142243308.dkr.ecr.us-east-2.amazonaws.com, 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action, remote) (push) Failing after 24s Details e2e / build (quay, Quay, quay.io, quay.io/docker_build_team/ghactiontest, remote) (push) Failing after 4s Details ci / git-context (push) Failing after 6s Details ci / git-context-query (push) Failing after 5s Details ci / git-context-secret (push) Failing after 7s Details ci / error-buildx (push) Failing after 4s Details ci / error (push) Failing after 11s Details ci / docker-driver (push) Failing after 6s Details e2e / build (artifactory, Artifactory, infradock.jfrog.io, infradock.jfrog.io/test-ghaction/build-push-action, remote) (push) Failing after 45s Details e2e / build (aws, AWS ECR Public, public.ecr.aws, public.ecr.aws/q3b5f1u4/test-docker-action, remote) (push) Failing after 1m6s Details e2e / build (gar, Google Artifact Registry, us-east4-docker.pkg.dev, us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action, remote) (push) Failing after 1m2s Details e2e / build (ghcr, GitHub, ghcr.io, ghcr.io/docker-ghactiontest/test, remote) (push) Failing after 40s Details e2e / build (gitlab, GitLab, registry.gitlab.com, registry.gitlab.com/test1716/test, remote) (push) Failing after 1m6s Details e2e / build (none, distribution, Distribution, local) (push) Failing after 35s Details ci / path-context (push) Failing after 29s Details ci / example (push) Failing after 28s Details ci / export-docker (push) Successful in 12s Details ci / secret (push) Failing after 4s Details ci / secret-envs (push) Failing after 4s Details ci / cgroup-parent (push) Failing after 4s Details ci / attests-compat (moby/buildkit:buildx-stable-1, latest) (push) Failing after 4s Details ci / secret-files (push) Successful in 22s Details ci / attests-compat (moby/buildkit:buildx-stable-1, v0.9.1) (push) Failing after 3s Details ci / network (push) Successful in 22s Details ci / shm-size (push) Successful in 22s Details ci / ulimit (push) Successful in 21s Details ci / add-hosts (push) Successful in 21s Details ci / no-cache-filters (push) Successful in 21s Details ci / attests-compat (moby/buildkit:latest, edge) (push) Failing after 4s Details ci / provenance (mode=max, /tmp/buildx-build, binary) (push) Failing after 6s Details ci / sbom (/tmp/buildx-build, binary) (push) Failing after 7s Details ci / sbom (type=image,name=localhost:5000/name/app:latest,push=true, image) (push) Failing after 6s Details ci / multi (multi) (push) Failing after 6s Details ci / multi (multi-sudo) (push) Failing after 7s Details ci / digest (docker, false, false) (push) Failing after 7s Details ci / digest (docker, false, true) (push) Failing after 5s Details ci / digest (docker, true, false) (push) Failing after 6s Details ci / digest (docker-container, false, false) (push) Failing after 7s Details ci / attests-compat (moby/buildkit:v0.10.6, latest) (push) Successful in 32s Details ci / digest (docker-container, false, true) (push) Failing after 6s Details ci / digest (docker-container, true, false) (push) Failing after 7s Details ci / registry-cache (push) Failing after 6s Details ci / minimal (push) Successful in 1m47s Details ci / provenance (, type=image,name=localhost:5000/name/app:latest,push=true, image) (push) Failing after 37s Details ci / provenance (mode=max, type=image,name=localhost:5000/name/app:latest,push=true, image) (push) Failing after 33s Details ci / github-cache (push) Failing after 6s Details ci / local-cache (push) Failing after 7s Details ci / provenance (, /tmp/buildx-build, binary) (push) Failing after 40s Details ci / proxy-buildkitd (push) Failing after 5s Details ci / proxy-docker-config (push) Failing after 8s Details ci / annotations (push) Failing after 8s Details ci / standalone (push) Successful in 20s Details ci / docker-config-malformed (push) Successful in 15s Details ci / multi-output (push) Failing after 7s Details ci / named-context-pin (push) Successful in 24s Details ci / named-context-docker (push) Successful in 22s Details ci / summary-not-supported (push) Failing after 4s Details ci / named-context-container (push) Successful in 25s Details ci / checks (edge) (push) Failing after 4s Details ci / load-and-push (push) Failing after 29s Details ci / annotations-disabled (push) Failing after 4s Details ci / call-check (push) Failing after 4s Details ci / checks (latest) (push) Successful in 19s Details ci / checks (v0.14.1) (push) Successful in 20s Details ci / no-default-attestations (push) Failing after 4s Details ci / summary-disable (push) Successful in 4m42s Details ci / record-upload-disable (push) Successful in 4m48s Details ci / record-retention-days (2) (push) Successful in 4m46s Details ci / record-retention-days (0) (push) Successful in 4m49s Details chore(deps): Bump the crazy-max-dot-github group with 2 updates	2026-04-27 09:36:37 +02:00
dependabot[bot]	3ff27d3602	chore(deps): Bump the crazy-max-dot-github group with 2 updates Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github). Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.7.0 to 1.7.1 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](`4a17dbaa9c...64a0bfaf6e`) Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.7.0 to 1.7.1 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](`4a17dbaa9c...64a0bfaf6e`) --- updated-dependencies: - dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml dependency-version: 1.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: crazy-max-dot-github - dependency-name: crazy-max/.github/.github/workflows/zizmor.yml dependency-version: 1.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: crazy-max-dot-github ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-24 11:52:30 +00:00