dependabot[bot]
|
2538bcf92b
|
chore(deps): Bump undici from 6.25.0 to 6.27.0
Bumps [undici](https://github.com/nodejs/undici) from 6.25.0 to 6.27.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.25.0...v6.27.0)
---
updated-dependencies:
- dependency-name: undici
dependency-version: 6.27.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-02 08:02:28 +00:00 |
|
CrazyMax
|
d90dd465e0
|
Merge pull request #688 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0
chore(deps): Bump js-yaml from 4.1.1 to 4.3.0
|
2026-07-02 10:00:21 +02:00 |
|
CrazyMax
|
25e0734ed4
|
Merge pull request #685 from docker/dependabot/npm_and_yarn/vite-7.3.5
chore(deps): Bump vite from 7.3.2 to 7.3.6
|
2026-07-02 09:59:54 +02:00 |
|
CrazyMax
|
e9f6281329
|
Merge pull request #683 from docker/dependabot/npm_and_yarn/csv-parse-7.0.0
chore(deps): Bump csv-parse from 6.2.1 to 7.0.0
|
2026-07-02 09:59:28 +02:00 |
|
github-actions[bot]
|
662982e6ad
|
[dependabot skip] chore: update generated content
|
2026-07-02 07:57:51 +00:00 |
|
github-actions[bot]
|
8cb42a736d
|
[dependabot skip] chore: update generated content
|
2026-07-02 07:57:45 +00:00 |
|
dependabot[bot]
|
a2ac6757c7
|
chore(deps): Bump js-yaml from 4.1.1 to 4.3.0
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 4.3.0.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.1...4.3.0)
---
updated-dependencies:
- dependency-name: js-yaml
dependency-version: 4.2.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-02 07:56:52 +00:00 |
|
dependabot[bot]
|
2f18853aff
|
chore(deps): Bump csv-parse from 6.2.1 to 7.0.0
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 6.2.1 to 7.0.0.
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@7.0.0/packages/csv-parse)
---
updated-dependencies:
- dependency-name: csv-parse
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-02 07:56:48 +00:00 |
|
CrazyMax
|
99b992b69c
|
Merge pull request #693 from docker/dependabot/npm_and_yarn/sigstore/verify-3.1.1
chore(deps): Bump @sigstore/verify from 3.1.0 to 3.1.1
|
2026-07-02 09:55:59 +02:00 |
|
CrazyMax
|
f5d3f0bb4f
|
Merge pull request #678 from docker/dependabot/github_actions/crazy-max-dot-github-a6a0ecf511
chore(deps): Bump the crazy-max-dot-github group across 1 directory with 2 updates
|
2026-07-02 09:43:01 +02:00 |
|
CrazyMax
|
ad815f93b1
|
Merge pull request #684 from docker/dependabot/github_actions/actions/checkout-7.0.0
chore(deps): Bump actions/checkout from 6.0.2 to 7.0.0
|
2026-07-02 09:42:40 +02:00 |
|
CrazyMax
|
e7c990b5e8
|
Merge pull request #681 from docker/dependabot/github_actions/github/codeql-action-4.36.2
chore(deps): Bump github/codeql-action from 4.36.0 to 4.36.2
|
2026-07-02 09:42:18 +02:00 |
|
CrazyMax
|
41cf1318aa
|
Merge pull request #679 from docker/dependabot/github_actions/codecov/codecov-action-7.0.0
chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0
|
2026-07-02 09:41:52 +02:00 |
|
dependabot[bot]
|
4f8aff440c
|
chore(deps): Bump @sigstore/verify from 3.1.0 to 3.1.1
Bumps [@sigstore/verify](https://github.com/sigstore/sigstore-js) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/sigstore@3.1.0...@sigstore/verify@3.1.1)
---
updated-dependencies:
- dependency-name: "@sigstore/verify"
dependency-version: 3.1.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-02 04:23:50 +00:00 |
|
dependabot[bot]
|
2785aeedfc
|
chore(deps): Bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).
Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)
Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)
---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
dependency-version: 1.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: crazy-max-dot-github
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-07-01 19:22:23 +00:00 |
|
CrazyMax
|
860a41aba4
|
Merge pull request #692 from crazy-max/fix-yarn-preapprove-actions-toolkit
chore: allow actions-toolkit to bypass yarn age gate
|
2026-07-01 14:00:37 +02:00 |
|
CrazyMax
|
23422a030c
|
Merge pull request #691 from crazy-max/dependabot-skip-update-dist
dependabot: skip for update-dist commits
|
2026-07-01 14:00:23 +02:00 |
|
CrazyMax
|
2a674ccb52
|
chore: allow actions-toolkit to bypass yarn age gate
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-07-01 11:43:32 +02:00 |
|
CrazyMax
|
5185deded3
|
dependabot: skip for update-dist commits
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-30 11:09:07 +02:00 |
|
dependabot[bot]
|
9f63154d50
|
chore(deps): Bump vite from 7.3.2 to 7.3.6
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.2 to 7.3.6.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 7.3.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-29 14:18:11 +00:00 |
|
CrazyMax
|
45b1914810
|
Merge pull request #689 from crazy-max/fix-esbuild
preserve names in esbuild bundle
|
2026-06-29 16:14:58 +02:00 |
|
CrazyMax
|
d3cc900f2d
|
preserve names in esbuild bundle
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-06-29 15:01:08 +02:00 |
|
dependabot[bot]
|
d8b45f9c76
|
chore(deps): Bump actions/checkout from 6.0.2 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](de0fac2e45...9c091bb21b)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-19 19:22:37 +00:00 |
|
temenuzhka-thede
|
020b7354dd
|
Merge pull request #682 from docker/sec-cli/npm-ci-20260612-184903
fix: replace npm install with npm ci (20260612-184903)
|
2026-06-12 14:10:33 -05:00 |
|
securityeng-bot[bot]
|
7f842e879c
|
fix: use lockfile-aware install commands
|
2026-06-12 18:49:05 +00:00 |
|
dependabot[bot]
|
58711ad468
|
chore(deps): Bump github/codeql-action from 4.36.0 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](7211b7c807...8aad20d150)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 19:24:29 +00:00 |
|
dependabot[bot]
|
7a9d9fefe1
|
chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e79a6962e0...fb8b3582c8)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-08 19:22:35 +00:00 |
|
CrazyMax
|
3caf19fbe3
|
Merge pull request #675 from crazy-max/yarn-update
update yarn to 4.15.0
|
2026-05-28 18:43:59 +02:00 |
|
CrazyMax
|
8016b4facd
|
update yarn to 4.15.0
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
|
2026-05-28 15:13:30 +02:00 |
|
CrazyMax
|
530a407188
|
Merge pull request #672 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0
chore(deps): Bump @docker/actions-toolkit from 0.90.0 to 0.91.0
|
2026-05-28 12:59:33 +02:00 |
|
github-actions[bot]
|
afa75d4359
|
chore: update generated content
|
2026-05-28 10:57:17 +00:00 |
|
dependabot[bot]
|
26a83f6e31
|
chore(deps): Bump @docker/actions-toolkit from 0.90.0 to 0.91.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.90.0...v0.91.0)
---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
dependency-version: 0.91.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 10:56:20 +00:00 |
|
CrazyMax
|
585dfe4a50
|
Merge pull request #663 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
|
2026-05-28 12:54:14 +02:00 |
|
github-actions[bot]
|
829c7e6ce9
|
chore: update generated content
|
2026-05-28 10:25:16 +00:00 |
|
dependabot[bot]
|
246bbe8935
|
chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 3.0.0 to 3.0.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-version: 3.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 10:24:18 +00:00 |
|
CrazyMax
|
ebb6b285fa
|
Merge pull request #666 from docker/dependabot/npm_and_yarn/actions/github-9.1.1
chore(deps): Bump @actions/github from 9.0.0 to 9.1.1
|
2026-05-28 12:22:11 +02:00 |
|
github-actions[bot]
|
cbc0ced701
|
chore: update generated content
|
2026-05-28 10:18:59 +00:00 |
|
dependabot[bot]
|
55d77601d7
|
chore(deps): Bump @actions/github from 9.0.0 to 9.1.1
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 9.0.0 to 9.1.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)
---
updated-dependencies:
- dependency-name: "@actions/github"
dependency-version: 9.1.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 10:17:58 +00:00 |
|
CrazyMax
|
f25e8d2521
|
Merge pull request #665 from docker/dependabot/npm_and_yarn/semver-7.8.0
chore(deps): Bump semver from 7.7.4 to 7.8.1
|
2026-05-28 11:35:07 +02:00 |
|
github-actions[bot]
|
8707af5b28
|
chore: update generated content
|
2026-05-28 08:44:56 +00:00 |
|
dependabot[bot]
|
f5b5258ae1
|
chore(deps): Bump semver from 7.7.4 to 7.8.1
Bumps [semver](https://github.com/npm/node-semver) from 7.7.4 to 7.8.1.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v7.7.4...v7.8.1)
---
updated-dependencies:
- dependency-name: semver
dependency-version: 7.8.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 08:43:59 +00:00 |
|
CrazyMax
|
83fa4edf37
|
Merge pull request #664 from docker/dependabot/npm_and_yarn/moment-timezone-0.6.2
chore(deps): Bump moment-timezone from 0.6.1 to 0.6.2
|
2026-05-28 10:41:57 +02:00 |
|
github-actions[bot]
|
c57fc5591a
|
chore: update generated content
|
2026-05-28 08:28:29 +00:00 |
|
dependabot[bot]
|
9c446bddcb
|
chore(deps): Bump moment-timezone from 0.6.1 to 0.6.2
Bumps [moment-timezone](https://github.com/moment/moment-timezone) from 0.6.1 to 0.6.2.
- [Release notes](https://github.com/moment/moment-timezone/releases)
- [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md)
- [Commits](https://github.com/moment/moment-timezone/compare/0.6.1...0.6.2)
---
updated-dependencies:
- dependency-name: moment-timezone
dependency-version: 0.6.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 08:27:31 +00:00 |
|
CrazyMax
|
9da27ef7f4
|
Merge pull request #673 from docker/dependabot/npm_and_yarn/tmp-0.2.7
chore(deps): Bump tmp from 0.2.5 to 0.2.7
|
2026-05-28 10:24:48 +02:00 |
|
github-actions[bot]
|
ba2f556688
|
chore: update generated content
|
2026-05-28 08:21:40 +00:00 |
|
dependabot[bot]
|
47ed4f4109
|
chore(deps): Bump tmp from 0.2.5 to 0.2.7
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.7)
---
updated-dependencies:
- dependency-name: tmp
dependency-version: 0.2.7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 08:20:41 +00:00 |
|
CrazyMax
|
e25b2146bd
|
Merge pull request #674 from docker/dependabot/github_actions/crazy-max/ghaction-dump-context-3.1.0
chore(deps): Bump crazy-max/ghaction-dump-context from 3.0.0 to 3.1.0
|
2026-05-28 09:57:10 +02:00 |
|
dependabot[bot]
|
a8639b7509
|
chore(deps): Bump crazy-max/ghaction-dump-context from 3.0.0 to 3.1.0
Bumps [crazy-max/ghaction-dump-context](https://github.com/crazy-max/ghaction-dump-context) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/crazy-max/ghaction-dump-context/releases)
- [Commits](5d2753e707...4d9eeaf15d)
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-dump-context
dependency-version: 3.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-05-28 07:55:44 +00:00 |
|
CrazyMax
|
4e03f56500
|
Merge pull request #671 from docker/sec-cli/ignore-scripts-fix-20260527-193116
ci: add ignore-scripts to Node package manager config (20260527-193116)
|
2026-05-28 09:53:58 +02:00 |
|