Merge pull request #557 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0

build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0

.github/workflows/ci.yml

@@ -88,7 +88,7 @@ jobs:
       -
         name: Dump context
         if: always()
-        uses: crazy-max/ghaction-dump-context@5d2753e7076f4568c7729971e25231f32147e2d8 # v3.0.0
+        uses: crazy-max/ghaction-dump-context@4d9eeaf15dd59aa4346919ea84a84ccf514b4db8 # v3.1.0
 
   debug:
     runs-on: ubuntu-latest
@@ -113,7 +113,7 @@ jobs:
           buildkitd-flags: --debug
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/ppc64le
@@ -243,7 +243,7 @@ jobs:
           buildkitd-config: /tmp/buildkitd.toml
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
 
@@ -270,7 +270,7 @@ jobs:
               mirrors = ["mirror.gcr.io"]
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
 
@@ -331,7 +331,7 @@ jobs:
           EOL
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
 
@@ -390,7 +390,7 @@ jobs:
           EOL
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
 
@@ -518,7 +518,7 @@ jobs:
           EOL
       -
         name: Build
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
         with:
           context: .
 

.github/workflows/codeql.yml

@@ -35,12 +35,12 @@ jobs:
           node-version: ${{ env.NODE_VERSION }}
       -
         name: Initialize CodeQL
-        uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
+        uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
         with:
           languages: javascript-typescript
           build-mode: none
       -
         name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
+        uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
         with:
           category: "/language:javascript-typescript"

.github/workflows/test.yml

@@ -26,7 +26,7 @@ jobs:
         uses: ./
       -
         name: Test
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           source: .
           targets: test

.github/workflows/update-dist.yml

@@ -37,7 +37,7 @@ jobs:
           token: ${{ steps.docker-read-app.outputs.token }}
       -
         name: Build
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           source: .
           targets: build

.github/workflows/validate.yml

@@ -26,7 +26,7 @@ jobs:
       -
         name: Generate matrix
         id: generate
-        uses: docker/bake-action/subaction/matrix@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action/subaction/matrix@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           target: validate
 
@@ -41,6 +41,6 @@ jobs:
     steps:
       -
         name: Validate
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
         with:
           targets: ${{ matrix.target }}

dist/licenses.txt

@@ -4,8 +4,8 @@ https://www.npmjs.com/package/generate-license-file
 The following npm packages may be included in this product:
 
  - @sigstore/bundle@4.0.0
- - @sigstore/core@3.1.0
  - @sigstore/core@3.2.0
+ - @sigstore/core@3.2.1
  - @sigstore/protobuf-specs@0.5.0
  - @sigstore/sign@4.1.1
  - @sigstore/tuf@4.0.2
@@ -218,7 +218,7 @@ Apache License
 
 The following npm package may be included in this product:
 
- - @docker/actions-toolkit@0.90.0
+ - @docker/actions-toolkit@0.91.0
 
 This package contains the following license:
 
@@ -2700,7 +2700,7 @@ END OF TERMS AND CONDITIONS
 
 The following npm package may be included in this product:
 
- - @sigstore/verify@3.1.0
+ - @sigstore/verify@3.1.1
 
 This package contains the following license:
 
@@ -3171,12 +3171,14 @@ The following npm packages may be included in this product:
  - @azure/core-client@1.10.1
  - @azure/core-http-compat@2.3.2
  - @azure/core-rest-pipeline@1.22.2
+ - @azure/core-rest-pipeline@1.23.0
  - @azure/core-tracing@1.3.1
  - @azure/core-util@1.13.1
  - @azure/core-xml@1.5.0
  - @azure/logger@1.3.0
  - @azure/storage-blob@12.31.0
  - @typespec/ts-http-runtime@0.3.3
+ - @typespec/ts-http-runtime@0.3.5
 
 These packages each contain the following license:
 
@@ -4958,7 +4960,7 @@ THE SOFTWARE.
 
 The following npm package may be included in this product:
 
- - tmp@0.2.5
+ - tmp@0.2.7
 
 This package contains the following license:
 
@@ -5550,7 +5552,7 @@ https://github.com/bitinn/node-fetch
 The following npm packages may be included in this product:
 
  - @actions/artifact@6.2.1
- - @actions/cache@6.0.0
+ - @actions/cache@6.0.1
  - @actions/core@3.0.0
  - @actions/core@3.0.1
  - @actions/exec@3.0.0

package.json

@@ -23,8 +23,8 @@
   "license": "Apache-2.0",
   "packageManager": "yarn@4.9.2",
   "dependencies": {
-    "@actions/core": "^3.0.0",
-    "@docker/actions-toolkit": "^0.90.0",
+    "@actions/core": "^3.0.1",
+    "@docker/actions-toolkit": "^0.91.0",
     "js-yaml": "^4.1.1"
   },
   "devDependencies": {

yarn.lock

@@ -34,20 +34,20 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@actions/cache@npm:^6.0.0":
-  version: 6.0.0
-  resolution: "@actions/cache@npm:6.0.0"
+"@actions/cache@npm:^6.0.1":
+  version: 6.0.1
+  resolution: "@actions/cache@npm:6.0.1"
   dependencies:
-    "@actions/core": "npm:^3.0.0"
+    "@actions/core": "npm:^3.0.1"
     "@actions/exec": "npm:^3.0.0"
     "@actions/glob": "npm:^0.6.1"
-    "@actions/http-client": "npm:^4.0.0"
-    "@actions/io": "npm:^3.0.0"
-    "@azure/core-rest-pipeline": "npm:^1.22.0"
-    "@azure/storage-blob": "npm:^12.30.0"
+    "@actions/http-client": "npm:^4.0.1"
+    "@actions/io": "npm:^3.0.2"
+    "@azure/core-rest-pipeline": "npm:^1.23.0"
+    "@azure/storage-blob": "npm:^12.31.0"
     "@protobuf-ts/runtime-rpc": "npm:^2.11.1"
-    semver: "npm:^7.7.3"
-  checksum: 10/91609983f6ed5829018c6afea9b692762acd34604e44479be3ff25c76f5b869d6727766847193ab9f0724de84cd6043759a55553c500c3538af9951494ca14b6
+    semver: "npm:^7.7.4"
+  checksum: 10/05d2c18210fa3b583765d734e9dce6532c76d271805929608ee35f56dd3064e1d30f007400e3a275f74a7ad3e454cf0051b6eab4f15a9669dac081d811ee9d10
   languageName: node
   linkType: hard
 
@@ -262,6 +262,21 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@azure/core-rest-pipeline@npm:^1.23.0":
+  version: 1.23.0
+  resolution: "@azure/core-rest-pipeline@npm:1.23.0"
+  dependencies:
+    "@azure/abort-controller": "npm:^2.1.2"
+    "@azure/core-auth": "npm:^1.10.0"
+    "@azure/core-tracing": "npm:^1.3.0"
+    "@azure/core-util": "npm:^1.13.0"
+    "@azure/logger": "npm:^1.3.0"
+    "@typespec/ts-http-runtime": "npm:^0.3.4"
+    tslib: "npm:^2.6.2"
+  checksum: 10/9c60c8bb858cec1caf49d3c323667814512fbf0ca3b34fa382c010f4a6fcccf0a6ef8210c2f7d791b2af67b5c427aefb9b1e4c58a9a9ef60d1cff871fca548f3
+  languageName: node
+  linkType: hard
+
 "@azure/core-tracing@npm:^1.2.0, @azure/core-tracing@npm:^1.3.0":
   version: 1.3.1
   resolution: "@azure/core-tracing@npm:1.3.1"
@@ -321,7 +336,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@azure/storage-blob@npm:^12.30.0":
+"@azure/storage-blob@npm:^12.30.0, @azure/storage-blob@npm:^12.31.0":
   version: 12.31.0
   resolution: "@azure/storage-blob@npm:12.31.0"
   dependencies:
@@ -422,12 +437,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@docker/actions-toolkit@npm:^0.90.0":
-  version: 0.90.0
-  resolution: "@docker/actions-toolkit@npm:0.90.0"
+"@docker/actions-toolkit@npm:^0.91.0":
+  version: 0.91.0
+  resolution: "@docker/actions-toolkit@npm:0.91.0"
   dependencies:
     "@actions/artifact": "npm:^6.2.1"
-    "@actions/cache": "npm:^6.0.0"
+    "@actions/cache": "npm:^6.0.1"
     "@actions/core": "npm:^3.0.1"
     "@actions/exec": "npm:^3.0.0"
     "@actions/github": "npm:^9.1.1"
@@ -437,7 +452,7 @@ __metadata:
     "@sigstore/bundle": "npm:^4.0.0"
     "@sigstore/sign": "npm:^4.1.1"
     "@sigstore/tuf": "npm:^4.0.2"
-    "@sigstore/verify": "npm:^3.1.0"
+    "@sigstore/verify": "npm:^3.1.1"
     async-retry: "npm:^1.3.3"
     csv-parse: "npm:^6.2.1"
     gunzip-maybe: "npm:^1.4.2"
@@ -445,10 +460,10 @@ __metadata:
     he: "npm:^1.2.0"
     js-yaml: "npm:^4.1.1"
     jwt-decode: "npm:^4.0.0"
-    semver: "npm:^7.8.0"
+    semver: "npm:^7.8.1"
     tar-stream: "npm:^3.2.0"
-    tmp: "npm:^0.2.5"
-  checksum: 10/5f5d28b1fea503ba54aff18e9ae947ad1bff42c84834120a477b64586251dcf16e67ce0613e60a8a3b596443c9c9d17f7bf982c8754ff4a4cd4cdee3bb97a561
+    tmp: "npm:^0.2.6"
+  checksum: 10/31ab0d572e716a765fa4db963a342c9c313460839f9a32c06045e07d47dda314e1dbd50f5f3bed7d4e4caa0f9e0b95d28abce3b4d59bfa54cea3f7d9408e5497
   languageName: node
   linkType: hard
 
@@ -1639,6 +1654,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@sigstore/core@npm:^3.2.1":
+  version: 3.2.1
+  resolution: "@sigstore/core@npm:3.2.1"
+  checksum: 10/2f6c1ced55f8ed3f7fc705a668eb95db9471511dfb1f054927822bf97a051dd62228ecf6a9f1932d240c2c4ae69a3b5066550789e5ad8f4257839a4370e5a120
+  languageName: node
+  linkType: hard
+
 "@sigstore/protobuf-specs@npm:^0.5.0":
   version: 0.5.0
   resolution: "@sigstore/protobuf-specs@npm:0.5.0"
@@ -1705,6 +1727,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@sigstore/verify@npm:^3.1.1":
+  version: 3.1.1
+  resolution: "@sigstore/verify@npm:3.1.1"
+  dependencies:
+    "@sigstore/bundle": "npm:^4.0.0"
+    "@sigstore/core": "npm:^3.2.1"
+    "@sigstore/protobuf-specs": "npm:^0.5.0"
+  checksum: 10/4cb24b0e62b85ebf2b62698041e0dc212d152fd40a95c05c237357c992265a23e5789f86b138bea2eea0c5f6b994974d968f03dde9c692a514f96ae4b26f31a9
+  languageName: node
+  linkType: hard
+
 "@standard-schema/spec@npm:^1.0.0":
   version: 1.1.0
   resolution: "@standard-schema/spec@npm:1.1.0"
@@ -1922,6 +1955,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@typespec/ts-http-runtime@npm:^0.3.4":
+  version: 0.3.5
+  resolution: "@typespec/ts-http-runtime@npm:0.3.5"
+  dependencies:
+    http-proxy-agent: "npm:^7.0.0"
+    https-proxy-agent: "npm:^7.0.0"
+    tslib: "npm:^2.6.2"
+  checksum: 10/7cf459826e4867ab52a4b9855fdce4590e30a6f37e11fb93155e01c6e80139ec9966b7a3270cffed2c1e88ae66acbae5b4c9a7ecd9274679734da2c18310cc6c
+  languageName: node
+  linkType: hard
+
 "@vitest/coverage-v8@npm:^4.0.18":
   version: 4.0.18
   resolution: "@vitest/coverage-v8@npm:4.0.18"
@@ -2784,8 +2828,8 @@ __metadata:
   version: 0.0.0-use.local
   resolution: "docker-setup-buildx@workspace:."
   dependencies:
-    "@actions/core": "npm:^3.0.0"
-    "@docker/actions-toolkit": "npm:^0.90.0"
+    "@actions/core": "npm:^3.0.1"
+    "@docker/actions-toolkit": "npm:^0.91.0"
     "@eslint/js": "npm:^9.39.3"
     "@types/js-yaml": "npm:^4.0.9"
     "@types/node": "npm:^24.11.0"
@@ -5253,7 +5297,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"semver@npm:^7.8.0":
+"semver@npm:^7.7.4, semver@npm:^7.8.1":
   version: 7.8.1
   resolution: "semver@npm:7.8.1"
   bin:
@@ -5668,10 +5712,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"tmp@npm:^0.2.5":
-  version: 0.2.5
-  resolution: "tmp@npm:0.2.5"
-  checksum: 10/dd4b78b32385eab4899d3ae296007b34482b035b6d73e1201c4a9aede40860e90997a1452c65a2d21aee73d53e93cd167d741c3db4015d90e63b6d568a93d7ec
+"tmp@npm:^0.2.6":
+  version: 0.2.7
+  resolution: "tmp@npm:0.2.7"
+  checksum: 10/0a3bc90beb0c6275273c3475fb57e466eaab1c9c4a101d029ff62b18146ce136e7f75d09de34863d9f2c2a492751402508f9e028bc98eb34a1416195d4b15619
   languageName: node
   linkType: hard