Merge pull request #1005 from crazy-max/yarn-update

update yarn to 4.15.0
2026-05-29 09:51:52 +08:00 · 2026-05-28 18:43:24 +02:00 · 2026-05-28 15:13:23 +02:00 · 2026-05-28 12:15:32 +02:00 · 2026-05-28 08:20:36 +00:00 · 2026-05-28 08:19:41 +00:00
12 changed files with 291 additions and 182 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -150,7 +150,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1
+        uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -198,7 +198,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1
+        uses: aws-actions/configure-aws-credentials@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 # v6.1.2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,12 +35,12 @@ jobs:
          node-version: ${{ env.NODE_VERSION }}
      -
        name: Initialize CodeQL
-        uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
+        uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
        with:
          languages: javascript-typescript
          build-mode: none
      -
        name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
+        uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
        with:
          category: "/language:javascript-typescript"
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -23,7 +23,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      -
        name: Test
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
        with:
          source: .
          targets: test
--- a/.github/workflows/update-dist.yml
+++ b/.github/workflows/update-dist.yml
@@ -37,7 +37,7 @@ jobs:
          token: ${{ steps.docker-read-app.outputs.token }}
      -
        name: Build
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
        with:
          source: .
          targets: build
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -26,7 +26,7 @@ jobs:
      -
        name: Generate matrix
        id: generate
-        uses: docker/bake-action/subaction/matrix@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action/subaction/matrix@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
        with:
          target: validate
@@ -41,6 +41,6 @@ jobs:
    steps:
      -
        name: Validate
-        uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
+        uses: docker/bake-action@6614cfa25eff9a0b2b2697efb0b6159e7680d584 # v7.2.0
        with:
          targets: ${{ matrix.target }}
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1,10 +1,10 @@
 # https://yarnpkg.com/configuration/yarnrc
-compressionLevel: mixed
+nodeLinker: node-modules
 enableGlobalCache: false
 enableHardenedMode: true
 logFilters:
  - code: YN0004
    level: discard
  - code: YN0013
    level: discard
  - code: YN0019
@@ -14,4 +14,8 @@ logFilters:
  - code: YN0086
    level: discard
-nodeLinker: node-modules
+compressionLevel: mixed
 enableGlobalCache: false
 enableHardenedMode: true
 enableScripts: false
 npmMinimalAgeGate: 2d
--- a/README.md
+++ b/README.md
@@ -117,6 +117,8 @@ instead of a password.
 ### Azure Container Registry (ACR)
 #### Service principal
 [Create a service principal](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal)
 with access to your container registry through the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
 and take note of the generated service principal's ID (also called _client ID_)
@@ -142,10 +144,60 @@ jobs:
          password: ${{ secrets.AZURE_CLIENT_SECRET }}
 ```
 > [!NOTE]
 > Replace `<registry-name>` with the name of your registry.
 #### OpenID Connect (OIDC)
 To authenticate with OpenID Connect, configure a federated identity credential
 for GitHub Actions and use the [Azure Login](https://github.com/Azure/login)
 action to sign in to Azure. Then expose an ACR access token and pass it to this
 action as the password.
 ```yaml
 name: ci
 on:
  push:
    branches: main
 permissions:
  contents: read
  id-token: write
 jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to Azure
        uses: azure/login@v3
        with:
          client-id: ${{ vars.AZURE_CLIENT_ID }}
          tenant-id: ${{ vars.AZURE_TENANT_ID }}
          subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
      -
        name: Get ACR access token
        id: acr-token
        run: |
          ACR_TOKEN=$(az acr login --name <registry-name> --expose-token --output tsv --query accessToken)
          echo "::add-mask::$ACR_TOKEN" # mask the token in workflow logs
          echo "token=$ACR_TOKEN" >> "$GITHUB_OUTPUT"
      -
        name: Login to ACR
        uses: docker/login-action@v4
        with:
          registry: <registry-name>.azurecr.io
          username: 00000000-0000-0000-0000-000000000000
          password: ${{ steps.acr-token.outputs.token }}
 ```
 > [!NOTE]
 > Replace `<registry-name>` with the name of your registry.
 ### Google Container Registry (GCR)
 > [!NOTE]
 > [Google Artifact Registry](#google-artifact-registry-gar) is the evolution of
 > Google Container Registry. As a fully-managed service with support for both
 > container images and non-container artifacts. If you currently use Google
@@ -176,7 +228,7 @@ jobs:
    -
      name: Authenticate to Google Cloud
      id: auth
-      uses: google-github-actions/auth@v1
+      uses: google-github-actions/auth@v3
      with:
        token_format: access_token
        workload_identity_provider: <workload_identity_provider>
@@ -190,9 +242,10 @@ jobs:
        password: ${{ steps.auth.outputs.access_token }}
 ```
 > [!NOTE]
 > Replace `<workload_identity_provider>` with configured workload identity
 > provider. For steps to configure, [see here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation).
-
+>
 > Replace `<service_account>` with configured service account in workload
 > identity provider which has access to push to GCR
@@ -247,7 +300,7 @@ jobs:
      -
        name: Authenticate to Google Cloud
        id: auth
-        uses: google-github-actions/auth@v1
+        uses: google-github-actions/auth@v3
        with:
          token_format: access_token
          workload_identity_provider: <workload_identity_provider>
@@ -261,12 +314,13 @@ jobs:
          password: ${{ steps.auth.outputs.access_token }}
 ```
 > [!NOTE]
 > Replace `<workload_identity_provider>` with configured workload identity
 > provider
-
+>
 > Replace `<service_account>` with configured service account in workload
 > identity provider which has access to push to GCR
-
+>
 > Replace `<location>` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)
 > of the repository where the image is stored.
@@ -298,6 +352,7 @@ jobs:
          password: ${{ secrets.GAR_JSON_KEY }}
 ```
 > [!NOTE]
 > Replace `<location>` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)
 > of the repository where the image is stored.
@@ -352,6 +407,7 @@ jobs:
          AWS_ACCOUNT_IDS: 012345678910,023456789012
 ```
 > [!NOTE]
 > Only available with [AWS CLI version 1](https://docs.aws.amazon.com/cli/latest/reference/ecr/get-login.html)
 You can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials)
@@ -370,7 +426,7 @@ jobs:
    steps:
      -
        name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
        with:
          aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -382,6 +438,7 @@ jobs:
          registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com
 ```
 > [!NOTE]
 > Replace `<aws-account-number>` and `<region>` with their respective values.
 ### AWS Public Elastic Container Registry (ECR)
@@ -413,6 +470,7 @@ jobs:
          AWS_REGION: <region>
 ```
 > [!NOTE]
 > Replace `<region>` with its respective value (default `us-east-1`).
 ### OCI Oracle Cloud Infrastructure Registry (OCIR)
@@ -445,6 +503,7 @@ jobs:
          password: ${{ secrets.OCI_TOKEN }}
 ```
 > [!NOTE]
 > Replace `<region>` with their respective values from [availability regions](https://docs.cloud.oracle.com/iaas/Content/Registry/Concepts/registryprerequisites.htm#Availab)
 ### Quay.io
@@ -603,7 +662,7 @@ jobs:
          scope: 'myorg/myimage@push'
      -
        name: Build and push
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
        with:
          push: true
          tags: myorg/myimage:latest
--- a/dist/index.cjs
+++ b/dist/index.cjs
--- a/dist/index.cjs.map
+++ b/dist/index.cjs.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
@@ -398,8 +398,8 @@ Apache License
 The following npm packages may be included in this product:
 - @sigstore/bundle@4.0.0
 - @sigstore/core@3.1.0
 - @sigstore/core@3.2.0
 - @sigstore/core@3.2.1
 - @sigstore/protobuf-specs@0.5.0
 - @sigstore/sign@4.1.1
 - @sigstore/tuf@4.0.2
@@ -612,7 +612,7 @@ Apache License
 The following npm package may be included in this product:
- - @docker/actions-toolkit@0.90.0
+ - @docker/actions-toolkit@0.91.0
 This package contains the following license:
@@ -4591,7 +4591,7 @@ The following npm packages may be included in this product:
 - @aws-sdk/credential-provider-http@3.972.41
 - @aws-sdk/credential-provider-login@3.972.43
 - @aws-sdk/nested-clients@3.997.11
- - @sigstore/verify@3.1.0
+ - @sigstore/verify@3.1.1
 These packages each contain the following license:
@@ -5088,12 +5088,14 @@ The following npm packages may be included in this product:
 - @azure/core-client@1.10.1
 - @azure/core-http-compat@2.3.1
 - @azure/core-rest-pipeline@1.22.2
 - @azure/core-rest-pipeline@1.23.0
 - @azure/core-tracing@1.3.1
 - @azure/core-util@1.13.1
 - @azure/core-xml@1.5.0
 - @azure/logger@1.3.0
 - @azure/storage-blob@12.31.0
 - @typespec/ts-http-runtime@0.3.2
 - @typespec/ts-http-runtime@0.3.5
 These packages each contain the following license:
@@ -6927,7 +6929,7 @@ THE SOFTWARE.
 The following npm package may be included in this product:
- - tmp@0.2.5
+ - tmp@0.2.7
 This package contains the following license:
@@ -7519,7 +7521,7 @@ https://github.com/bitinn/node-fetch
 The following npm packages may be included in this product:
 - @actions/artifact@6.2.1
- - @actions/cache@6.0.0
+ - @actions/cache@6.0.1
 - @actions/core@3.0.0
 - @actions/core@3.0.1
 - @actions/exec@3.0.0
--- a/package.json
+++ b/package.json
@@ -21,12 +21,12 @@
  ],
  "author": "Docker Inc.",
  "license": "Apache-2.0",
-  "packageManager": "yarn@4.9.2",
+  "packageManager": "yarn@4.15.0",
  "dependencies": {
    "@actions/core": "^3.0.1",
    "@aws-sdk/client-ecr": "^3.1050.0",
    "@aws-sdk/client-ecr-public": "^3.1050.0",
-    "@docker/actions-toolkit": "^0.90.0",
+    "@docker/actions-toolkit": "^0.91.0",
    "http-proxy-agent": "^9.0.0",
    "https-proxy-agent": "^9.0.0",
    "js-yaml": "^4.1.1"
--- a/yarn.lock
+++ b/yarn.lock
@@ -2,7 +2,7 @@
 # Manual changes might be lost - proceed with caution!
 __metadata:
-  version: 8
+  version: 10
  cacheKey: 10
 "@aashutoshrathi/word-wrap@npm:^1.2.3":
@@ -34,20 +34,20 @@ __metadata:
  languageName: node
  linkType: hard
-"@actions/cache@npm:^6.0.0":
+"@actions/cache@npm:^6.0.1":
-  version: 6.0.0
+  version: 6.0.1
-  resolution: "@actions/cache@npm:6.0.0"
+  resolution: "@actions/cache@npm:6.0.1"
  dependencies:
-    "@actions/core": "npm:^3.0.0"
+    "@actions/core": "npm:^3.0.1"
    "@actions/exec": "npm:^3.0.0"
    "@actions/glob": "npm:^0.6.1"
-    "@actions/http-client": "npm:^4.0.0"
+    "@actions/http-client": "npm:^4.0.1"
-    "@actions/io": "npm:^3.0.0"
+    "@actions/io": "npm:^3.0.2"
-    "@azure/core-rest-pipeline": "npm:^1.22.0"
+    "@azure/core-rest-pipeline": "npm:^1.23.0"
-    "@azure/storage-blob": "npm:^12.30.0"
+    "@azure/storage-blob": "npm:^12.31.0"
    "@protobuf-ts/runtime-rpc": "npm:^2.11.1"
-    semver: "npm:^7.7.3"
+    semver: "npm:^7.7.4"
-  checksum: 10/91609983f6ed5829018c6afea9b692762acd34604e44479be3ff25c76f5b869d6727766847193ab9f0724de84cd6043759a55553c500c3538af9951494ca14b6
+  checksum: 10/05d2c18210fa3b583765d734e9dce6532c76d271805929608ee35f56dd3064e1d30f007400e3a275f74a7ad3e454cf0051b6eab4f15a9669dac081d811ee9d10
  languageName: node
  linkType: hard
@@ -587,6 +587,21 @@ __metadata:
  languageName: node
  linkType: hard
 "@azure/core-rest-pipeline@npm:^1.23.0":
  version: 1.23.0
  resolution: "@azure/core-rest-pipeline@npm:1.23.0"
  dependencies:
    "@azure/abort-controller": "npm:^2.1.2"
    "@azure/core-auth": "npm:^1.10.0"
    "@azure/core-tracing": "npm:^1.3.0"
    "@azure/core-util": "npm:^1.13.0"
    "@azure/logger": "npm:^1.3.0"
    "@typespec/ts-http-runtime": "npm:^0.3.4"
    tslib: "npm:^2.6.2"
  checksum: 10/9c60c8bb858cec1caf49d3c323667814512fbf0ca3b34fa382c010f4a6fcccf0a6ef8210c2f7d791b2af67b5c427aefb9b1e4c58a9a9ef60d1cff871fca548f3
  languageName: node
  linkType: hard
 "@azure/core-tracing@npm:^1.2.0, @azure/core-tracing@npm:^1.3.0":
  version: 1.3.1
  resolution: "@azure/core-tracing@npm:1.3.1"
@@ -646,7 +661,7 @@ __metadata:
  languageName: node
  linkType: hard
-"@azure/storage-blob@npm:^12.30.0":
+"@azure/storage-blob@npm:^12.30.0, @azure/storage-blob@npm:^12.31.0":
  version: 12.31.0
  resolution: "@azure/storage-blob@npm:12.31.0"
  dependencies:
@@ -747,12 +762,12 @@ __metadata:
  languageName: node
  linkType: hard
-"@docker/actions-toolkit@npm:^0.90.0":
+"@docker/actions-toolkit@npm:^0.91.0":
-  version: 0.90.0
+  version: 0.91.0
-  resolution: "@docker/actions-toolkit@npm:0.90.0"
+  resolution: "@docker/actions-toolkit@npm:0.91.0"
  dependencies:
    "@actions/artifact": "npm:^6.2.1"
-    "@actions/cache": "npm:^6.0.0"
+    "@actions/cache": "npm:^6.0.1"
    "@actions/core": "npm:^3.0.1"
    "@actions/exec": "npm:^3.0.0"
    "@actions/github": "npm:^9.1.1"
@@ -762,7 +777,7 @@ __metadata:
    "@sigstore/bundle": "npm:^4.0.0"
    "@sigstore/sign": "npm:^4.1.1"
    "@sigstore/tuf": "npm:^4.0.2"
-    "@sigstore/verify": "npm:^3.1.0"
+    "@sigstore/verify": "npm:^3.1.1"
    async-retry: "npm:^1.3.3"
    csv-parse: "npm:^6.2.1"
    gunzip-maybe: "npm:^1.4.2"
@@ -770,10 +785,10 @@ __metadata:
    he: "npm:^1.2.0"
    js-yaml: "npm:^4.1.1"
    jwt-decode: "npm:^4.0.0"
-    semver: "npm:^7.8.0"
+    semver: "npm:^7.8.1"
    tar-stream: "npm:^3.2.0"
-    tmp: "npm:^0.2.5"
+    tmp: "npm:^0.2.6"
-  checksum: 10/5f5d28b1fea503ba54aff18e9ae947ad1bff42c84834120a477b64586251dcf16e67ce0613e60a8a3b596443c9c9d17f7bf982c8754ff4a4cd4cdee3bb97a561
+  checksum: 10/31ab0d572e716a765fa4db963a342c9c313460839f9a32c06045e07d47dda314e1dbd50f5f3bed7d4e4caa0f9e0b95d28abce3b4d59bfa54cea3f7d9408e5497
  languageName: node
  linkType: hard
@@ -1955,6 +1970,13 @@ __metadata:
  languageName: node
  linkType: hard
 "@sigstore/core@npm:^3.2.1":
  version: 3.2.1
  resolution: "@sigstore/core@npm:3.2.1"
  checksum: 10/2f6c1ced55f8ed3f7fc705a668eb95db9471511dfb1f054927822bf97a051dd62228ecf6a9f1932d240c2c4ae69a3b5066550789e5ad8f4257839a4370e5a120
  languageName: node
  linkType: hard
 "@sigstore/protobuf-specs@npm:^0.5.0":
  version: 0.5.0
  resolution: "@sigstore/protobuf-specs@npm:0.5.0"
@@ -1997,6 +2019,17 @@ __metadata:
  languageName: node
  linkType: hard
 "@sigstore/verify@npm:^3.1.1":
  version: 3.1.1
  resolution: "@sigstore/verify@npm:3.1.1"
  dependencies:
    "@sigstore/bundle": "npm:^4.0.0"
    "@sigstore/core": "npm:^3.2.1"
    "@sigstore/protobuf-specs": "npm:^0.5.0"
  checksum: 10/4cb24b0e62b85ebf2b62698041e0dc212d152fd40a95c05c237357c992265a23e5789f86b138bea2eea0c5f6b994974d968f03dde9c692a514f96ae4b26f31a9
  languageName: node
  linkType: hard
 "@smithy/core@npm:^3.24.3, @smithy/core@npm:^3.24.4":
  version: 3.24.4
  resolution: "@smithy/core@npm:3.24.4"
@@ -2316,6 +2349,17 @@ __metadata:
  languageName: node
  linkType: hard
 "@typespec/ts-http-runtime@npm:^0.3.4":
  version: 0.3.5
  resolution: "@typespec/ts-http-runtime@npm:0.3.5"
  dependencies:
    http-proxy-agent: "npm:^7.0.0"
    https-proxy-agent: "npm:^7.0.0"
    tslib: "npm:^2.6.2"
  checksum: 10/7cf459826e4867ab52a4b9855fdce4590e30a6f37e11fb93155e01c6e80139ec9966b7a3270cffed2c1e88ae66acbae5b4c9a7ecd9274679734da2c18310cc6c
  languageName: node
  linkType: hard
 "@vitest/coverage-v8@npm:^4.0.18":
  version: 4.0.18
  resolution: "@vitest/coverage-v8@npm:4.0.18"
@@ -3216,7 +3260,7 @@ __metadata:
    "@actions/core": "npm:^3.0.1"
    "@aws-sdk/client-ecr": "npm:^3.1050.0"
    "@aws-sdk/client-ecr-public": "npm:^3.1050.0"
-    "@docker/actions-toolkit": "npm:^0.90.0"
+    "@docker/actions-toolkit": "npm:^0.91.0"
    "@eslint/js": "npm:^9.39.3"
    "@types/js-yaml": "npm:^4.0.9"
    "@types/node": "npm:^24.11.0"
@@ -5710,7 +5754,7 @@ __metadata:
  languageName: node
  linkType: hard
-"semver@npm:^7.8.0":
+"semver@npm:^7.7.4, semver@npm:^7.8.1":
  version: 7.8.1
  resolution: "semver@npm:7.8.1"
  bin:
@@ -6125,10 +6169,10 @@ __metadata:
  languageName: node
  linkType: hard
-"tmp@npm:^0.2.5":
+"tmp@npm:^0.2.6":
-  version: 0.2.5
+  version: 0.2.7
-  resolution: "tmp@npm:0.2.5"
+  resolution: "tmp@npm:0.2.7"
-  checksum: 10/dd4b78b32385eab4899d3ae296007b34482b035b6d73e1201c4a9aede40860e90997a1452c65a2d21aee73d53e93cd167d741c3db4015d90e63b6d568a93d7ec
+  checksum: 10/0a3bc90beb0c6275273c3475fb57e466eaab1c9c4a101d029ff62b18146ce136e7f75d09de34863d9f2c2a492751402508f9e028bc98eb34a1416195d4b15619
  languageName: node
  linkType: hard
Author	SHA1	Message	Date
CrazyMax	3999a1f436	Merge pull request #1005 from crazy-max/yarn-update update yarn to 4.15.0	2026-05-28 18:43:24 +02:00
CrazyMax	0c083d7a7a	update yarn to 4.15.0 Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-05-28 15:13:23 +02:00
CrazyMax	d74126fafb	Merge pull request #1004 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.91.0 build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0	2026-05-28 12:15:32 +02:00
github-actions[bot]	008abcd773	chore: update generated content	2026-05-28 08:20:36 +00:00
dependabot[bot]	b3d0cb50ae	build(deps): bump @docker/actions-toolkit from 0.90.0 to 0.91.0 Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.90.0 to 0.91.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](https://github.com/docker/actions-toolkit/compare/v0.90.0...v0.91.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-version: 0.91.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-28 08:19:41 +00:00
CrazyMax	d1f19df6c2	Merge pull request #1003 from docker/dependabot/github_actions/aws-actions/configure-aws-credentials-6.1.2 build(deps): bump aws-actions/configure-aws-credentials from 6.1.1 to 6.1.2	2026-05-28 10:18:22 +02:00
CrazyMax	f9a14677ff	Merge pull request #1002 from docker/dependabot/npm_and_yarn/tmp-0.2.7 build(deps): bump tmp from 0.2.5 to 0.2.7	2026-05-28 10:17:21 +02:00
CrazyMax	72b845d964	Merge pull request #1001 from docker/sec-cli/ignore-scripts-fix-20260527-193038 ci: add ignore-scripts to Node package manager config (20260527-193038)	2026-05-28 09:53:26 +02:00
dependabot[bot]	22319e3a05	build(deps): bump aws-actions/configure-aws-credentials Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.1 to 6.1.2. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](`d979d5b3a7...acca2b1b20`) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-28 05:52:36 +00:00
github-actions[bot]	9ff664c6c9	chore: update generated content	2026-05-28 03:24:42 +00:00
dependabot[bot]	394f625bb6	build(deps): bump tmp from 0.2.5 to 0.2.7 Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.5 to 0.2.7. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](https://github.com/raszi/node-tmp/compare/v0.2.5...v0.2.7) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-28 03:23:48 +00:00
securityeng-bot[bot]	42471eb9ff	ci: enforce ignore-scripts policy for Node package managers	2026-05-27 20:04:14 +00:00
CrazyMax	04bf81902c	Merge pull request #996 from crazy-max/azure-oidc document ACR OIDC login with Azure Login	2026-05-27 13:37:45 +02:00
CrazyMax	5dbe09f08d	Merge pull request #997 from docker/dependabot/github_actions/github/codeql-action-4.36.0 build(deps): bump github/codeql-action from 4.35.5 to 4.36.0	2026-05-26 17:24:21 +02:00
dependabot[bot]	652059025f	build(deps): bump github/codeql-action from 4.35.5 to 4.36.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`9e0d7b8d25...7211b7c807`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-26 07:53:28 +00:00
CrazyMax	2ff7bc63ff	Merge pull request #998 from docker/dependabot/github_actions/docker/bake-action-7.2.0 build(deps): bump docker/bake-action from 7.1.0 to 7.2.0	2026-05-26 09:50:52 +02:00
dependabot[bot]	8f60ab8910	build(deps): bump docker/bake-action from 7.1.0 to 7.2.0 Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.1.0 to 7.2.0. - [Release notes](https://github.com/docker/bake-action/releases) - [Commits](`a66e1c87e2...6614cfa25e`) --- updated-dependencies: - dependency-name: docker/bake-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-25 07:44:22 +00:00
CrazyMax	401fdfb10a	update action versions in README examples Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-05-22 16:20:00 +02:00
CrazyMax	9720944471	use GitHub alerts for README notes Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-05-22 16:20:00 +02:00
CrazyMax	b04cd7ece0	document ACR OIDC login with Azure Login Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-05-22 16:19:59 +02:00