Commit Graph
73 Commits
Author SHA1 Message Date
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony StirlingLudy
c1d7217242 Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#2901)
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.7.0 to 3.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>test action against all non-rc releases, verify entry in rekor log
by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/179">sigstore/cosign-installer#179</a></li>
<li>bump for cosign v2.4.2 release by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/181">sigstore/cosign-installer#181</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/c56c2d3e59e4281cc41dea2217323ba5694b171e"><code>c56c2d3</code></a>
Bump actions/setup-go from 5.2.0 to 5.3.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/180">#180</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/02e36b8dc8964c61cece8f1014b0e71c92325430"><code>02e36b8</code></a>
bump for cosign v2.4.2 release (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/181">#181</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/789d2886c082e8fb7b9710810b73c3f0840573ed"><code>789d288</code></a>
test action against all non-rc releases, verify entry in rekor log (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/179">#179</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/e11c0892438d2c0a48e49dee376e4883f10f2e59"><code>e11c089</code></a>
Bump actions/setup-go from 5.1.0 to 5.2.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/178">#178</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/718228a5f85f61170ad5c3ea6c0e9871cc92f1c5"><code>718228a</code></a>
Bump actions/setup-go from 5.0.2 to 5.1.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/176">#176</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/325063e39f66c2e5225e4c88c8979af292c04829"><code>325063e</code></a>
Bump actions/checkout from 4.2.1 to 4.2.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/177">#177</a>)</li>
<li><a
href="https://github.com/sigstore/cosign-installer/commit/b929758a8661a1dc05fce750bdb02eef5acf2c37"><code>b929758</code></a>
Bump actions/checkout from 4.2.0 to 4.2.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/175">#175</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da...c56c2d3e59e4281cc41dea2217323ba5694b171e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.7.0&new-version=3.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Ludy <[email protected]>
2025-02-17 10:24:25 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bc3340f3ba Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#2922)
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.8.0 to 3.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca"><code>f7ce87c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/404">#404</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/aa1e2a0b496d6cd3474071c7b0ab0eea5948de3a"><code>aa1e2a0</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/673e00877621ac201ca3084ec053b85e9b65063e"><code>673e008</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/ba31df4664624f17e1b1ef1c9c85ed1ca9463a6d"><code>ba31df4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/402">#402</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/5475af18ec6f58d53e9452495e8db373e6dcb469"><code>5475af1</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/acacad903e45f670c1e2d4638f4ee5f24b03e6b6"><code>acacad9</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.48.0 to
0.53.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/6a25f988bdfa969e96a38fc9f843ea31e0b5df27"><code>6a25f98</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/396">#396</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/ca1af179f5dc207dc723446d832eb3f77d3912dc"><code>ca1af17</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/setup-buildx-action/compare/6524bf65af31da8d45b59e8c27de4bd072b392f5...f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.8.0&new-version=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-10 10:51:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
0aeb22e7c8 Bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2902)
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/193">docker/setup-qemu-action#193</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/197">docker/setup-qemu-action#197</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0">https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/4574d27a4764455b42196d70a065bc6853246a25"><code>4574d27</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/195">#195</a>
from radarhere/patch-1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7a38281c3546ccdb3cedcebedb702dd0cbde7836"><code>7a38281</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/197">#197</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7a1c63f9e5c282d0c95da1f77892cf8c8c73d8a1"><code>7a1c63f</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/2825a1268fb8489c1191bf37f6dacdd9be57a0c6"><code>2825a12</code></a>
Fixed typo</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/f30d974279f970cd3ed4ee3bcf1ff7795e271f00"><code>f30d974</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/193">#193</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/568bf0683b44cd63a947ab731d3ab8f7a92eb901"><code>568bf06</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/a1aad7b5f5e239fca9be1aa9b4621816ef297d84"><code>a1aad7b</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.53.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/e5daf5da4ebfd37300852e88eac67cc6ad147f38"><code>e5daf5d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/189">#189</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/faec242d1f0d2bfa2d6a297ff61687ce6c005846"><code>faec242</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/setup-qemu-action/compare/53851d14592bedcffcf25ea515637cff71ef929a...4574d27a4764455b42196d70a065bc6853246a25">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-10 10:47:34 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
b9bfcd59cd Bump gradle/actions from 4.2.2 to 4.3.0 (#2870)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>This release brings some significant improvements to cache-cleanup
and dependency-submission:</p>
<ul>
<li>Cleanup cache entries written by newly released Gradle versions (<a
href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li>
<li>Use existing Gradle wrapper distribution for cache-cleanup where
possible (<a
href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li>
<li>Automatically save each dependency-graph that is submitted by
<code>dependency-submission</code> (<a
href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li>
<li>Fix deprecation warnings emitted by Gradle 8.12+ when:
<ul>
<li>Using <code>build-scan-publish: true</code> or Develocity injection
(<a
href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li>
<li>Using dependency-submission with an authenticated plugin repository
with Gradle (<a
href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li>
</ul>
</li>
<li>Fix warning when using toolchain support with Gradle 7.x (<a
href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li>
<li>Fix typo in <code>cache-reporting.ts</code> by <a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li>
<li>Bump the github-actions group across 3 directories with 7 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li>
<li>Bump the npm-dependencies group across 1 directory with 6 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li>
<li>Clean-up missing imports for tests by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li>
<li>Bump the npm-dependencies group in /sources with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li>
<li>Add npm build scans by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li>
<li>Avoid env-var interpolation in toolchains.xml by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li>
<li>Avoid saving build-results for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li>
<li>Save dependency graph as workflow artifact by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li>
<li>Update to CCUDGP 2.1 by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li>
<li>Choose best Gradle version to use for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li>
<li>Uppercase cache-encryption-key by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li>
<li>Attempt to use gradle wrapper for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li>
<li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li>
<li>Update undici to resolve vulnerability by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li>
<li>Bump the npm-dependencies group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li>
<li>Update docs for dependency review by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li>
<li>Fix space assignment deprecations in init-scripts by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/94baf225fe0a508e581a564467443d0e2379123b"><code>94baf22</code></a>
Fix space assignment deprecations in init-scripts (<a
href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/6f10c21ec5f599a0b89667926d38072802b3d6fc"><code>6f10c21</code></a>
Make it easier to produce 'prerelease' versions</li>
<li><a
href="https://github.com/gradle/actions/commit/0b492c475f504e36ead18a16150445eff0744fbc"><code>0b492c4</code></a>
Fix deprecation warnings in develocity init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/79bad900c08bc46eaf2277d99d548b968994ebbe"><code>79bad90</code></a>
Fix deprecation warnings in dependency-graph init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/986922f6a6cae731e74a1101cfb48c1928f94d64"><code>986922f</code></a>
Update docs for dependency review (<a
href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/65a3beb9413b5a43f94e1eea10a51c507e62b78f"><code>65a3beb</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/0e67f6d83b0113c903ae9b9cf26c587076a01d82"><code>0e67f6d</code></a>
Bump the npm-dependencies group across 1 directory with 2 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/b6ac71fd86906618fa352cfa92ab29a0b53daa81"><code>b6ac71f</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/9053a599ae356ff00d824e690d556ddbec068864"><code>9053a59</code></a>
Update undici to resolve vulnerability</li>
<li><a
href="https://github.com/gradle/actions/commit/7560c304a61cfac10bf3a196e0769a30d4ecd4aa"><code>7560c30</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/0bdd871935719febd78681f197cd39af5b6e16a6...94baf225fe0a508e581a564467443d0e2379123b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-04 10:42:29 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
637446fab8 Bump actions/setup-java from 4.6.0 to 4.7.0 (#2855)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a>
Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a
href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a>
Create dependabot.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a>
Update cache from 3.2.4 to 4.0.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/7a6d8a8234af8eb26422e24e3006232cccaa061b...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:08:34 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e690b09ed2 Bump docker/build-push-action from 6.12.0 to 6.13.0 (#2800)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.12.0 to 6.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.13.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to 0.53.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1308">docker/build-push-action#1308</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0">https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/ca877d9245402d1537745e0e356eab47c3520991"><code>ca877d9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1308">#1308</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d2fe919bb5012a6186426dc91c361c4980d10c2d"><code>d2fe919</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/f0fc9ece82cf2ace13ec8f35687697ae511bdf74"><code>f0fc9ec</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to
0.53.0</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/67a2d409c0a876cbe6b11854e3e25193efe4e62d...ca877d9245402d1537745e0e356eab47c3520991">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.12.0&new-version=6.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-30 10:46:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
66d0ad5071 Bump docker/build-push-action from 6.11.0 to 6.12.0 (#2762)
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.11.0 to 6.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.12.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.51.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1300">docker/build-push-action#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0">https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/67a2d409c0a876cbe6b11854e3e25193efe4e62d"><code>67a2d40</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1300">#1300</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/0b1b1c9c43ec788c199860037a0545356ea03d26"><code>0b1b1c9</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/b6a7c2c4eec8151a4dbcd3823747fe1b77d5b280"><code>b6a7c2c</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.51.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/31ca4e5d51253d7e4a2317bfe74699cbe3a398a9"><code>31ca4e5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1296">#1296</a>
from crazy-max/bake-v6</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e613db9d5a93dda4d07aeb81991e80164577ae4a"><code>e613db9</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="https://github.com/docker/build-push-action/compare/b32b51a8eda65d6793cd0494a773d4f6bcef32dc...67a2d409c0a876cbe6b11854e3e25193efe4e62d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.11.0&new-version=6.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:18 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c5ae576541 Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.3 to 2.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a>
Update log statement</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a>
Add try catch block</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a>
Fix ENOBUFS issue</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a>
from AkhigbeEromo/Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a>
Edit docs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a>
Merge branch 'Update-README' of <a
href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a>
Handle Ashish reviews</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a>
Merge branch 'main' into Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a>
Clean up</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:01 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
cbaea9cca9 Bump docker/setup-qemu-action from 3.2.0 to 3.3.0 (#2692)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<ul>
<li>Add <code>cache-image</code> input to enable/disable caching of
binfmt image by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/130">docker/setup-qemu-action#130</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/172">docker/setup-qemu-action#172</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.49.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/187">docker/setup-qemu-action#187</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/182">docker/setup-qemu-action#182</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/162">docker/setup-qemu-action#162</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0">https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/53851d14592bedcffcf25ea515637cff71ef929a"><code>53851d1</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/187">#187</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/7066b9044fd67fae38ee3529e17c426aac7525b7"><code>7066b90</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/75590814eb9485acbd63532d603438ddfb35eab6"><code>7559081</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.35.0 to
0.49.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/08d11eb48130d5f1debe0b57b29eee10e3e7a0b8"><code>08d11eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/172">#172</a>
from docker/dependabot/npm_and_yarn/actions/core-1.11.1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/e53506fe6c9a252f5a7137f8cc8b5d110f6d2aee"><code>e53506f</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/610b4428f91a439cb8fc96c1b66372f7ad6eaecc"><code>610b442</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/58a19f851cfcb4969c746f28b70e996e5f2baa2a"><code>58a19f8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/182">#182</a>
from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/49a12c4cc89e6dd0858487b98bed3df9fa825615"><code>49a12c4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/180">#180</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/2b8ac83d96d1cb342b1e7ed85695f93081100257"><code>2b8ac83</code></a>
ci: fix deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/fdbeaac5ff9cf5a81bfc642fc03727ea5a9dacd7"><code>fdbeaac</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/130">#130</a>
from crazy-max/cache-image</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-qemu-action/compare/49b3bc8e6bdd4a60e6116a5414239cba5943d3cf...53851d14592bedcffcf25ea515637cff71ef929a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 14:06:00 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bf0958f588 Bump docker/build-push-action from 6.10.0 to 6.11.0 (#2691)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.10.0 to 6.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.11.0</h2>
<ul>
<li>Handlebar <code>defaultContext</code> support for
<code>build-contexts</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1283">docker/build-push-action#1283</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.46.0 to 0.49.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1281">docker/build-push-action#1281</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0">https://github.com/docker/build-push-action/compare/v6.10.0...v6.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/b32b51a8eda65d6793cd0494a773d4f6bcef32dc"><code>b32b51a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1281">#1281</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/594bf46f0f6d32fd8bd98a553127950004165c96"><code>594bf46</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1294">#1294</a>
from crazy-max/fix-e2e</li>
<li><a
href="https://github.com/docker/build-push-action/commit/fd37bd55af0b8c458ea0ff376ce151a332fa7aed"><code>fd37bd5</code></a>
ci(e2e): fix setup docker config</li>
<li><a
href="https://github.com/docker/build-push-action/commit/e6478a2405f3527f33b93efb6857519c3ffd91f2"><code>e6478a2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/78785bddff35ca36f384e0c6a8a367584317df9f"><code>78785bd</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.46.0 to
0.49.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/128779fed7edb034b3f8006e9dac81a8593c040e"><code>128779f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1283">#1283</a>
from crazy-max/named-context-handlebars</li>
<li><a
href="https://github.com/docker/build-push-action/commit/7e094594beda23fc8f21fa31049f4b203e51096b"><code>7e09459</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1282">#1282</a>
from crazy-max/remove-buildkit-5561</li>
<li><a
href="https://github.com/docker/build-push-action/commit/32ee877a58507615d974839965ef8e530d66362e"><code>32ee877</code></a>
Revert &quot;init buildkit-5561 workflow&quot;</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d1a4129c41bb3f92b731b33dc29cfe5f6cd9298f"><code>d1a4129</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/49c623eaf82513814393adabc13bf2535384d735"><code>49c623e</code></a>
handlebar defaultContext support for build-contexts input</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/48aba3b46d1b1fec4febb7c5d0c644b249a11355...b32b51a8eda65d6793cd0494a773d4f6bcef32dc">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.10.0&new-version=6.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 13:53:25 +00:00
LudyandGitHub 888ef104a2 Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686)
# Description


https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/197

https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/198

https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/199

## Checklist

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [x] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-13 22:26:05 +00:00
LudyandGitHub 41c269f208 Bump gradle-version from 8.7 to 8.12 (#2596)
# Description

Please provide a summary of the changes, including relevant motivation
and context.

Closes #(issue_number)

## Checklist

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [x] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-03 11:26:40 +00:00
LudyandGitHub 875f5a85ef Token-Permissions & Pinned-Dependencies (#2586)
# Description

Please provide a summary of the changes, including relevant motivation
and context.

Closes #(issue_number)

## Checklist

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-02 18:22:14 +00:00
Anthony StirlingandGitHub 0f24fa104e Update push-docker only sigh fat and normal 2024-12-26 13:32:22 +00:00
Anthony StirlingandGitHub a0f3d7b7d4 Update push-docker.yml 2024-12-22 12:41:53 +00:00
Anthony Stirling 34ddc298cf test 2024-12-22 11:48:06 +00:00
Anthony Stirling 91aece2284 Merge remote-tracking branch 'origin/main' into docker-rename 2024-12-22 11:20:19 +00:00
Anthony Stirling 2a1dad80f0 rename 2024-12-22 11:17:22 +00:00
Anthony StirlingandGitHub 74c6ea7c60 Merge branch 'main' into cosign 2024-12-21 23:50:29 +00:00
Anthony StirlingandGitHub 15abef1b82 Update push-docker.yml 2024-12-21 23:49:30 +00:00
Ludy87 f29d4db31e [Security] Token permissions no. 2 2024-12-22 00:33:41 +01:00
StepSecurity Bot dc5b214932 [StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <[email protected]>
2024-12-21 12:28:35 +00:00
Anthony StirlingandGitHub 0ce479e1e3 Update push-docker.yml 2024-11-16 08:43:42 +00:00
Anthony StirlingandGitHub 7f30882e5e Setup new docker org stirlingtools/stirling-pdf (#2232)
* Update push-docker.yml

* Update push-docker.yml

* Update push-docker.yml
2024-11-14 11:20:17 +00:00
LudyandGitHub 56a07bbf3a increases some versions in the workflows (#1707) 2024-08-18 13:07:14 +01:00
Anthony StirlingandGitHub 17bf6237a2 Update push-docker.yml 2024-06-02 10:52:08 +01:00
Anthony StirlingandGitHub 01a3fa8cfe Update push-docker.yml 2024-06-01 14:12:57 +01:00
Anthony Stirling 995de6abc3 automate fat docker 2024-06-01 13:55:28 +01:00
Anthony Stirling 11497f52d4 gradle bump 2024-05-27 18:12:06 +01:00
LudyandGitHub 5185fd13b8 updating the build files (#1100) 2024-04-21 16:30:17 +01:00
Anthony StirlingandGitHub 8a6386ca73 remove lite package (#1012) 2024-04-01 18:33:58 +01:00
Anthony StirlingandGitHub c9331afeac github bug 2024-03-22 20:15:53 +00:00
1af41f8ea5 🔨 add Developer tools/scripts (#828)
* 🔨 add Developer tools

* Update downloader.js

* Update game.js

* Update .pre-commit-config.yaml

* Update sync_versions.yml

* removed: mixed line ending tool

* Update swagger.yml

* Update push-docker.yml

* Update build.yml

---------

Co-authored-by: Anthony Stirling <[email protected]>
2024-03-13 22:18:15 +00:00
sbplat 55d4fda01b refactor: normalize files 2024-02-11 11:47:00 -05:00
Anthony StirlingandGitHub c75efede79 Update push-docker.yml 2024-01-03 18:46:29 +00:00
Anthony StirlingandGitHub b21d2ecbd1 Update push-docker.yml 2023-12-18 15:38:37 +00:00
Daniel Richter 0b666674f7 fix(helm): move ci build to github actions
Signed-off-by: Daniel Richter <[email protected]>
2023-11-16 23:04:32 +01:00
Anthony Stirling b58fd2022a docker version stuff 2023-08-27 19:58:20 +01:00
Anthony Stirling 88cc90786d testing github actions 2023-08-27 13:45:58 +01:00
Anthony StirlingandGitHub c9b0d01250 Update push-docker.yml 2023-06-12 16:20:14 +01:00
Anthony Stirling 489b8da713 fix for actions 2023-06-08 22:28:13 +01:00
Anthony Stirling 04032c0dfe sign changes min size, lite docker, merge fix #172 2023-06-08 20:25:55 +01:00
Anthony StirlingandGitHub e46b7aaf35 Update push-docker.yml 2023-05-19 00:19:55 +01:00
Anthony StirlingandGitHub 68947de06a Update push-docker.yml 2023-05-19 00:18:30 +01:00
Anthony StirlingandGitHub 1739de95a6 Update push-docker.yml 2023-05-19 00:15:22 +01:00
Anthony StirlingandGitHub 759f184d36 Update push-docker.yml 2023-05-19 00:13:43 +01:00
Anthony StirlingandGitHub 8a8d3437a6 Update push-docker.yml 2023-05-19 00:12:48 +01:00
Anthony StirlingandGitHub 87f0d6930e Update push-docker.yml 2023-05-19 00:03:09 +01:00
Anthony StirlingandGitHub e659f11f05 Update push-docker.yml 2023-05-19 00:01:16 +01:00
Anthony StirlingandGitHub 21c2bb281f Update push-docker.yml 2023-05-18 23:25:17 +01:00