CrowdStrike / container-image-scan

Code to scan a container with CrowdStrike and return response codes indicating pass/fail status.
MIT License
35 stars 23 forks source link

Bump docker/login-action from 1.10.0 to 2.1.0 #58

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps docker/login-action from 1.10.0 to 2.1.0.

Release notes

Sourced from docker/login-action's releases.

v2.1.0

What's Changed

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: https://github.com/docker/login-action/compare/v2.0.0...v2.1.0

v2.0.0

  • Node 16 as default runtime by @​crazy-max (#161)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
  • chore: update dev dependencies and workflow by @​crazy-max (#170)
  • Bump @​actions/exec from 1.1.0 to 1.1.1 (#167)
  • Bump @​actions/io from 1.1.1 to 1.1.2 (#168)
  • Bump minimist from 1.2.5 to 1.2.6 (#176)
  • Bump https-proxy-agent from 5.0.0 to 5.0.1 (#182)

Full Changelog: https://github.com/docker/login-action/compare/v1.14.1...v2.0.0

v1.14.1

  • Revert to Node 12 as default runtime to fix issue for GHE users (#160)

v1.14.0

  • Update to node 16 (#158)
  • Bump @​aws-sdk/client-ecr from 3.45.0 to 3.53.0 (#157)
  • Bump @​aws-sdk/client-ecr-public from 3.45.0 to 3.53.0 (#156)

v1.13.0

  • Handle proxy settings for aws-sdk (#152)
  • Workload identity based authentication docs for GCR and GAR (#112)
  • Test login against ACR (#49)
  • Bump @​aws-sdk/client-ecr from 3.44.0 to 3.45.0 (#132)
  • Bump @​aws-sdk/client-ecr-public from 3.43.0 to 3.45.0 (#131)

v1.12.0

  • ECR: only set credentials if username and password are specified (#128)
  • Refactor to use aws-sdk v3 (#128)

v1.11.0

  • ECR: switch implementation to use the AWS SDK (#126)
  • ecr input to specify whether the given registry is ECR (#123)
  • Test against Windows runner (#126)
  • Update instructions for Google registry (#127)
  • Update dev workflow (#111)
  • Small changes for GHCR doc (#86)
  • Update dev dependencies (#85)
  • Bump ansi-regex from 5.0.0 to 5.0.1 (#101)
  • Bump tmpl from 1.0.4 to 1.0.5 (#100)
  • Bump @​actions/core from 1.4.0 to 1.6.0 (#94 #103)

... (truncated)

Commits
  • f4ef78c Merge pull request #299 from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...
  • 9ad4ce3 Update generated content
  • 884eadd Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0
  • a266232 Merge pull request #298 from docker/dependabot/npm_and_yarn/aws-sdk/client-ec...
  • f97efcf Update generated content
  • 5ae789b Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0
  • 71c23b5 Merge pull request #292 from docker/dependabot/npm_and_yarn/actions/core-1.10.0
  • 6401d70 Update generated content
  • 67e8909 Bump @​actions/core from 1.9.1 to 1.10.0
  • 21f251a Merge pull request #275 from crazy-max/redact-aws-creds
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)