Closed dependabot[bot] closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
No data about Duplication
The group that created this PR has been removed from your configuration.
Bumps the production-dependencies group with 6 updates:
3.2.0
3.3.0
5.1.0
5.3.0
3.25.4
3.25.5
1.7.0
2.0.0
5.4.0
5.5.2
0.19.0
0.20.0
Updates
docker/setup-buildx-action
from 3.2.0 to 3.3.0Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
d70bba7
Merge pull request #307 from crazy-max/bump-toolkit7638634
chore: update generated contentc68420f
bump@docker/actions-toolkit
from 0.19.0 to 0.20.0Updates
docker/build-push-action
from 5.1.0 to 5.3.0Release notes
Sourced from docker/build-push-action's releases.
Commits
2cdde99
Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...008747a
chore: update generated content1580753
chore(deps): Bump@docker/actions-toolkit
from 0.18.0 to 0.19.02a7db1d
Merge pull request #1075 from crazy-max/ci-multi-output35e7dd5
ci: test multi outputaf5a7ed
Merge pull request #1074 from crazy-max/build-cmd-debug2a85189
chore: update generated content6c20794
disable quotes detection for "outputs" inputafdf0c0
chore: debug build cmd and args00ae31a
Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...Updates
github/codeql-action
from 3.25.4 to 3.25.5Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
b7cec75
Merge pull request #2287 from github/update-v3.25.5-4a51972476778fe4
Update changelog for v3.25.54a51972
Merge pull request #2280 from github/henrymercer/on-demand-ffsa8c32fd
Merge pull request #2283 from github/henrymercer/disable-fail-fastf73b0b7
Disable fail fast for non-generated workflowsc59e052
Disable fail fast in generated workflows33e416c
Comment thatlegacyApi
is false by default67f8a36
Merge branch 'main' into henrymercer/on-demand-ffs4995c49
Merge pull request #2282 from github/henrymercer/no-build-mode-tracing-improv...def4d2c
Merge pull request #2273 from github/aeisenberg/specify-versionsUpdates
checkmarx/kics-github-action
from 1.7.0 to 2.0.0Release notes
Sourced from checkmarx/kics-github-action's releases.
Commits
d1b692d
Merge pull request #109 from Checkmarx/gabriel-cx-patch-17f89475
Update Dockerfile03c9abe
Merge pull request #107 from Checkmarx/critical_Add26150f4
new link for critical image88fa5c6
change link to critical imagee4f01c6
new critical img and logic to get image6d1dc92
Merge pull request #105 from Checkmarx/fix-760dcc489
add user suggested change2917c26
Merge pull request #92 from felickz/patch-1d5323fb
update readmeUpdates
amannn/action-semantic-pull-request
from 5.4.0 to 5.5.2Release notes
Sourced from amannn/action-semantic-pull-request's releases.
Changelog
Sourced from amannn/action-semantic-pull-request's changelog.
... (truncated)
Commits
cfb6070
chore: Release 5.5.2 [skip ci]9a90d5a
fix: Bump tar from 6.1.11 to 6.2.1 (#262 by@EelcoLos
)9ebc021
chore: Release 5.5.1 [skip ci]5e7e9ac
fix: Bump ip from 2.0.0 to 2.0.1 (#263 by@EelcoLos
)c24d6dd
chore: Release 5.5.0 [skip ci]b05f5f6
feat: Add outputs fortype
,scope
andsubject
(#261 by@bcaurel
)67cbd7a
chore: Bumpword-wrap
dependency from 1.2.3 to 1.2.4 (#246 by@EelcoLos
)95af3b9
chore(deps): Bump@babel/traverse
from 7.17.0 to 7.23.2 (#245 by@EelcoLos
)Updates
aquasecurity/trivy-action
from 0.19.0 to 0.20.0Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
b2933f5
bump trivy version to v0.51.1 (#353)b2cd5ff
Update bump-trivy.yaml6f8c237
update tests (#334)7088d18
Revert "fix: 🐛 allow trivy-config and other options to be used together (#338)"ee6a4f5
fix: 🐛 allow trivy-config and other options to be used together (#338)b5f4977
Bump trivy version to v0.50.2 (#341)207cd40
Fix docker host bug (#329)840deb4
Browse scan reports without GitHub Advanced Security license (#328)0f287db
feat(image): add--docker-host
option for GH Action users (#267)f72b7e8
Make 'hide-progress' input working again (#323)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show