update: bump the gh-actions-packages group across 5 directories with 11 updates

[dependabot[bot]]

Bumps the gh-actions-packages group with 6 updates in the /.github/actions/build directory:

Package	From	To
docker/login-action	2.1.0	3.3.0
anchore/sbom-action	0.15.1	0.17.8
sigstore/cosign-installer	3.1.2	3.7.0
docker/setup-buildx-action	2.4.1	3.7.1
docker/build-push-action	4.0.0	6.9.0
actions/upload-artifact	3.1.2	4.4.3

Bumps the gh-actions-packages group with 2 updates in the /.github/actions/context directory: mikefarah/yq and docker/metadata-action. Bumps the gh-actions-packages group with 3 updates in the /.github/actions/grype directory: github/codeql-action, docker/login-action and anchore/scan-action. Bumps the gh-actions-packages group with 2 updates in the /.github/actions/trivy-config directory: github/codeql-action and aquasecurity/trivy-action. Bumps the gh-actions-packages group with 3 updates in the /.github/actions/trivy-image directory: github/codeql-action, docker/login-action and aquasecurity/trivy-action.

Updates docker/login-action from 2.1.0 to 3.3.0

Release notes

Sourced from docker/login-action's releases.

v3.3.0

• Bump @​docker/actions-toolkit from 0.24.0 to 0.35.0 in docker/login-action#754
• Bump https-proxy-agent from 7.0.4 to 7.0.5 in docker/login-action#741
• Bump braces from 3.0.2 to 3.0.3 in docker/login-action#730

Full Changelog: https://github.com/docker/login-action/compare/v3.2.0...v3.3.0

v3.2.0

• Improve missing username/password by @​Frankkkkk in docker/login-action#706
• Bump @​docker/actions-toolkit from 0.18.0 to 0.24.0 in docker/login-action#715 docker/login-action#721
• Bump aws-sdk-dependencies to 3.583.0 in docker/login-action#720
• Bump undici from 5.28.3 to 5.28.4 in docker/login-action#694

Full Changelog: https://github.com/docker/login-action/compare/v3.1.0...v3.2.0

v3.1.0

• Bump @​babel/traverse from 7.17.3 to 7.23.2 in docker/login-action#618
• Bump @​docker/actions-toolkit from 0.12.0 to 0.18.0 in docker/login-action#616 docker/login-action#636 docker/login-action#682
• Bump aws-sdk dependencies to 3.529.1 in docker/login-action#624 docker/login-action#685
• Bump http-proxy-agent to 7.0.2 in docker/login-action#676
• Bump https-proxy-agent to 7.0.4 in docker/login-action#676
• Bump undici from 5.26.5 to 5.28.3 in docker/login-action#677

Full Changelog: https://github.com/docker/login-action/compare/v3.0.0...v3.1.0

v3.0.0

• Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @​crazy-max in docker/login-action#593
• Bump @​actions/core from 1.10.0 to 1.10.1 in docker/login-action#598
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.410.0 in docker/login-action#555 docker/login-action#560 docker/login-action#582 docker/login-action#599
• Bump semver from 6.3.0 to 6.3.1 in docker/login-action#556
• Bump https-proxy-agent to 7.0.2 docker/login-action#561 docker/login-action#588

Full Changelog: https://github.com/docker/login-action/compare/v2.2.0...v3.0.0

v2.2.0

• Switch to actions-toolkit implementation by @​crazy-max in docker/login-action#409 docker/login-action#470 docker/login-action#476
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.347.1 in docker/login-action#524 docker/login-action#364 docker/login-action#363
• Bump minimatch from 3.0.4 to 3.1.2 in docker/login-action#354
• Bump json5 from 2.2.0 to 2.2.3 in docker/login-action#378
• Bump http-proxy-agent from 5.0.0 to 7.0.0 in docker/login-action#509
• Bump https-proxy-agent from 5.0.1 to 7.0.0 in docker/login-action#508

Full Changelog: https://github.com/docker/login-action/compare/v2.1.0...v2.2.0

Commits

• 9780b0c Merge pull request #741 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
• 2fa130c chore: update generated content
• 5e87b2a build(deps): bump https-proxy-agent
• e039495 Merge pull request #754 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 9af18aa chore: update generated content
• 668190a switch to Docker exec
• be5150d build(deps): bump @​docker/actions-toolkit from 0.24.0 to 0.35.0
• e80ebca Merge pull request #730 from docker/dependabot/npm_and_yarn/braces-3.0.3
• 75ee3ea Merge pull request #733 from docker/dependabot/github_actions/docker/bake-act...
• 793c19c build(deps): bump docker/bake-action from 4 to 5
• Additional commits viewable in compare view

Updates anchore/sbom-action from 0.15.1 to 0.17.8

Release notes

Sourced from anchore/sbom-action's releases.

v0.17.8

Changes in v0.17.8

• chore(deps): update Syft to v1.17.0 (#507) [anchore-actions-token-generator]

v0.17.7

Changes in v0.17.7

• chore(deps): update Syft to v1.16.0 (#506) [anchore-actions-token-generator]

v0.17.6

Changes in v0.17.6

• chore(deps): update Syft to v1.15.0 (#505) [anchore-actions-token-generator]
• chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#504) [dependabot]

v0.17.5

Changes in v0.17.5

• chore(deps): update Syft to v1.14.2 (#503) [anchore-actions-token-generator]

v0.17.4

Changes in v0.17.4

• chore(deps): update Syft to v1.14.1 (#502) [anchore-actions-token-generator]

v0.17.3

Changes in v0.17.3

• chore(deps): update Syft to v1.14.0 (#498) [anchore-actions-token-generator]

v0.17.2

Changes in v0.17.2

• Update Syft to v1.11.1 (#485) [anchore-actions-token-generator]

v0.17.1

Changes in v0.17.1

• chore(deps): update Syft to v1.11.0 (#483) [anchore-actions-token-generator]

v0.17.0

Changes in v0.17.0

• chore(deps): update Syft to v1.9.0 (#479) [anchore-actions-token-generator]

v0.16.1

Changes in v0.16.1

• fix: workaround windows install issue (#477) [willmurphyscode]

... (truncated)

Commits

• 55dc4ee chore(deps): update Syft to v1.17.0 (#507)
• fc46e51 chore(deps): update Syft to v1.16.0 (#506)
• 251a468 chore(deps): update Syft to v1.15.0 (#505)
• 6bb446c chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#504)
• 1ca97d9 chore(deps): update Syft to v1.14.2 (#503)
• 8d0a650 chore(deps): update Syft to v1.14.1 (#502)
• f5e124a chore(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.5 (#493)
• eff08d0 chore: configure changelog-ignore label (#499)
• 18f9bde chore: remove snapshot tests; fix deprecation errors for outdated packages (#...
• 2e87236 add release docs (#500)
• Additional commits viewable in compare view

Updates sigstore/cosign-installer from 3.1.2 to 3.7.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.7.0

What's Changed

• Bump actions/checkout from 4.1.7 to 4.2.0 by @​dependabot in sigstore/cosign-installer#172
• bump for latest cosign v2.4.1 release by @​bobcallaway in sigstore/cosign-installer#173

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0

v3.6.0

What's Changed

• Bump actions/checkout from 4.1.2 to 4.1.3 by @​dependabot in sigstore/cosign-installer#161
• Bump actions/checkout from 4.1.3 to 4.1.4 by @​dependabot in sigstore/cosign-installer#162
• Bump actions/setup-go from 5.0.0 to 5.0.1 by @​dependabot in sigstore/cosign-installer#163
• Bump actions/checkout from 4.1.4 to 4.1.5 by @​dependabot in sigstore/cosign-installer#164
• Bump actions/checkout from 4.1.5 to 4.1.6 by @​dependabot in sigstore/cosign-installer#165
• Bump actions/checkout from 4.1.6 to 4.1.7 by @​dependabot in sigstore/cosign-installer#166
• Bump actions/setup-go from 5.0.1 to 5.0.2 by @​dependabot in sigstore/cosign-installer#167
• pin public key used for verification by @​bobcallaway in sigstore/cosign-installer#169
• bump default version to v2.4.0 release by @​bobcallaway in sigstore/cosign-installer#168
• update readme for new release by @​bobcallaway in sigstore/cosign-installer#170

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3...v3.6.0

v3.5.0

What's Changed

• Bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in sigstore/cosign-installer#157
• use go 1.22 now by @​bobcallaway in sigstore/cosign-installer#160
• bump default version to v2.2.4, prep for v3.5.0 release by @​bobcallaway in sigstore/cosign-installer#159

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0

v3.4.0

What's Changed

• Use examples that work with multiple tags by @​jkreileder in sigstore/cosign-installer#155
• default cosign install to release v2.2.3 by @​cpanato in sigstore/cosign-installer#156

New Contributors

• @​jkreileder made their first contribution in sigstore/cosign-installer#155

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3...v3.4.0

v3.3.0

What's Changed

• Bump actions/setup-go from 4.1.0 to 5.0.0 by @​dependabot in sigstore/cosign-installer#152
• update action to use latest cosign v2.2.2 by @​cpanato in sigstore/cosign-installer#153

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0

... (truncated)

Commits

• dc72c7d bump for latest cosign v2.4.1 release (#173)
• 08bb361 Bump actions/checkout from 4.1.7 to 4.2.0 (#172)
• 4959ce0 update readme for new release (#170)
• 45ffe83 bump default version to v2.4.0 release (#168)
• 7e1d9c1 pin public key used for verification (#169)
• cc23fe1 Bump actions/setup-go from 5.0.1 to 5.0.2 (#167)
• b235ed9 Bump actions/checkout from 4.1.6 to 4.1.7 (#166)
• b49ef6b Bump actions/checkout from 4.1.5 to 4.1.6 (#165)
• 7a59e5a Bump actions/checkout from 4.1.4 to 4.1.5 (#164)
• 8d927bd Bump actions/setup-go from 5.0.0 to 5.0.1 (#163)
• Additional commits viewable in compare view

Updates docker/setup-buildx-action from 2.4.1 to 3.7.1

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.7.1

• Switch back to uuid package by @​crazy-max in docker/setup-buildx-action#369

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.7.0...v3.7.1

v3.7.0

• Always set buildkitd-flags if opt-in by @​crazy-max in docker/setup-buildx-action#363
• Remove uuid package and switch to crypto by @​crazy-max in docker/setup-buildx-action#366
• Bump @​docker/actions-toolkit from 0.35.0 to 0.39.0 in docker/setup-buildx-action#362
• Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-buildx-action#354

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.6.1...v3.7.0

v3.6.1

• Check for malformed docker context by @​crazy-max in docker/setup-buildx-action#347

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.6.0...v3.6.1

v3.6.0

• Create temp docker context if default one has TLS data loaded before creating a container builder by @​crazy-max in docker/setup-buildx-action#341

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.5.0...v3.6.0

v3.5.0

• Bump @​docker/actions-toolkit from 0.31.0 to 0.35.0 in docker/setup-buildx-action#340 docker/setup-buildx-action#344 docker/setup-buildx-action#345

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.4.0...v3.5.0

v3.4.0

• Throw error message instead of exit code by @​crazy-max in docker/setup-buildx-action#315
• Bump @​docker/actions-toolkit from 0.20.0 to 0.31.0 in docker/setup-buildx-action#321 docker/setup-buildx-action#338
• Bump braces from 3.0.2 to 3.0.3 in docker/setup-buildx-action#329
• Bump undici from 5.28.3 to 5.28.4 in docker/setup-buildx-action#312
• Bump uuid from 9.0.1 to 10.0.0 in docker/setup-buildx-action#326

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.3.0...v3.4.0

v3.3.0

• Bump @​docker/actions-toolkit from 0.19.0 to 0.20.0 by @​crazy-max in docker/setup-buildx-action#307

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.2.0...v3.3.0

v3.2.0

• Rename and align config inputs by @​crazy-max in docker/setup-buildx-action#303
  • config to buildkitd-config
  • config-inline to buildkitd-config-inline
• Bump @​docker/actions-toolkit from 0.17.0 to 0.19.0 in docker/setup-buildx-action#302 docker/setup-buildx-action#306

[!NOTE] config and config-inline input names are deprecated and will be removed in next major release.

... (truncated)

Commits

• c47758b Merge pull request #369 from crazy-max/revert-crypto
• 8fea382 chore: update generated content
• 2874e98 switch back to uuid package
• 8026d2b Merge pull request #362 from docker/dependabot/npm_and_yarn/docker/actions-to...
• e51aab5 chore: update generated content
• fd7390e build(deps): bump @​docker/actions-toolkit from 0.35.0 to 0.39.0
• 910a304 Merge pull request #366 from crazy-max/remove-uuid
• 3623ee4 chore: update generated content
• e0e5ecf remove uuid package and switch to crypto
• 5334dd0 Merge pull request #363 from crazy-max/set-buildkitd-flags-optin
• Additional commits viewable in compare view

Updates docker/build-push-action from 4.0.0 to 6.9.0

Release notes

Sourced from docker/build-push-action's releases.

v6.9.0

• Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0 in docker/build-push-action#1234
• Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/build-push-action#1232

Full Changelog: https://github.com/docker/build-push-action/compare/v6.8.0...v6.9.0

v6.8.0

• Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0 in docker/build-push-action#1230

Full Changelog: https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0

v6.7.0

• Print info message for build summary support checks by @​crazy-max in docker/build-push-action#1211

Full Changelog: https://github.com/docker/build-push-action/compare/v6.6.1...v6.7.0

v6.6.1

• Bump @​docker/actions-toolkit from 0.37.0 to 0.37.1 in docker/build-push-action#1205

Full Changelog: https://github.com/docker/build-push-action/compare/v6.6.0...v6.6.1

v6.6.0

• Generate GitHub annotations for build checks by @​crazy-max in docker/build-push-action#1197
• Bump @​docker/actions-toolkit from 0.35.0 to 0.37.0 in docker/build-push-action#1196 docker/build-push-action#1198

Full Changelog: https://github.com/docker/build-push-action/compare/v6.5.0...v6.6.0

v6.5.0

• Bump @​docker/actions-toolkit from 0.33.0 to 0.35.0 in docker/build-push-action#1186 docker/build-push-action#1191

Full Changelog: https://github.com/docker/build-push-action/compare/v6.4.1...v6.5.0

v6.4.1

• revert "Set repository and ghtoken attributes for GitHub Actions cache backend" by @​crazy-max in docker/build-push-action#1183

Full Changelog: https://github.com/docker/build-push-action/compare/v6.4.0...v6.4.1

v6.4.0

• Set repository and ghtoken attributes for GitHub Actions cache backend by @​crazy-max in docker/build-push-action#1133
• Bump @​docker/actions-toolkit from 0.31.0 to 0.33.0 in docker/build-push-action#1179

Full Changelog: https://github.com/docker/build-push-action/compare/v6.3.0...v6.4.0

v6.3.0

• DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @​crazy-max in docker/build-push-action#1172
• DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @​crazy-max in docker/build-push-action#1170 docker/build-push-action#1173
• Bump @​docker/actions-toolkit from 0.28.0 to 0.31.0 in docker/build-push-action#1171 docker/build-push-action#1159 docker/build-push-action#1169

Full Changelog: https://github.com/docker/build-push-action/compare/v6.2.0...v6.3.0

... (truncated)

Commits

• 4f58ea7 Merge pull request #1234 from docker/dependabot/npm_and_yarn/docker/actions-t...
• 49b5ea6 chore: update generated content
• 13c9fdd chore(deps): Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0
• e44afff Merge pull request #1232 from docker/dependabot/npm_and_yarn/path-to-regexp-6...
• 67ebad3 chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0
• 32945a3 Merge pull request #1230 from docker/dependabot/npm_and_yarn/docker/actions-t...
• e0fe9cf chore: update generated content
• 8f1ff6b chore(deps): Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0
• 5cd11c3 Merge pull request #1211 from crazy-max/summary-info-message
• 0aba704 chore: update generated content
• Additional commits viewable in compare view

Updates actions/upload-artifact from 3.1.2 to 4.4.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.4.3

What's Changed

• Undo indirect dependency updates from #627 by @​joshmgross in actions/upload-artifact#632

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3

v4.4.2

What's Changed

• Bump @actions/artifact to 2.1.11 by @​robherley in actions/upload-artifact#627
  • Includes fix for relative symlinks not resolving properly

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2

v4.4.1

What's Changed

• Add a section about hidden files by @​joshmgross in actions/upload-artifact#607
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/upload-artifact#621
• Update @​actions/artifact to latest version, includes symlink and timeout fixes by @​robherley in actions/upload-artifact#625

New Contributors

• @​Jcambass made their first contribution in actions/upload-artifact#621

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1

v4.4.0

Notice: Breaking Changes :warning:

We will no longer include hidden files and folders by default in the upload-artifact action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, include-hidden-files, to continue to do so.

See "Notice of upcoming deprecations and breaking changes in GitHub Actions runners" changelog and this issue for more details.

What's Changed

• Exclude hidden files by default by @​joshmgross in actions/upload-artifact#598

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0

v4.3.6

What's Changed

• Revert to @​actions/artifact 2.1.8 by @​robherley in actions/upload-artifact#594

Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v4.3.6

v4.3.5

What's Changed

• Bump @​actions/artifact to v2.1.9 by @​robherley in actions/upload-artifact#588

... (truncated)

Commits

• b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
• 92b01eb Undo indirect dependency updates from #627
• 8448086 Merge pull request #627 from actions/robherley/v4.4.2
• b1d4642 add explicit relative and absolute symlinks to workflow
• d50e660 bump version
• aabe6f8 build with @​actions/artifact v2.1.11
• 604373d Merge pull request #625 from actions/robherley/artifact-2.1.10
• 0150148 paste right core version
• a009b25 update licenses
• 9f6f6f4 update @​actions/core and @​actions/artifact to latest versions
• Additional commits viewable in compare view

Updates mikefarah/yq from 4.31.2 to 4.44.5

Release notes

Sourced from mikefarah/yq's releases.

v4.44.5

• Format comments with a gray foreground (Thanks @​gabe565)
• Fixed handling of nulls with sort_by expressions #2164
• Force no color output when NO_COLOR env presents (Thanks @​narqo)
• Fixed array subtraction update bug #2159
• Fixed index out of range error
• Can traverse straight from parent operator (parent.blah)
• Bumped dependencies

Note: 4.44.4 was skipped as it had a release pipeline failure

v4.44.3

• Fixed upper-case file extension detection, Thanks @​ryenus (#2121)
• Log printing follow no-colors flag #2082
• Skip and warn when interpolating strings and theres a unclosed bracket #2083
• Fixed CSV content starting with # issue #2076
• Bumped dependencies

v4.44.2

• Handle numbers with underscores #2039
• Unique now works on maps and arrays #2068
• Added support for short hand splat with env[] expression #2071, as well as many other operators (split,select,eval,pick..)
• Bumped dependencies

v4.44.1 - min/max/pivot!

• Added min/max operators (#1992) Thanks @​mbenson
• Added pivot oeprator (#1993) Thanks @​mbenson
• Fix: shell-completion (#2006) Thanks @​codekow
• Handle escaped backslashes (#1997) Thanks @​mbenson
• Fix npe when given filename ending with "." (#1994)
• Fix: linux (w/ selinux) build (#2004) Thanks @​codekow
• Bumped dependencies

v4.43.1

• Added omit operator #1989 thanks @​mbenson!
• Can now multiply strings by numbers #1988 thanks @​mbenson!
• Added tostring #72
• Added string interpolation #1149
• Can specify parent(n) levels #1970
• Fixed CSV line break issue #1974
• Adding a EvaluateAll function to StringEvaluator #1966
• yqlib, default to colors off when using yaml library #1964
• Removed JSON output warning
• Bumped dependencies

v4.42.1

• Can execute yq expression files directly with shebang #1851
• Added --csv-separator flag #1950
• Added --properties-separator option - thanks @​learnitall #1864
• Added --properties-array-brackets flag for properties encoder #1933

... (truncated)

Changelog

Sourced from mikefarah/yq's changelog.

4.44.5:

• Fixing release pipeline

4.44.4:

• Format comments with a gray foreground (Thanks @​gabe565)
• Fixed handling of nulls with sort_by expressions #2164
• Force no color output when NO_COLOR env presents (Thanks @​narqo)
• Fixed array subtraction update bug #2159
• Fixed index out of range error
• Can traverse straight from parent operator (parent.blah)
• Bumped dependencies

4.44.3:

• Fixed upper-case file extension detection, Thanks @​ryenus (#2121)
• Log printing follow no-colors flag #2082
• Skip and warn when interpolating strings and theres a unclosed bracket #2083
• Fixed CSV content starting with # issue #2076
• Bumped dependencies

4.44.2:

• Handle numbers with underscores #2039
• Unique now works on maps and arrays #2068
• Added support for short hand splat with env[] expression #2071, as well as many other operators (split,select,eval,pick..)
• Bumped dependencies

4.44.1:

• Added min/max operators (#1992) Thanks @​mbenson
• Added pivot oeprator (#1993) Thanks @​mbenson
• Fix: shell-completion (#2006) Thanks @​codekow
• Handle escaped backslashes (#1997) Thanks @​mbenson
• Fix npe when given filename ending with "." (#1994)
• Fix: linux (w/ selinux) build (#2004) Thanks @​codekow
• Bumped dependencies

4.43.1:

• Added omit operator #1989 thanks @​mbenson!
• Added tostring #72
• Added string interpolation #1149
• Can specify parent(n) levels #1970
• Can now multiply strings by numbers #1988 thanks @​mbenson!
• Fixed CSV line break issue #1974
• Adding a EvaluateAll function to StringEvaluator #1966
• yqlib, default to colors off when using yaml library #1964
• Removed JSON output warning
• Bumped dependencies

4.42.1:

• Can execute yq expression files directly with shebang #1851

... (truncated)

Commits

• bc5b54c Bumping version
• 129e597 Fixing release pipeline
• 42db154 Bumping version
• f06c7c6 Updating release notes
• 1ae6ac1 Merge branch 'gabe565-add-comment-style'
• b710fad Regenerating go mod
• 6a43f17 Merge branch 'add-comment-style' of github.com:gabe565/yq into gabe565-add-co...
• 1a4b248 Merge branch 'master' into add-comment-style
• 58cc9db Updated release notes
• 4af292f Fixed handling of nulls with sort_by expressions #2164
• Additional commits viewable in compare view

Updates docker/metadata-action from 4.3.0 to 5.6.1

Release notes

Sourced from docker/metadata-action's releases.

v5.6.1

• Fix GitHub API request fallback for commit date by @​crazy-max in docker/metadata-action#478
• Revert to default commit SHA length of 7 by @​crazy-max in docker/metadata-action#480

Full Changelog: https://github.com/docker/metadata-action/compare/v5.6.0...v5.6.1

v5.6.0

• Add commit_date global expression by @​trim21 in docker/metadata-action#471 docker/metadata-action#475
• Increase short commit sha length to 12 for uniqueness by @​crazy-max in docker/metadata-action#467
• Bump @​actions/core from 1.10.1 to 1.11.1 docker/metadata-action#460
• Bump @​docker/actions-toolkit from 0.16.1 to 0.44.0 docker/metadata-action#391 docker/metadata-action#399 docker/metadata-action#413 docker/metadata-action#441
• Bump braces from 3.0.2 to 3.0.3 docker/metadata-action#424
• Bump cross-spawn from 7.0.3 to 7.0.5 docker/metadata-action#474
• Bump csv-parse from 5.5.5 to 5.5.6 docker/metadata-action#412
• Bump moment-timezone from 0.5.44 to 0.5.46 docker/metadata-action#383 docker/metadata-action#470 docker/metadata-action#459
• Bump path-to-regexp from 6.2.2 to 6.3.0 docker/metadata-action#454
• Bump semver from 7.6.0 to 7.6.3 docker/metadata-action#400 docker/metadata-action#411 docker/metadata-action#440
• Bump undici from 5.26.3 to 5.28.4 docker/metadata-action#386 docker/metadata-action#402

Full Changelog: https://github.com/docker/metadata-action/compare/v5.5.1...v5.6.0

v5.5.1

• Don't set cwd:// prefix for local bake files by @​crazy-max in docker/metadata-action#382

Full Changelog:

codecov-commenter commented 1 week ago

:warning: Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 91.34%. Comparing base (19f4cc7) to head (a2095dd). Report is 38 commits behind head on develop.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## develop #1834 +/- ## =========================================== + Coverage 84.00% 91.34% +7.33% =========================================== Files 42 35 -7 Lines 2939 2530 -409 =========================================== - Hits 2469 2311 -158 + Misses 404 168 -236 + Partials 66 51 -15 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

---

🚨 Try these New Features:

• Flaky Tests Detection - Detect and resolve failed and flaky tests