dependabot[bot]
|
bee78c0b16
|
chore(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (#4310)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.9 to 4.31.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](16140ae1a1...4e94bd11f7)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.31.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-27 10:43:04 -04:00 |
|
dependabot[bot]
|
88bbcbe9c6
|
chore(deps): bump anchore/sbom-action from 0.20.8 to 0.20.9 (#4305)
|
2025-10-27 02:03:09 -04:00 |
|
dependabot[bot]
|
675075e882
|
chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (#4299)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.8 to 4.30.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f443b600d9...16140ae1a1)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.30.9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-20 10:08:39 -04:00 |
|
dependabot[bot]
|
07029ead8a
|
chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4296)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.10.0 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7543c93d8...faadad0cce)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 4.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-17 10:22:20 -04:00 |
|
dependabot[bot]
|
f4de1e863c
|
chore(deps): bump anchore/sbom-action from 0.20.7 to 0.20.8 (#4297)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.7 to 0.20.8.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](d8a2c01300...aa0e114b2e)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.8
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-17 10:22:10 -04:00 |
|
dependabot[bot]
|
6627c5214c
|
chore(deps): bump anchore/sbom-action from 0.20.6 to 0.20.7 (#4293)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.6 to 0.20.7.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](f8bdd1d8ac...d8a2c01300)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-16 13:57:17 -04:00 |
|
dependabot[bot]
|
5056c7f861
|
chore(deps): bump github/codeql-action from 4.30.7 to 4.30.8 (#4277)
|
2025-10-13 10:47:50 -04:00 |
|
dependabot[bot]
|
3b82a3724a
|
chore(deps): bump github/codeql-action from 3.30.6 to 4.30.7 (#4262)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.6 to 4.30.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](64d10c1313...e296a93559)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 4.30.7
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-08 16:44:21 -04:00 |
|
dependabot[bot]
|
b96d3d20af
|
chore(deps): bump github/codeql-action from 3.30.5 to 3.30.6 (#4253)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 3.30.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3599b3baa1...64d10c1313)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.30.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-10-03 12:07:20 -04:00 |
|
dependabot[bot]
|
605a275dd3
|
chore(deps): bump github/codeql-action from 3.30.4 to 3.30.5 (#4246)
|
2025-09-30 17:06:10 -04:00 |
|
dependabot[bot]
|
f0998de717
|
chore(deps): bump github/codeql-action from 3.30.3 to 3.30.4 (#4239)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.3 to 3.30.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](192325c861...303c0aef88)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.30.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-25 12:06:49 -04:00 |
|
dependabot[bot]
|
261ab7c1fd
|
chore(deps): bump actions/cache from 4.2.4 to 4.3.0 (#4240)
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to 4.3.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](0400d5f644...0057852bfa)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: 4.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-25 12:02:41 -04:00 |
|
dependabot[bot]
|
8232f5bd1b
|
chore(deps): bump actions/cache in /.github/actions/bootstrap (#4241)
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to 4.3.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](0400d5f644...0057852bfa)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: 4.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-25 12:02:30 -04:00 |
|
dependabot[bot]
|
3abbd940e3
|
chore(deps): bump anchore/sbom-action from 0.20.5 to 0.20.6 (#4222)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.5 to 0.20.6.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](da167eac91...f8bdd1d8ac)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-18 10:58:53 -04:00 |
|
dependabot[bot]
|
333b951be3
|
chore(deps): bump zizmorcore/zizmor-action from 0.1.2 to 0.2.0 (#4216)
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) from 0.1.2 to 0.2.0.
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](5ca5fc7a47...e673c3917a)
---
updated-dependencies:
- dependency-name: zizmorcore/zizmor-action
dependency-version: 0.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-15 14:30:16 -04:00 |
|
dependabot[bot]
|
90c733d24d
|
chore(deps): bump 8398a7/action-slack from 3.18.0 to 3.19.0 (#4217)
Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack) from 3.18.0 to 3.19.0.
- [Release notes](https://github.com/8398a7/action-slack/releases)
- [Commits](1750b5085f...77eaa4f1c6)
---
updated-dependencies:
- dependency-name: 8398a7/action-slack
dependency-version: 3.19.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-15 14:30:03 -04:00 |
|
dependabot[bot]
|
dacc2f61f9
|
chore(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0 (#4218)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d58896d6a1...d7543c93d8)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-15 14:29:53 -04:00 |
|
dependabot[bot]
|
1fcdb67698
|
chore(deps): bump github/codeql-action from 3.30.1 to 3.30.3 (#4210)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.1 to 3.30.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f1f6e5f6af...192325c861)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.30.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-11 12:50:41 -04:00 |
|
dependabot[bot]
|
8e78fd57b8
|
chore(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (#4188)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.5.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d35c59abb0...4469467582)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-version: 6.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-08 02:35:22 -04:00 |
|
dependabot[bot]
|
b503690889
|
chore(deps): bump actions/setup-go in /.github/actions/bootstrap (#4189)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.5.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d35c59abb0...4469467582)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-version: 6.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-08 02:35:08 -04:00 |
|
dependabot[bot]
|
2b8f4bc028
|
chore(deps): bump github/codeql-action from 3.30.0 to 3.30.1 (#4191)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 3.30.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2d92b76c45...f1f6e5f6af)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.30.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-08 02:05:35 -04:00 |
|
dependabot[bot]
|
98c97e24a2
|
chore(deps): bump actions/github-script from 7 to 8 (#4192)
Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 8.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v7...v8)
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-version: '8'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-08 02:05:27 -04:00 |
|
dependabot[bot]
|
7e4bf7f8c2
|
chore(deps): bump github/codeql-action from 3.29.11 to 3.30.0 (#4181)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.11 to 3.30.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3c3833e0f8...2d92b76c45)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.30.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-09-02 00:26:33 -04:00 |
|
dependabot[bot]
|
26792fc12d
|
chore(deps): bump github/codeql-action from 3.29.10 to 3.29.11 (#4149)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.10 to 3.29.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](96f518a34f...3c3833e0f8)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.11
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-21 10:43:25 -04:00 |
|
dependabot[bot]
|
8e51e8d995
|
chore(deps): bump github/codeql-action from 3.29.9 to 3.29.10 (#4145)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.9 to 3.29.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](df559355d5...96f518a34f)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.10
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-18 15:29:36 -04:00 |
|
dependabot[bot]
|
0e669faecd
|
chore(deps): bump anchore/sbom-action from 0.20.4 to 0.20.5 (#4141)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.4 to 0.20.5.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](7b36ad622f...da167eac91)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-15 10:22:24 -04:00 |
|
dependabot[bot]
|
ab9db0024e
|
chore(deps): bump zizmorcore/zizmor-action from 0.1.1 to 0.1.2 (#4135)
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) from 0.1.1 to 0.1.2.
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](f52a838cfa...5ca5fc7a47)
---
updated-dependencies:
- dependency-name: zizmorcore/zizmor-action
dependency-version: 0.1.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-13 10:07:03 -04:00 |
|
dependabot[bot]
|
104df88143
|
chore(deps): bump github/codeql-action from 3.29.8 to 3.29.9 (#4134)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.8 to 3.29.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](76621b61de...df559355d5)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-12 18:23:39 +00:00 |
|
dependabot[bot]
|
6452a19009
|
chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#4130)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...08c6903cd8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 5.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-11 16:54:59 -04:00 |
|
dependabot[bot]
|
7b92913a00
|
chore(deps): bump github/codeql-action from 3.29.7 to 3.29.8 (#4124)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.7 to 3.29.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](51f77329af...76621b61de)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.8
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-08 13:35:35 -04:00 |
|
dependabot[bot]
|
d4d311155f
|
chore(deps): bump docker/login-action from 3.4.0 to 3.5.0 (#4115)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](74a5d14239...184bdaa072)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: 3.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-07 10:48:53 -04:00 |
|
dependabot[bot]
|
118f564cf3
|
chore(deps): bump actions/cache from 4.2.3 to 4.2.4 (#4119)
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](5a3ec84eff...0400d5f644)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: 4.2.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-07 10:47:40 -04:00 |
|
dependabot[bot]
|
b59c902996
|
chore(deps): bump actions/cache in /.github/actions/bootstrap (#4120)
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](5a3ec84eff...0400d5f644)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: 4.2.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-08-07 10:47:25 -04:00 |
|
dependabot[bot]
|
801b21bb37
|
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (#4096)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.4 to 3.29.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4e828ff8d4...51f77329af)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-30 14:29:07 -04:00 |
|
Alex Goodman
|
8a7302c5cf
|
migrate to get.anchore.io (#4095)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
|
2025-07-30 10:54:22 -04:00 |
|
dependabot[bot]
|
8b2c4a134e
|
chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (#4080)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.3 to 3.29.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](d6bbdef45e...4e828ff8d4)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-24 15:17:49 -04:00 |
|
dependabot[bot]
|
a192787d44
|
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (#4074)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.2 to 3.29.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](181d5eefc2...d6bbdef45e)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-22 09:49:43 -04:00 |
|
dependabot[bot]
|
d5a562c368
|
chore(deps): bump anchore/sbom-action from 0.20.2 to 0.20.4 (#4073)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.2 to 0.20.4.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](cee1b8e05a...7b36ad622f)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-22 09:49:40 -04:00 |
|
Christopher Angelo Phillips
|
6f36b586ba
|
chore: update release workflow to persist credentials for git tag step (#4069)
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
|
2025-07-21 19:23:14 +00:00 |
|
dependabot[bot]
|
af787d685c
|
chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#4066)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](398d4b0eee...d58896d6a1)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.9.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-21 13:06:59 -04:00 |
|
dependabot[bot]
|
0e5db45aad
|
chore(deps): bump marocchino/sticky-pull-request-comment (#4063)
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) from 2.9.3 to 2.9.4.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](d2ad0de260...773744901b)
---
updated-dependencies:
- dependency-name: marocchino/sticky-pull-request-comment
dependency-version: 2.9.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-17 09:27:02 -04:00 |
|
Will Murphy
|
9cda2de2ad
|
chore: lint gh actions with zizmor (#4062)
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
|
2025-07-16 17:12:38 -04:00 |
|
dependabot[bot]
|
9cbd52bdd7
|
chore(deps): bump anchore/sbom-action from 0.20.1 to 0.20.2 (#4048)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](9246b90769...cee1b8e05a)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-07-03 15:00:51 -04:00 |
|
dependabot[bot]
|
b0b10acb40
|
chore(deps): bump marocchino/sticky-pull-request-comment (#4019)
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) from 2.9.2 to 2.9.3.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](67d0dec7b0...d2ad0de260)
---
updated-dependencies:
- dependency-name: marocchino/sticky-pull-request-comment
dependency-version: 2.9.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-30 17:58:32 -04:00 |
|
dependabot[bot]
|
b90028bd1f
|
chore(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#4022)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.9.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-30 17:58:23 -04:00 |
|
dependabot[bot]
|
ba59f57bfe
|
chore(deps): bump github/codeql-action from 3.29.0 to 3.29.2 (#4039)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.0 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ce28f5bb42...181d5eefc2)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-30 17:17:20 -04:00 |
|
dependabot[bot]
|
b52b13c03c
|
chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#4015)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.2...v3.9.0)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.9.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-17 11:34:58 -04:00 |
|
dependabot[bot]
|
0b57d03958
|
chore(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1 (#4008)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](e11c554f70...9246b90769)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-version: 0.20.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-16 11:15:37 -04:00 |
|
dependabot[bot]
|
c19558dd73
|
chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0 (#4000)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.19 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](fca7ace96b...ce28f5bb42)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2025-06-12 10:37:53 -04:00 |
|
Michael Briley
|
868a6a7584
|
Harden Container Runtime with Non-Root User (#3941)
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update validations.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update Dockerfile
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update .goreleaser.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* Update .goreleaser.yaml
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
* use distroless/static-debian12:nonroot directly
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep manual manifest curation
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove qemu usage
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add smoke test for snapshot
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* split up manifests section with comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* correct ci step name
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix arch condition
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep path prefix
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Michael Briley <michael.briley937@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
|
2025-06-05 12:36:23 -04:00 |
|