dependabot[bot]
bf6163c8bf
Bump docker/metadata-action from 5.9.0 to 5.10.0 ( #19246 )
...
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action ) from
5.9.0 to 5.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases ">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.10.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.66.0 to 0.68.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/559 ">docker/metadata-action#559</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/569 ">docker/metadata-action#569</a></li>
<li>Bump js-yaml from 3.14.1 to 3.14.2 in <a
href="https://redirect.github.com/docker/metadata-action/pull/564 ">docker/metadata-action#564</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0 ">https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c299e40c65https://redirect.github.com/docker/metadata-action/issues/569 ">#569</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="f015d7914a121bcc2ca8f7b6bf41b9https://redirect.github.com/docker/metadata-action/issues/564 ">#564</a>
from docker/dependabot/npm_and_yarn/js-yaml-3.14.2</li>
<li><a
href="0b95c6b860https://redirect.github.com/docker/metadata-action/issues/565 ">#565</a>
from docker/dependabot/github_actions/actions/checkout-6</li>
<li><a
href="17f70d7525https://redirect.github.com/docker/metadata-action/issues/568 ">#568</a>
from motoki317/docs/fix-to-24h-schedule-pattern</li>
<li><a
href="afd7e6d7bb602aff8e11aecb1a49a58d8c7c12f7https://redirect.github.com/docker/metadata-action/issues/559 ">#559</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="318604b99e...c299e40c65https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.9.0&new-version=5.10.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 15:38:50 +00:00
dependabot[bot]
9fb2b1731b
Bump actions/checkout from 5.0.0 to 6.0.0 ( #19213 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0
to 6.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc "><code>@salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248 ">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286 ">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298 ">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311 ">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0 ">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0 </a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0 ">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action ">Docker
container action</a> scenarios.</p>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301 ">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1 ">https://github.com/actions/checkout/compare/v5...v5.0.1 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md ">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286 ">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc "><code>@salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248 ">actions/checkout#2248</a></li>
</ul>
<h2>V5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301 ">actions/checkout#2301</a></li>
</ul>
<h2>V5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226 ">actions/checkout#2226</a></li>
</ul>
<h2>V4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305 ">actions/checkout#2305</a></li>
</ul>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss "><code>@motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971 ">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail "><code>@mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977 ">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells "><code>@benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043 ">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044 ">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89 "><code>@nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194 ">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang "><code>@TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224 ">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236 ">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3 "><code>@jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941 ">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3 "><code>@jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946 ">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy "><code>@orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924 ">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome "><code>@lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180 ">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777 ">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872 ">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739 ">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697 ">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy "><code>@orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774 ">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3 "><code>@jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776 ">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732 ">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703 ">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694 ">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696 ">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695 ">actions/checkout#1695</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1af3b93b68https://redirect.github.com/actions/checkout/issues/2311 ">#2311</a>)</li>
<li><a
href="71cf2267d8https://redirect.github.com/actions/checkout/issues/2298 ">#2298</a>)</li>
<li><a
href="069c695914https://redirect.github.com/actions/checkout/issues/2286 ">#2286</a>)</li>
<li><a
href="ff7abcd0c3https://redirect.github.com/actions/checkout/issues/2248 ">#2248</a>)</li>
<li>See full diff in <a
href="08c6903cd8...1af3b93b68https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=5.0.0&new-version=6.0.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 16:37:55 +00:00
dependabot[bot]
a10e2386f1
Bump docker/metadata-action from 5.8.0 to 5.9.0 ( #19161 )
...
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action ) from
5.8.0 to 5.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases ">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.9.0</h2>
<ul>
<li>Add <code>tag-names</code> output to return tag names without image
base name by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/553 ">docker/metadata-action#553</a></li>
<li>Bump <code>@babel/runtime-corejs3</code> from 7.14.7 to 7.28.2 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/539 ">docker/metadata-action#539</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.66.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/555 ">docker/metadata-action#555</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/metadata-action/pull/540 ">docker/metadata-action#540</a></li>
<li>Bump csv-parse from 5.6.0 to 6.1.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/532 ">docker/metadata-action#532</a></li>
<li>Bump semver from 7.7.2 to 7.7.3 in in <a
href="https://redirect.github.com/docker/metadata-action/pull/554 ">docker/metadata-action#554</a></li>
<li>Bump tmp from 0.2.3 to 0.2.5 in <a
href="https://redirect.github.com/docker/metadata-action/pull/541 ">docker/metadata-action#541</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0 ">https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="318604b99ehttps://redirect.github.com/docker/metadata-action/issues/539 ">#539</a>
from docker/dependabot/npm_and_yarn/babel/runtime-cor...</li>
<li><a
href="49c0a55d55486229e3f4https://redirect.github.com/docker/metadata-action/issues/558 ">#558</a>
from crazy-max/fix-dist</li>
<li><a
href="f02aeab1eebeafb973053ff819c6c5https://redirect.github.com/docker/metadata-action/issues/557 ">#557</a>
from crazy-max/yarn-4.9.2</li>
<li><a
href="05838e976943fa4ac0d3https://redirect.github.com/docker/metadata-action/issues/556 ">#556</a>
from crazy-max/dev-deps</li>
<li><a
href="b3120f2f181f469d21eec1e51972af...318604b99ehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.8.0&new-version=5.9.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-10 22:26:59 +00:00
dependabot[bot]
32998d07d2
Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 ( #19075 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-29 15:39:07 +00:00
dependabot[bot]
e23e7ae48f
Bump actions/upload-artifact from 4 to 5 ( #19106 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-28 11:56:29 +00:00
dependabot[bot]
cb0ed5ec76
Bump actions/download-artifact from 5.0.0 to 6.0.0 ( #19102 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-10-28 11:53:36 +00:00
dependabot[bot]
265e5fe384
Bump docker/login-action from 3.5.0 to 3.6.0 ( #18978 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-29 17:01:32 +01:00
dependabot[bot]
b2592667a4
Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 ( #18917 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 17:26:04 +01:00
dependabot[bot]
499f947c67
Bump actions/checkout from 4.3.0 to 5.0.0 ( #18834 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-27 07:47:19 +01:00
dependabot[bot]
d527c794fb
Bump docker/login-action from 3.4.0 to 3.5.0 ( #18835 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-27 06:52:28 +01:00
dependabot[bot]
9135d78b88
Bump docker/metadata-action from 5.7.0 to 5.8.0 ( #18773 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-12 16:45:05 +01:00
dependabot[bot]
09aa3fc270
Bump actions/download-artifact from 4.3.0 to 5.0.0 ( #18801 )
2025-08-12 16:35:55 +01:00
dependabot[bot]
073ce74464
Bump actions/checkout from 4.2.2 to 4.3.0 ( #18800 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-12 14:55:01 +01:00
dependabot[bot]
3db73b974f
Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 ( #18708 )
2025-07-22 11:56:32 +01:00
Quentin Gliech
9b86458900
Speed up the building of Docker images using ARM CI workers ( #18620 )
...
This splits the building of docker images in 2 jobs, one for each
platform, using the native ARM runners for arm64.
The tricky part here is to get back a nice multi-arch manifest.
Previously, you'd do that by pushing each platform image in two distinct
tags, then referencing them in a multi-arch manifest. Nowadays, it's
possible to push images by their digest only, then creating the manifest
for those pushed digests separately
This is inspired by the Docker docs on how to distribute multi-platform
image builds:
https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners
`ghcr.io/element-hq/synapse:sha-c733dd6` is an example image that got
built by this workflow (there is a temporary sha-* tag on
workflow_dispatch runs to help trying out the workflow)
I also had to make sure we sign the manifests correctly:
```
$ cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github.com/element-hq/synapse/.github/workflows/docker.yml @.*' ghcr.io/element-hq/synapse:sha-c733dd6
Verification for ghcr.io/element-hq/synapse:sha-c733dd6 --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The code-signing certificate was verified using trusted certificate authority certificates
```
And the numbers aaaaare 🥁
-
[before](https://github.com/element-hq/synapse/actions/runs/16118229296/job/45477093703 ):
30 minutes
-
[after](https://github.com/element-hq/synapse/actions/runs/16021743575 ):
4 minutes
---------
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com >
2025-07-08 10:53:12 +00:00
dependabot[bot]
2372f3e6b7
Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 ( #18608 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 3.9.0 to 3.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.1</h2>
<h2>What's Changed</h2>
<ul>
<li>default action install to use release v2.5.1 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/193 ">sigstore/cosign-installer#193</a></li>
<li>default cosign to v2.5.2 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/194 ">sigstore/cosign-installer#194</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1 ">https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="398d4b0eeehttps://redirect.github.com/sigstore/cosign-installer/issues/194 ">#194</a>)</li>
<li><a
href="84f54a2bcdhttps://redirect.github.com/sigstore/cosign-installer/issues/193 ">#193</a>)</li>
<li>See full diff in <a
href="fb28c2b633...398d4b0eeehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.9.0&new-version=3.9.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-02 18:22:41 +02:00
dependabot[bot]
b088194f48
Bump docker/build-push-action from 6.17.0 to 6.18.0 ( #18497 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-25 17:12:24 +01:00
dependabot[bot]
99474e7fdf
Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 ( #18588 )
2025-06-25 15:49:25 +01:00
dependabot[bot]
ec13ed4169
Bump docker/setup-buildx-action from 3.10.0 to 3.11.1 ( #18587 )
2025-06-25 15:46:10 +01:00
dependabot[bot]
17e6b32966
Bump docker/build-push-action from 6.16.0 to 6.17.0 ( #18449 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-19 13:07:24 +01:00
dependabot[bot]
7d4c3b64e3
Bump docker/build-push-action from 6.15.0 to 6.16.0 ( #18397 )
...
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action )
from 6.15.0 to 6.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases ">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.16.0</h2>
<ul>
<li>Handle no default attestations env var by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1343 ">docker/build-push-action#1343</a></li>
<li>Only print secret keys in build summary output by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1353 ">docker/build-push-action#1353</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.56.0 to 0.59.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1352 ">docker/build-push-action#1352</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0 ">https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14487ce63chttps://redirect.github.com/docker/build-push-action/issues/1343 ">#1343</a>
from crazy-max/fix-no-default-attest</li>
<li><a
href="0ec91264d8https://redirect.github.com/docker/build-push-action/issues/1366 ">#1366</a>
from crazy-max/pr-assign-author</li>
<li><a
href="b749522b90c566248492https://redirect.github.com/docker/build-push-action/issues/1363 ">#1363</a>
from crazy-max/fix-codecov</li>
<li><a
href="13275dd76e67dc78bbafhttps://redirect.github.com/docker/build-push-action/issues/1361 ">#1361</a>
from mschoettle/patch-1</li>
<li><a
href="07605044371c198f4467288d9e2e4a88844b95d8https://redirect.github.com/docker/build-push-action/issues/1353 ">#1353</a>
from crazy-max/summary-secret-keys</li>
<li>Additional commits viewable in <a
href="471d1dc4e0...14487ce63chttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.15.0&new-version=6.16.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-19 09:51:52 +01:00
dependabot[bot]
1482ad1917
Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 ( #18366 )
2025-04-29 10:05:43 +01:00
Andrew Morgan
51deadec41
Pin our GitHub Actions dependencies ( #18255 )
...
After the [recent supply chain attack](https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup )
in `tj-actions/changed-files` and actions based on it, it's become clear
that relying on git tags to pin our dependencies is not enough (as tags
can simply be replaced). Therefore we need to switch to hashes.
Dependabot should continue to update these dependencies for us.
Best reviewed commit-by-commit. Though if CI passes, we're *probably*
fine.
2025-03-19 14:16:04 +00:00
dependabot[bot]
805e8705c7
Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 ( #18185 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 3.8.0 to 3.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>use cosign 2.4.3 and other updates by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/182 ">sigstore/cosign-installer#182</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1 ">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d7d6bc7722https://redirect.github.com/sigstore/cosign-installer/issues/182 ">#182</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.8.0...v3.8.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-24 12:27:56 +00:00
dependabot[bot]
fe3f462b79
Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 ( #18147 )
2025-02-12 13:30:36 +00:00
Till
6c4037dcf3
Downgrade ubuntu to 22.04 when building docker images ( #18026 )
...
As currently all docker builds are failing.
https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/
https://github.com/actions/runner-images/issues/10636
2024-12-11 18:27:56 +01:00
dependabot[bot]
f40641c29b
Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 ( #17798 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-08 14:56:15 +01:00
dependabot[bot]
a640b318df
Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 ( #17549 )
2024-08-12 14:31:34 +01:00
dependabot[bot]
d17d931a53
Bump docker/build-push-action from 5 to 6 ( #17312 )
2024-06-18 09:57:58 +01:00
dependabot[bot]
14e9ab19be
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 ( #17088 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 3.4.0 to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/157 ">sigstore/cosign-installer#157</a></li>
<li>use go 1.22 now by <a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/160 ">sigstore/cosign-installer#160</a></li>
<li>bump default version to v2.2.4, prep for v3.5.0 release by <a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/159 ">sigstore/cosign-installer#159</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0 ">https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="59acb6260dhttps://redirect.github.com/sigstore/cosign-installer/issues/159 ">#159</a>)</li>
<li><a
href="22be4ce325https://redirect.github.com/sigstore/cosign-installer/issues/160 ">#160</a>)</li>
<li><a
href="162dfdf7b9https://redirect.github.com/sigstore/cosign-installer/issues/157 ">#157</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19 09:42:35 +01:00
dependabot[bot]
d2674bacdb
Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 ( #16890 )
2024-02-06 09:17:42 +00:00
Gaël Goinvic
9ee3db1de5
Implement cosign on docker image ( #16774 )
...
Signed-off-by: Gaël Goinvic <gaelg@element.io >
2024-01-04 11:49:33 +00:00
Erik Johnston
8613f7693e
More renaming
2023-12-13 15:41:11 +00:00
dependabot[bot]
139a24de9e
Bump actions/checkout from 3 to 4 ( #16250 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-25 11:39:54 -04:00
dependabot[bot]
a40f7724ff
Bump docker/setup-buildx-action from 2 to 3 ( #16375 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-25 11:34:16 +01:00
dependabot[bot]
ab5f4f906d
Bump docker/login-action from 2 to 3 ( #16339 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:21:14 +01:00
dependabot[bot]
47f9837008
Bump docker/setup-qemu-action from 2 to 3 ( #16338 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:19:05 +01:00
dependabot[bot]
d2eacfe051
Bump docker/build-push-action from 4 to 5 ( #16336 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:17:48 +01:00
David Robertson
f9f3e89354
Attempt to fix labelling in docker workflow ( #16009 )
2023-07-27 13:47:48 +01:00
Mo Balaa
96529c4236
Add synapse version as Docker container label ( #15972 )
...
Co-authored-by: Mo Balaa <balaa@fractalnetworks.co >
2023-07-26 16:16:12 +00:00
reivilibre
63e25010d6
Mirror images to the GitHub Container Registry (ghcr.io/matrix-org/synapse). ( #15281 )
2023-03-20 16:28:29 +00:00
dependabot[bot]
bb675913f0
Bump docker/build-push-action from 3 to 4 ( #14952 )
...
* Bump docker/build-push-action from 3 to 4
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Changelog
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-02-01 20:06:28 +00:00
Erik Johnston
6e0dde3215
Revert "Disable push of docker images"
...
This reverts commit f3f303aa22
2022-10-14 10:50:24 +01:00
Erik Johnston
424d1d28cc
Fix docker workflow
2022-10-14 09:57:31 +01:00
Erik Johnston
f3f303aa22
Disable push of docker images
2022-10-14 09:54:56 +01:00
Erik Johnston
29ee4b6698
Fix docker build OOMing in CI for arm64 builds ( #14173 )
...
Co-authored-by: David Robertson <davidr@element.io >
2022-10-13 18:16:21 +00:00
dependabot[bot]
d42541733d
Bump docker/login-action from 1 to 2 ( #13978 )
...
* Bump docker/login-action from 1 to 2
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Changelog
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2022-10-03 17:32:48 +01:00
dependabot[bot]
4cceb6ba66
Bump docker/build-push-action from 2 to 3 ( #14022 )
...
* Bump docker/build-push-action from 2 to 3
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Changelog
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Robertson <davidr@element.io >
2022-10-03 17:15:27 +01:00
dependabot[bot]
6c85796769
Bump docker/setup-qemu-action from 1 to 2 ( #14019 )
...
* Bump docker/setup-qemu-action from 1 to 2
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Changelog
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Robertson <davidr@element.io >
2022-10-03 16:07:39 +01:00
dependabot[bot]
a52d27a68b
Bump docker/setup-buildx-action from 1 to 2 ( #14015 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Robertson <davidr@element.io >
2022-10-03 14:13:15 +00:00
