dependabot[bot]
1545467ee7
Merge 54537057f0
into 0164c7e18d
2024-08-06 08:38:29 +00:00
dependabot[bot]
c8a1bd5589
Bump step-security/harden-runner from 2.9.0 to 2.9.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0d381219dd...5c7944e73c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 08:33:05 +00:00
dependabot[bot]
54537057f0
Bump docker/setup-buildx-action from 3.4.0 to 3.6.1
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.4.0 to 3.6.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4fd812986e...988b5a0280
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-30 08:46:44 +00:00
dependabot[bot]
55242a8a95
Bump docker/login-action from 3.2.0 to 3.3.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](0d4c9c5ea7...9780b0c442
)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 09:08:01 +00:00
dependabot[bot]
f318845a64
Bump step-security/harden-runner from 2.8.1 to 2.9.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](17d0e2bd7d...0d381219dd
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-19 08:10:54 +00:00
dependabot[bot]
f017e2141b
Bump docker/build-push-action from 6.4.0 to 6.4.1
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](a254f8ca60...1ca370b3a9
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-18 09:08:33 +00:00
dependabot[bot]
d5c9644bb6
Bump docker/build-push-action from 6.3.0 to 6.4.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1a162644f9...a254f8ca60
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-16 09:07:58 +00:00
dependabot[bot]
cb40eb9759
Bump docker/setup-buildx-action from 3.3.0 to 3.4.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](d70bba72b1...4fd812986e
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-04 08:34:56 +00:00
dependabot[bot]
f6a8b38a67
Bump docker/build-push-action from 6.2.0 to 6.3.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](15560696de...1a162644f9
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-03 08:32:27 +00:00
dependabot[bot]
537f026658
Bump docker/build-push-action from 6.1.0 to 6.2.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](31159d49c0...15560696de
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-27 08:12:43 +00:00
dependabot[bot]
19a66a644a
Bump docker/build-push-action from 6.0.1 to 6.1.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](94f8f8c2ee...31159d49c0
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-21 08:26:41 +00:00
dependabot[bot]
90d5ed8ee8
Bump docker/build-push-action from 6.0.0 to 6.0.1
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](c382f710d3...94f8f8c2ee
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-19 08:09:49 +00:00
dependabot[bot]
6e89b69571
Bump docker/build-push-action from 5.4.0 to 6.0.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.4.0 to 6.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](ca052bb54a...c382f710d3
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-18 08:39:55 +00:00
dependabot[bot]
d86e3a5443
Bump actions/checkout from 4.1.6 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 08:13:29 +00:00
374eb6bf53
Merge pull request #55 from wneessen/dependabot/github_actions/step-security/harden-runner-2.8.1
...
Bump step-security/harden-runner from 2.8.0 to 2.8.1
2024-06-10 10:59:49 +02:00
dependabot[bot]
7fc238ab99
Bump docker/build-push-action from 5.3.0 to 5.4.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](2cdde995de...ca052bb54a
)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 08:58:35 +00:00
dependabot[bot]
f328e6b367
Bump step-security/harden-runner from 2.8.0 to 2.8.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f086349bfa...17d0e2bd7d
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 08:58:30 +00:00
dependabot[bot]
de808b05f3
Bump docker/login-action from 3.1.0 to 3.2.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](e92390c5fb...0d4c9c5ea7
)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 08:14:13 +00:00
dependabot[bot]
cd649364d4
---
...
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-22 08:16:34 +00:00
dependabot[bot]
95d16edfff
Bump actions/checkout from 4.1.5 to 4.1.6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-17 08:58:40 +00:00
dependabot[bot]
21617455f2
Bump actions/checkout from 4.1.4 to 4.1.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-07 08:52:28 +00:00
dependabot[bot]
e42a66bdd6
Bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 08:34:21 +00:00
dependabot[bot]
7d6aae2ece
Bump actions/checkout from 4.1.2 to 4.1.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...0ad4b8fada
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-25 08:59:45 +00:00
dependabot[bot]
fea2280875
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](e1523de757...59acb6260d
)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-11 08:54:14 +00:00
dependabot[bot]
b80694f5df
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](2b51285047...d70bba72b1
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 09:08:12 +00:00
ddc62a9a04
Add CC0-1.0 license and update workflow files
...
A new file, LICENSES/CC0-1.0.txt, has been created to provide the Creative Commons Zero v1.0 Universal license for the project. Additionally, SPDX headers specifying the MIT license and copyright details have been added to each of the GitHub workflow files, enhancing the clarity and compliance of the project's license utilization.
2024-03-21 16:02:13 +01:00
42e89bc2bb
Implement security improvements and workflow updates
...
Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
2024-03-21 15:47:46 +01:00
f08e92fdd4
Create docker-publish.yml
2023-12-27 18:28:01 +01:00