Commit graph

34 commits

Author SHA1 Message Date
dependabot[bot]
31a77e0290
Bump step-security/harden-runner from 2.9.1 to 2.10.1
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](5c7944e73c...91182cccc0)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-11 09:00:59 +00:00
dependabot[bot]
3d7847c202
Bump docker/build-push-action from 6.6.1 to 6.7.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.6.1 to 6.7.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](16ebe778df...5cd11c3a4c)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-14 08:35:59 +00:00
af5277613d
Merge pull request #98 from wneessen/dependabot/github_actions/docker/build-push-action-6.6.1
Bump docker/build-push-action from 6.6.0 to 6.6.1
2024-08-08 10:38:56 +02:00
dependabot[bot]
d9166f9012
Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](59acb6260d...4959ce089c)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-08 08:37:55 +00:00
dependabot[bot]
9339d3bc6e
Bump docker/build-push-action from 6.6.0 to 6.6.1
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.6.0 to 6.6.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](4f7cdeb0f0...16ebe778df)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-08 08:37:52 +00:00
cadf113a7a
Merge pull request #90 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.6.1
Bump docker/setup-buildx-action from 3.4.0 to 3.6.1
2024-08-07 11:49:44 +02:00
dependabot[bot]
f9314be9a2
Bump docker/build-push-action from 6.4.1 to 6.6.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.4.1 to 6.6.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1ca370b3a9...4f7cdeb0f0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 08:51:34 +00:00
dependabot[bot]
c8a1bd5589
Bump step-security/harden-runner from 2.9.0 to 2.9.1
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](0d381219dd...5c7944e73c)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 08:33:05 +00:00
dependabot[bot]
54537057f0
Bump docker/setup-buildx-action from 3.4.0 to 3.6.1
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.4.0 to 3.6.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](4fd812986e...988b5a0280)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-30 08:46:44 +00:00
dependabot[bot]
55242a8a95
Bump docker/login-action from 3.2.0 to 3.3.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](0d4c9c5ea7...9780b0c442)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 09:08:01 +00:00
dependabot[bot]
f318845a64
Bump step-security/harden-runner from 2.8.1 to 2.9.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](17d0e2bd7d...0d381219dd)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-19 08:10:54 +00:00
dependabot[bot]
f017e2141b
Bump docker/build-push-action from 6.4.0 to 6.4.1
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](a254f8ca60...1ca370b3a9)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-18 09:08:33 +00:00
dependabot[bot]
d5c9644bb6
Bump docker/build-push-action from 6.3.0 to 6.4.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1a162644f9...a254f8ca60)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-16 09:07:58 +00:00
dependabot[bot]
cb40eb9759
Bump docker/setup-buildx-action from 3.3.0 to 3.4.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](d70bba72b1...4fd812986e)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-04 08:34:56 +00:00
dependabot[bot]
f6a8b38a67
Bump docker/build-push-action from 6.2.0 to 6.3.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](15560696de...1a162644f9)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-03 08:32:27 +00:00
dependabot[bot]
537f026658
Bump docker/build-push-action from 6.1.0 to 6.2.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](31159d49c0...15560696de)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-27 08:12:43 +00:00
dependabot[bot]
19a66a644a
Bump docker/build-push-action from 6.0.1 to 6.1.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](94f8f8c2ee...31159d49c0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-21 08:26:41 +00:00
dependabot[bot]
90d5ed8ee8
Bump docker/build-push-action from 6.0.0 to 6.0.1
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](c382f710d3...94f8f8c2ee)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-19 08:09:49 +00:00
dependabot[bot]
6e89b69571
Bump docker/build-push-action from 5.4.0 to 6.0.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.4.0 to 6.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ca052bb54a...c382f710d3)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-18 08:39:55 +00:00
dependabot[bot]
d86e3a5443
Bump actions/checkout from 4.1.6 to 4.1.7
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 08:13:29 +00:00
374eb6bf53
Merge pull request #55 from wneessen/dependabot/github_actions/step-security/harden-runner-2.8.1
Bump step-security/harden-runner from 2.8.0 to 2.8.1
2024-06-10 10:59:49 +02:00
dependabot[bot]
7fc238ab99
Bump docker/build-push-action from 5.3.0 to 5.4.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](2cdde995de...ca052bb54a)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 08:58:35 +00:00
dependabot[bot]
f328e6b367
Bump step-security/harden-runner from 2.8.0 to 2.8.1
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](f086349bfa...17d0e2bd7d)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 08:58:30 +00:00
dependabot[bot]
de808b05f3
Bump docker/login-action from 3.1.0 to 3.2.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](e92390c5fb...0d4c9c5ea7)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 08:14:13 +00:00
dependabot[bot]
cd649364d4
---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-22 08:16:34 +00:00
dependabot[bot]
95d16edfff
Bump actions/checkout from 4.1.5 to 4.1.6
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](44c2b7a8a4...a5ac7e51b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-17 08:58:40 +00:00
dependabot[bot]
21617455f2
Bump actions/checkout from 4.1.4 to 4.1.5
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...44c2b7a8a4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-07 08:52:28 +00:00
dependabot[bot]
e42a66bdd6
Bump step-security/harden-runner from 2.7.0 to 2.7.1
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](63c24ba6bd...a4aa98b93c)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 08:34:21 +00:00
dependabot[bot]
7d6aae2ece
Bump actions/checkout from 4.1.2 to 4.1.4
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](9bb56186c3...0ad4b8fada)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-25 08:59:45 +00:00
dependabot[bot]
fea2280875
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e1523de757...59acb6260d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-11 08:54:14 +00:00
dependabot[bot]
b80694f5df
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](2b51285047...d70bba72b1)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 09:08:12 +00:00
ddc62a9a04
Add CC0-1.0 license and update workflow files
A new file, LICENSES/CC0-1.0.txt, has been created to provide the Creative Commons Zero v1.0 Universal license for the project. Additionally, SPDX headers specifying the MIT license and copyright details have been added to each of the GitHub workflow files, enhancing the clarity and compliance of the project's license utilization.
2024-03-21 16:02:13 +01:00
42e89bc2bb
Implement security improvements and workflow updates
Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
2024-03-21 15:47:46 +01:00
f08e92fdd4
Create docker-publish.yml 2023-12-27 18:28:01 +01:00