Skip to content

chore(deps): Bump the actions group across 1 directory with 7 updates#958

Merged
poiana merged 1 commit intomainfrom
dependabot/github_actions/actions-0f985d369b
Apr 16, 2026
Merged

chore(deps): Bump the actions group across 1 directory with 7 updates#958
poiana merged 1 commit intomainfrom
dependabot/github_actions/actions-0f985d369b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps the actions group with 7 updates in the / directory:

Package From To
docker/login-action 4.0.0 4.1.0
aws-actions/configure-aws-credentials 6.0.0 6.1.0
aws-actions/amazon-ecr-login 2.1.0 2.1.2
docker/build-push-action 7.0.0 7.1.0
sigstore/cosign-installer 4.1.0 4.1.1
actions/setup-go 6.3.0 6.4.0
actions/upload-artifact 7.0.0 7.0.1

Updates docker/login-action from 4.0.0 to 4.1.0

Release notes

Sourced from docker/login-action's releases.

v4.1.0

Full Changelog: docker/login-action@v4.0.0...v4.1.0

Commits
  • 4907a6d Merge pull request #930 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 1e233e6 chore: update generated content
  • 6c24ead build(deps): bump the aws-sdk-dependencies group with 2 updates
  • ee034d7 Merge pull request #958 from docker/dependabot/npm_and_yarn/lodash-4.18.1
  • 1527209 Merge pull request #937 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • d39362a build(deps): bump lodash from 4.17.23 to 4.18.1
  • a6f092b chore: update generated content
  • 60953f0 build(deps): bump the proxy-agent-dependencies group with 2 updates
  • 62c6885 Merge pull request #936 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 102c0e6 chore: update generated content
  • Additional commits viewable in compare view

Updates aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.1.0

6.1.0 (2026-04-06)

Features

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

6.1.0 (2026-04-06)

Features

6.0.0 (2026-02-04)

⚠ BREAKING CHANGES

Features

Bug Fixes

  • properly output aws-account-id and authenticated-arn when using role-chaining (#1633) (7ceaf96)

5.1.1 (2025-11-24)

Miscellaneous Chores

5.1.0 (2025-10-06)

Features

Bug Fixes

5.0.0 (2025-09-03)

... (truncated)

Commits

Updates aws-actions/amazon-ecr-login from 2.1.0 to 2.1.2

Release notes

Sourced from aws-actions/amazon-ecr-login's releases.

v2.1.2

See the changelog for details about the changes included in this release.

v2.1.1

See the changelog for details about the changes included in this release.

Changelog

Sourced from aws-actions/amazon-ecr-login's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.1.2 (2026-04-01)

2.1.1 (2026-03-24)

Bug Fixes

  • prefer explicit env var credentials over Pod Identity (#953) (ecbbdc7)

2.1.0 (2026-03-19)

Features

2.0.2 (2026-03-13)

Bug Fixes

2.0.1 (2023-10-02)

2.0.0 (2023-10-02)

⚠ BREAKING CHANGES

  • The default value of the 'mask-password' input has been updated from false to true.

  • Treat maskPassword as false only if explicitly set to false

  • Add new-v2-release to README

Features

1.7.0 (2023-08-09)

Features

  • provide input to optionally mask output docker password (#491) (98f33d2)

... (truncated)

Commits
  • f2e9fc6 chore(release): 2.1.2
  • b5362e1 chore(deps-dev): bump eslint from 10.0.3 to 10.1.0 (#964)
  • 2096e5c chore: Update dist (#984)
  • ae31c19 chore(deps): bump @​aws-sdk/client-ecr from 3.1018.0 to 3.1021.0 (#977)
  • f63ff6a chore(deps): bump @​aws-sdk/credential-providers (#978)
  • 5b22aa2 chore: Update dist (#980)
  • 887bd54 chore(deps): bump @​aws-sdk/client-ecr-public from 3.1016.0 to 3.1021.0 (#976)
  • a080f59 chore: Update dist (#974)
  • 220b1c6 chore(deps): bump @​aws-sdk/client-ecr from 3.1011.0 to 3.1016.0 (#966)
  • 9e34c94 chore(deps): bump @​aws-sdk/credential-providers (#965)
  • Additional commits viewable in compare view

Updates docker/build-push-action from 7.0.0 to 7.1.0

Release notes

Sourced from docker/build-push-action's releases.

v7.1.0

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

Commits
  • bcafcac Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
  • 18e62f1 Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
  • 46580d2 chore: update generated content
  • 3f80b25 chore(deps): Bump lodash from 4.17.23 to 4.18.1
  • efeec95 Merge pull request #1505 from crazy-max/refactor-git-context
  • ddf04b0 Merge pull request #1511 from docker/dependabot/github_actions/crazy-max-dot-...
  • db08d97 chore(deps): Bump the crazy-max-dot-github group with 2 updates
  • ef1fb96 Merge pull request #1508 from docker/dependabot/github_actions/docker/login-a...
  • 2d8f2a1 chore: update generated content
  • 919ac7b fix test since secrets are not written to temp path anymore
  • Additional commits viewable in compare view

Updates sigstore/cosign-installer from 4.1.0 to 4.1.1

Release notes

Sourced from sigstore/cosign-installer's releases.

v4.1.1

What's Changed

Full Changelog: sigstore/cosign-installer@v4.1.0...v4.1.1

Commits

Updates actions/setup-go from 6.3.0 to 6.4.0

Release notes

Sourced from actions/setup-go's releases.

v6.4.0

What's Changed

Enhancement

Dependency update

Documentation update

New Contributors

Full Changelog: actions/setup-go@v6...v6.4.0

Commits

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the actions group across 1 directory with 7 updates
1737d07 
Bumps the actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [docker/login-action](https://github.com/docker/login-action) | `4.0.0` | `4.1.0` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.1.0` |
| [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login) | `2.1.0` | `2.1.2` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.1.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.0` | `4.1.1` |
| [actions/setup-go](https://github.com/actions/setup-go) | `6.3.0` | `6.4.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |



Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@b45d80f...4907a6d)

Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@8df5847...ec61189)

Updates `aws-actions/amazon-ecr-login` from 2.1.0 to 2.1.2
- [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases)
- [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md)
- [Commits](aws-actions/amazon-ecr-login@261fc3d...f2e9fc6)

Updates `docker/build-push-action` from 7.0.0 to 7.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@d08e5c3...bcafcac)

Updates `sigstore/cosign-installer` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@ba7bc0a...cad07c2)

Updates `actions/setup-go` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@4b73464...4a36011)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@bbbca2d...043fb46)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: aws-actions/amazon-ecr-login
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: docker/build-push-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: actions/setup-go
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 13, 2026
@poiana poiana requested review from leogr and maxgio92 April 13, 2026 05:05
@poiana poiana added the size/M label Apr 13, 2026
alacuku
alacuku approved these changes Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@alacuku alacuku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@github-project-automation github-project-automation bot moved this from Todo to In progress in Falco Roadmap Apr 16, 2026
@poiana poiana added the lgtm label Apr 16, 2026
@poiana
Copy link
Copy Markdown
Contributor

poiana commented Apr 16, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alacuku, dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana
Copy link
Copy Markdown
Contributor

poiana commented Apr 16, 2026

LGTM label has been added.

DetailsGit tree hash: 082a7083124ac8b16f0d0388529f1ad0c7ab902f

@poiana poiana merged commit 94becdb into main Apr 16, 2026
17 checks passed
@poiana poiana deleted the dependabot/github_actions/actions-0f985d369b branch April 16, 2026 19:33
@github-project-automation github-project-automation bot moved this from In progress to Done in Falco Roadmap Apr 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alacuku alacuku alacuku approved these changes

@leogr leogr Awaiting requested review from leogr

@maxgio92 maxgio92 Awaiting requested review from maxgio92

Assignees

@alacuku alacuku

Labels

approved dco-signoff: yes dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code lgtm size/M

Projects

Falco Roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@poiana @alacuku