Bump the minor-actions-dependencies group with 3 updates #2
+3
−3
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dependabot
bot
added
dependencies
dependabot
bot
force-pushed
the
dependabot/github_actions/minor-actions-dependencies-3dc54d4c7f
branch
2 times, most recently
from
1b39b54 to
cad6eb9
Compare
dependabot
bot
force-pushed
the
dependabot/github_actions/minor-actions-dependencies-3dc54d4c7f
branch
from
cad6eb9 to
76732ab
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| # Once published, the packages are scoped to the account defined here. | ||
| - name: Log in to the ghcr.io container registry | ||
| uses: docker/login-action@v3.3.0 | ||
| uses: docker/login-action@v3.7.0 |
There was a problem hiding this comment.
Version mismatch: v3.7.0 instead of documented v3.6.0
High Severity
The docker/login-action version in the diff is v3.7.0, but the PR description states it should be updated to v3.6.0. The release notes included in the PR only document versions up to v3.6.0, suggesting v3.7.0 may not exist. If this version doesn't exist, the workflow will fail when GitHub Actions attempts to resolve the action reference.
Bumps the minor-actions-dependencies group with 3 updates: [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action), [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action). Updates `actions/publish-immutable-action` from 0.0.3 to 0.0.4 - [Release notes](https://github.com/actions/publish-immutable-action/releases) - [Commits](actions/publish-immutable-action@0.0.3...v0.0.4) Updates `docker/login-action` from 3.3.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3.3.0...v3.6.0) Updates `docker/build-push-action` from 6.5.0 to 6.18.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6.5.0...v6.18.0) --- updated-dependencies: - dependency-name: actions/publish-immutable-action dependency-version: 0.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-actions-dependencies - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-actions-dependencies - dependency-name: docker/build-push-action dependency-version: 6.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-actions-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/github_actions/minor-actions-dependencies-3dc54d4c7f
branch
from
76732ab to
69eb97f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the minor-actions-dependencies group with 3 updates: actions/publish-immutable-action, docker/login-action and docker/build-push-action.
Updates
actions/publish-immutable-actionfrom 0.0.3 to 0.0.4Release notes
Sourced from actions/publish-immutable-action's releases.
Commits
Updates
docker/login-actionfrom 3.3.0 to 3.6.0Release notes
Sourced from docker/login-action's releases.
Commits
5e57cd1Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...97e3143chore: update generated content3a0796bbuild(deps): bump the aws-sdk-dependencies group with 2 updates5b7b28bMerge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...abc9fb3chore: update generated contentd468688build(deps): bump the aws-sdk-dependencies group with 2 updatesa99b2f8Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...0d7fae8chore: update generated content9832253build(deps): bump@docker/actions-toolkitfrom 0.62.1 to 0.63.009e05bbMerge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4Updates
docker/build-push-actionfrom 6.5.0 to 6.18.0Release notes
Sourced from docker/build-push-action's releases.
... (truncated)
Commits
2634353Merge pull request #1381 from docker/dependabot/npm_and_yarn/docker/actions-t...c0432d2chore: update generated content0bb1f27set builder driver and endpoint attributes for dbc summary support5f9dbf9chore(deps): Bump@docker/actions-toolkitfrom 0.61.0 to 0.62.10788c44Merge pull request #1375 from crazy-max/remove-gcraa179cae2e: remove GCR1dc7386Merge pull request #1364 from crazy-max/history-export-cmd9c9803fchore: update generated contentdb1f6c4DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export721e8c7Bump@docker/actions-toolkitfrom 0.59.0 to 0.61.0You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsNote
Low Risk
Version-only updates to CI workflows; risk is limited to potential behavior changes in the upstream actions affecting publishing/build steps.
Overview
Updates workflow action versions used for release publishing and container build/push.
Specifically bumps
actions/publish-immutable-actiontov0.0.4,docker/login-actiontov3.7.0, anddocker/build-push-actiontov6.18.0with no logic changes to the workflows beyond version pin updates.Written by Cursor Bugbot for commit 69eb97f. This will update automatically on new commits. Configure here.