docker/actions-toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,783 Commits 1 Branch 131 Tags
v0.73.0
Commit Graph

1783 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
CrazyMax
ba992bb822 Merge pull request #933 from crazy-max/sigstore-test-sign
Some checks failed
publish / publish (push) Has been cancelled
Details 
sigstore: test signAttestationManifests
v0.73.0 		2026-01-13 15:07:08 +01:00
CrazyMax
345531d0a4 sigstore: test signAttestationManifests 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-13 14:56:12 +01:00
CrazyMax
2e620f9c90 Merge pull request #932 from crazy-max/sigstore-verifyimage 
sigstore: add function to verify image attestations
 2026-01-13 14:50:59 +01:00
CrazyMax
0162b2cf8b cosign: clear errors if manifest or bundle payload found 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-13 13:25:39 +01:00
CrazyMax
7397cfe37c sigstore: add function to verify image attestations 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-13 13:21:55 +01:00
CrazyMax
a3d5eee63a Merge pull request #928 from docker/bot/cosign-releases-json 
Update `.github/cosign-releases.json`
 2026-01-12 14:18:20 +01:00
crazy-max
85c3d8b7f3 github: update .github/cosign-releases.json 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-10 00:13:01 +00:00
CrazyMax
22773fa848 Merge pull request #927 from docker/bot/docker-releases-json 
Update `.github/docker-releases.json`
 2026-01-09 13:16:03 +01:00
crazy-max
cbf7323bc1 github: update .github/docker-releases.json 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-09 12:14:24 +00:00
CrazyMax
382ab4c9ac Merge pull request #924 from docker/dependabot/npm_and_yarn/actions/tool-cache-3.0.0 
build(deps): bump @actions/tool-cache from 2.0.2 to 3.0.0
 2026-01-08 16:33:06 +01:00
CrazyMax
b0b34198c4 Merge pull request #925 from docker/dependabot/npm_and_yarn/actions/cache-5.0.2 
build(deps): bump @actions/cache from 5.0.1 to 5.0.2
 2026-01-08 16:30:42 +01:00
dependabot[bot]
842eaf5ac0 build(deps): bump @actions/cache from 5.0.1 to 5.0.2 
Bumps [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache) from 5.0.1 to 5.0.2.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache)

---
updated-dependencies:
- dependency-name: "@actions/cache"
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 15:21:39 +00:00
CrazyMax
2f0f57f46e Merge pull request #926 from docker/dependabot/npm_and_yarn/actions/artifact-5.0.2 
build(deps): bump @actions/artifact from 5.0.1 to 5.0.2
 2026-01-08 16:19:26 +01:00
dependabot[bot]
4f8b9ae301 build(deps): bump @actions/tool-cache from 2.0.2 to 3.0.0 
Bumps [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache) from 2.0.2 to 3.0.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache)

---
updated-dependencies:
- dependency-name: "@actions/tool-cache"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 15:12:22 +00:00
dependabot[bot]
0aaa94bdee build(deps): bump @actions/artifact from 5.0.1 to 5.0.2 
Bumps [@actions/artifact](https://github.com/actions/toolkit/tree/HEAD/packages/artifact) from 5.0.1 to 5.0.2.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/artifact/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/artifact)

---
updated-dependencies:
- dependency-name: "@actions/artifact"
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 15:12:07 +00:00
CrazyMax
654afbf8c5 Merge pull request #922 from docker/dependabot/npm_and_yarn/actions/core-2.0.2 
build(deps): bump @actions/core from 2.0.1 to 2.0.2
 2026-01-08 16:09:49 +01:00
CrazyMax
d256fc587d Merge pull request #923 from docker/dependabot/npm_and_yarn/actions/github-7.0.0 
build(deps): bump @actions/github from 6.0.1 to 7.0.0
 2026-01-08 16:08:23 +01:00
dependabot[bot]
ca8ad9e7ab build(deps): bump @actions/github from 6.0.1 to 7.0.0 
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 6.0.1 to 7.0.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 14:53:30 +00:00
dependabot[bot]
53aedd9542 build(deps): bump @actions/core from 2.0.1 to 2.0.2 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 2.0.1 to 2.0.2.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 2.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 14:53:07 +00:00
CrazyMax
01fb6c8d3b Merge pull request #921 from docker/dependabot/npm_and_yarn/actions/http-client-3.0.1 
build(deps): bump @actions/http-client from 3.0.0 to 3.0.1
 2026-01-08 10:28:17 +01:00
dependabot[bot]
6439a13308 build(deps): bump @actions/http-client from 3.0.0 to 3.0.1 
Bumps [@actions/http-client](https://github.com/actions/toolkit/tree/HEAD/packages/http-client) from 3.0.0 to 3.0.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/http-client/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/http-client)

---
updated-dependencies:
- dependency-name: "@actions/http-client"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 01:10:26 +00:00
CrazyMax
a6ccf4cb79 Merge pull request #919 from crazy-max/fix-publish-workflow 
ci(publish): fix permissions to create GitHub Release
 2026-01-07 17:17:31 +01:00
CrazyMax
333909f560 Merge pull request #920 from crazy-max/buildkit-0.26.3 
update buildkit to 0.26.3
 2026-01-05 16:08:22 +01:00
CrazyMax
0b7584385a update buildkit to 0.26.3 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-05 14:58:42 +01:00
CrazyMax
3a94f7311f ci(publish): fix permissions to create GitHub Release 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-05 14:47:21 +01:00
CrazyMax
f2404dca2f Merge pull request #918 from crazy-max/isolated-modules
Some checks failed
publish / publish (push) Has been cancelled
Details 
set isolatedModules=true to fix ts-jest TS151002 warning
v0.72.0 		2026-01-05 13:58:14 +01:00
CrazyMax
8bae8c963f Merge pull request #913 from docker/dependabot/npm_and_yarn/sigstore/verify-3.1.0 
build(deps): bump @sigstore/verify from 3.0.0 to 3.1.0
 2026-01-05 13:46:58 +01:00
CrazyMax
c00b0d2393 set isolatedModules=true to fix ts-jest TS151002 warning 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-05 13:45:55 +01:00
dependabot[bot]
f861f8df56 build(deps): bump @sigstore/verify from 3.0.0 to 3.1.0 
Bumps [@sigstore/verify](https://github.com/sigstore/sigstore-js) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/verify@3.0.0...sigstore@3.1.0)

---
updated-dependencies:
- dependency-name: "@sigstore/verify"
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-05 11:05:33 +00:00
CrazyMax
7b8ae12eb0 Merge pull request #917 from crazy-max/update-sigstore-sign 
update @sigstore/sign to 4.1.0
 2026-01-05 12:03:24 +01:00
CrazyMax
10fbe0d8d4 update @sigstore/sign to 4.1.0 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-05 10:48:28 +01:00
CrazyMax
8ba5f4ae6f enable Node 16–style ESM resolution 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-01-05 10:48:28 +01:00
CrazyMax
fcb1e5a298 Merge pull request #914 from docker/dependabot/npm_and_yarn/sigstore/tuf-4.0.1 
build(deps): bump @sigstore/tuf from 4.0.0 to 4.0.1
 2026-01-05 10:02:48 +01:00
CrazyMax
459eee50e8 Merge pull request #916 from docker/bot/undock-releases-json 
Update `.github/undock-releases.json`
 2025-12-31 23:47:14 +01:00
crazy-max
9c67bc4427 github: update .github/undock-releases.json 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-31 13:50:26 +00:00
CrazyMax
d86ab59115 Merge pull request #915 from neilime/feat/handle-detached-head-error 
fix: handle detached head error
 2025-12-31 14:50:01 +01:00
copilot-swe-agent[bot]
945d269b25 fix: handle detached head error 2025-12-23 18:48:02 +01:00
dependabot[bot]
692b091ac0 build(deps): bump @sigstore/tuf from 4.0.0 to 4.0.1 
Bumps [@sigstore/tuf](https://github.com/sigstore/sigstore-js) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/sigstore/sigstore-js/releases)
- [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/tuf@4.0.0...@sigstore/sign@4.0.1)

---
updated-dependencies:
- dependency-name: "@sigstore/tuf"
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-19 22:06:19 +00:00
CrazyMax
3984b38120 Merge pull request #909 from crazy-max/publish-commitish 
ci(publish): no need to set target_commitish
 2025-12-18 18:20:18 +01:00
CrazyMax
57c7ba07e5 Merge pull request #908 from docker/bot/compose-releases-json 
Update `.github/compose-releases.json`
 2025-12-18 16:53:50 +01:00
CrazyMax
73ff711ca0 ci(publish): no need to set target_commitish 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-12-18 16:52:40 +01:00
crazy-max
ce2ae460d6 github: update .github/compose-releases.json 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-18 15:51:44 +00:00
CrazyMax
f61800c7a9 Merge pull request #907 from crazy-max/publish-release 
ci(publish): create github release
 2025-12-18 16:51:15 +01:00
CrazyMax
45b39556af ci(publish): create github release 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-12-18 13:30:31 +01:00
CrazyMax
5172be8e2f Merge pull request #906 from crazy-max/npm-publish
Some checks failed
publish / publish (push) Has been cancelled
Details 
ci: use trusted publishing to publish our package
v0.71.0 		2025-12-18 13:04:59 +01:00
CrazyMax
1ded416304 ci(publish): generate provenance attestation 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-12-18 12:05:50 +01:00
CrazyMax
2ea2c9d9ee ci: use trusted publishing to publish our npm package 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-12-18 12:05:50 +01:00
CrazyMax
9442c70243 Merge pull request #904 from crazy-max/cosign-bin-verify
Some checks failed
publish / publish (push) Has been cancelled
Details 
cosign(install): verify binary signature with keyless verification bundle
v0.70.0 		2025-12-18 09:19:02 +01:00
CrazyMax
36dc518728 Merge pull request #905 from docker/bot/docker-releases-json 
Update `.github/docker-releases.json`
 2025-12-18 09:18:30 +01:00
crazy-max
a05039c77d github: update .github/docker-releases.json 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-18 00:31:44 +00:00