Bump docker/build-push-action from 3 to 4 by dependabot[bot] · Pull Request #349 · thecoolestguy/ilios

dependabot · 2023-01-31T10:02:32Z

Bumps docker/build-push-action from 3 to 4.

Release notes

Sourced from docker/build-push-action's releases.

v4.0.0

Warning

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Revert disable provenance by default if not set by @crazy-max in docker/build-push-action#784

Full Changelog: docker/build-push-action@v3.3.1...v4.0.0

v3.3.1

Disable provenance by default if not set by @crazy-max (#781)

Full Changelog: docker/build-push-action@v3.3.0...v3.3.1

v3.3.0

Warning

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Add attests, provenance and sbom inputs by @crazy-max (#746 #759)

Log GitHub Actions runtime token access controls by @crazy-max (#707)

Examples moved to docs website by @crazy-max (#718)

Bump minimatch from 3.0.4 to 3.1.2 (#732)

Bump csv-parse from 5.3.0 to 5.3.3 (#729)

Bump json5 from 2.2.0 to 2.2.3 (#749)

Full Changelog: docker/build-push-action@v3.2.0...v3.3.0

v3.2.0

Remove workaround for setOutput by @crazy-max (#704)

Docs: fix Git context link and add more details about subdir support by @crazy-max (#685)

Docs: named context by @baibaratsky and @crazy-max (#665)

Bump @actions/core from 1.9.0 to 1.10.0 (#667 #695)

Bump @actions/github from 5.0.3 to 5.1.1 (#696)

Full Changelog: docker/build-push-action@v3.1.1...v3.2.0

v3.1.1

Fix GitHub token not passed with Git context if subdir defined by @crazy-max (#663)

Replace deprecated fs.rmdir with fs.rm by @bendrucker (#657)

Full Changelog: docker/build-push-action@v3.1.0...v3.1.1

v3.1.0

no-cache-filters input by @crazy-max (#653)

Bump @actions/github from 5.0.1 to 5.0.3 (#619)

Bump @actions/core from 1.6.0 to 1.9.0 (#620 #637)

Bump csv-parse from 5.0.4 to 5.3.0 (#623 #650)

Full Changelog: docker/build-push-action@v3.0.0...v3.1.0

Commits

3b5e802 Merge pull request #784 from crazy-max/enable-provenance
02d3266 update generated content
f403daf revert disable provenance by default if not set
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [infection/infection](https://github.com/infection/infection) from 0.26.12 to 0.26.13. - [Release notes](https://github.com/infection/infection/releases) - [Changelog](https://github.com/infection/infection/blob/master/CHANGELOG.md) - [Commits](infection/infection@0.26.12...0.26.13) --- updated-dependencies: - dependency-name: infection/infection dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…ion/infection-0.26.13 Bump infection/infection from 0.26.12 to 0.26.13

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.7.15 to 1.8.0. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.7.15...1.8.0) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-1.8.0 Bump phpstan/phpstan from 1.7.15 to 1.8.0

Bumps [eluceo/ical](https://github.com/markuspoerschke/iCal) from 2.6.0 to 2.7.0. - [Release notes](https://github.com/markuspoerschke/iCal/releases) - [Changelog](https://github.com/markuspoerschke/iCal/blob/2.x/CHANGELOG.md) - [Commits](markuspoerschke/iCal@2.6.0...2.7.0) --- updated-dependencies: - dependency-name: eluceo/ical dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [league/flysystem](https://github.com/thephpleague/flysystem) from 3.0.21 to 3.0.23. - [Release notes](https://github.com/thephpleague/flysystem/releases) - [Changelog](https://github.com/thephpleague/flysystem/blob/3.x/CHANGELOG.md) - [Commits](thephpleague/flysystem@3.0.21...3.0.23) --- updated-dependencies: - dependency-name: league/flysystem dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [league/flysystem-aws-s3-v3](https://github.com/thephpleague/flysystem-aws-s3-v3) from 3.0.21 to 3.0.22. - [Release notes](https://github.com/thephpleague/flysystem-aws-s3-v3/releases) - [Changelog](https://github.com/thephpleague/flysystem-aws-s3-v3/blob/master/changelog.md) - [Commits](thephpleague/flysystem-aws-s3-v3@3.0.21...3.0.22) --- updated-dependencies: - dependency-name: league/flysystem-aws-s3-v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

The symfony cache contracts go to the cache backend every time get() is called which significantly degrades the performance gains from caching. By using PSR6 cache contracts we can get many items at the same time, but this doesn't allow us to tag each item. As a solution I've moved the caching logic into it's own service and we fetch everything in a single request and then cache and tag all missing items.

Instead of finding missing IDs and then discarding the values we can do the ID comparison in the manager repository and then re-use the cached values. This saves us a trip to the cache to load a lot of data we already have.

When we access other data from JSON:API we were loading it even if the user didn't have permission to access it. Instead we need to filter all side loaded data through the permissions system.

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.8.0...1.8.1) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-1.8.1 Bump phpstan/phpstan from 1.8.0 to 1.8.1

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.5...1.2.6) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-symfony-1.2.6 Bump phpstan/phpstan-symfony from 1.2.5 to 1.2.6

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.8.1...1.8.2) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.6 to 1.2.8. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.6...1.2.8) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-1.8.2 Bump phpstan/phpstan from 1.8.1 to 1.8.2

…n/phpstan-symfony-1.2.8 Bump phpstan/phpstan-symfony from 1.2.6 to 1.2.8

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.8 to 1.2.9. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.8...1.2.9) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-symfony-1.2.9 Bump phpstan/phpstan-symfony from 1.2.8 to 1.2.9

Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.5.21 to 9.5.22. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md) - [Commits](sebastianbergmann/phpunit@9.5.21...9.5.22) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…t/phpunit-9.5.22 Bump phpunit/phpunit from 9.5.21 to 9.5.22

Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.5.22 to 9.5.23. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md) - [Commits](sebastianbergmann/phpunit@9.5.22...9.5.23) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…t/phpunit-9.5.23 Bump phpunit/phpunit from 9.5.22 to 9.5.23

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.9 to 1.2.11. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.9...1.2.11) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-symfony-1.2.11 Bump phpstan/phpstan-symfony from 1.2.9 to 1.2.11

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.11 to 1.2.13. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.11...1.2.13) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-symfony-1.2.13 Bump phpstan/phpstan-symfony from 1.2.11 to 1.2.13

Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.5.23 to 9.5.24. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md) - [Commits](sebastianbergmann/phpunit@9.5.23...9.5.24) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…t/phpunit-9.5.24 Bump phpunit/phpunit from 9.5.23 to 9.5.24

Bumps [infection/infection](https://github.com/infection/infection) from 0.26.13 to 0.26.14. - [Release notes](https://github.com/infection/infection/releases) - [Changelog](https://github.com/infection/infection/blob/master/CHANGELOG.md) - [Commits](infection/infection@0.26.13...0.26.14) --- updated-dependencies: - dependency-name: infection/infection dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…ion/infection-0.26.14 Bump infection/infection from 0.26.13 to 0.26.14

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.8.2...1.8.3) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-1.8.3 Bump phpstan/phpstan from 1.8.2 to 1.8.3

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.8.3 to 1.8.4. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.8.3...1.8.4) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…n/phpstan-1.8.4 Bump phpstan/phpstan from 1.8.3 to 1.8.4

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.5...1.2.6) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.8.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.8.1...1.8.2) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.6 to 1.2.8. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.6...1.2.8) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpstan/phpstan-symfony](https://github.com/phpstan/phpstan-symfony) from 1.2.8 to 1.2.9. - [Release notes](https://github.com/phpstan/phpstan-symfony/releases) - [Commits](phpstan/phpstan-symfony@1.2.8...1.2.9) --- updated-dependencies: - dependency-name: phpstan/phpstan-symfony dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.5.21 to 9.5.22. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md) - [Commits](sebastianbergmann/phpunit@9.5.21...9.5.22) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.5.22 to 9.5.23. - [Release notes](https://github.com/sebastianbergmann/phpunit/releases) - [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md) - [Commits](sebastianbergmann/phpunit@9.5.22...9.5.23) --- updated-dependencies: - dependency-name: phpunit/phpunit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [infection/infection](https://github.com/infection/infection) from 0.26.13 to 0.26.14. - [Release notes](https://github.com/infection/infection/releases) - [Changelog](https://github.com/infection/infection/blob/master/CHANGELOG.md) - [Commits](infection/infection@0.26.13...0.26.14) --- updated-dependencies: - dependency-name: infection/infection dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot and others added 30 commits June 24, 2022 09:13

Merge pull request #248 from thecoolestguy/dependabot/composer/infect…

b466ddb

…ion/infection-0.26.13 Bump infection/infection from 0.26.12 to 0.26.13

Merge pull request #249 from thecoolestguy/dependabot/composer/phpsta…

9476c65

…n/phpstan-1.8.0 Bump phpstan/phpstan from 1.7.15 to 1.8.0

set published-ttl for the ics feed to 1 hour.

a15bc80

Update Dependencies

c5ffa4b

Do ID check with cached values

560c777

Instead of finding missing IDs and then discarding the values we can do the ID comparison in the manager repository and then re-use the cached values. This saves us a trip to the cache to load a lot of data we already have.

Check permissions on side loaded data

af5f7f0

When we access other data from JSON:API we were loading it even if the user didn't have permission to access it. Instead we need to filter all side loaded data through the permissions system.

Merge pull request #259 from thecoolestguy/dependabot/composer/phpsta…

c430c0d

…n/phpstan-1.8.1 Bump phpstan/phpstan from 1.8.0 to 1.8.1

Merge pull request #264 from thecoolestguy/dependabot/composer/phpsta…

0cb3e3e

…n/phpstan-symfony-1.2.6 Bump phpstan/phpstan-symfony from 1.2.5 to 1.2.6

Merge pull request #266 from thecoolestguy/dependabot/composer/phpsta…

fc0ae6e

…n/phpstan-1.8.2 Bump phpstan/phpstan from 1.8.1 to 1.8.2

Merge pull request #267 from thecoolestguy/dependabot/composer/phpsta…

2715af7

…n/phpstan-symfony-1.2.8 Bump phpstan/phpstan-symfony from 1.2.6 to 1.2.8

Merge pull request #273 from thecoolestguy/dependabot/composer/phpsta…

f158983

…n/phpstan-symfony-1.2.9 Bump phpstan/phpstan-symfony from 1.2.8 to 1.2.9

Merge pull request #278 from thecoolestguy/dependabot/composer/phpuni…

53e0504

…t/phpunit-9.5.22 Bump phpunit/phpunit from 9.5.21 to 9.5.22

Merge pull request #280 from thecoolestguy/dependabot/composer/phpuni…

f1f7be0

…t/phpunit-9.5.23 Bump phpunit/phpunit from 9.5.22 to 9.5.23

Merge pull request #282 from thecoolestguy/dependabot/composer/phpsta…

858f764

…n/phpstan-symfony-1.2.11 Bump phpstan/phpstan-symfony from 1.2.9 to 1.2.11

Merge pull request #283 from thecoolestguy/dependabot/composer/phpsta…

5505db9

…n/phpstan-symfony-1.2.13 Bump phpstan/phpstan-symfony from 1.2.11 to 1.2.13

dependabot bot and others added 17 commits August 30, 2022 09:20

Merge pull request #285 from thecoolestguy/dependabot/composer/phpuni…

c0ec319

…t/phpunit-9.5.24 Bump phpunit/phpunit from 9.5.23 to 9.5.24

Merge pull request #287 from thecoolestguy/dependabot/composer/infect…

dc6e15b

…ion/infection-0.26.14 Bump infection/infection from 0.26.13 to 0.26.14

Merge pull request #288 from thecoolestguy/dependabot/composer/phpsta…

8a4ab25

…n/phpstan-1.8.3 Bump phpstan/phpstan from 1.8.2 to 1.8.3

Merge pull request #289 from thecoolestguy/dependabot/composer/phpsta…

9003440

…n/phpstan-1.8.4 Bump phpstan/phpstan from 1.8.3 to 1.8.4

added new composer

67c55ef

dependabot bot added dependencies github_actions Pull requests that update Github_actions code labels Jan 31, 2023

thecoolestguy force-pushed the master branch from 299a1aa to 5abb3d5 Compare January 8, 2024 19:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump docker/build-push-action from 3 to 4#349

Bump docker/build-push-action from 3 to 4#349
dependabot[bot] wants to merge 47 commits intomasterfrom
dependabot/github_actions/docker/build-push-action-4

dependabot bot commented on behalf of github Jan 31, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

dependabot bot commented on behalf of github Jan 31, 2023

v4.0.0

v3.3.1

v3.3.0

v3.2.0

v3.1.1

v3.1.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants