dependabot[bot]
1ce92776e1
chore(deps): bump docker/login-action from 3.4.0 to 3.5.0
...
GitHub Actions Security Analysis with zizmor 🌈 / zizmor latest via PyPI (push) Failing after 3s
Main branch build / build (push) Has been cancelled
Main branch build / test (push) Has been cancelled
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](74a5d14239...184bdaa072
2025-08-21 10:24:17 -04:00
Gerald Pinder
a7d862abf0
feat: Embed build scripts and extract into temp dir for build ( #516 )
...
This decouples the need for a published image for the bulid scripts and
will now embed them into the binary instead. This will make it so that
anyone that forks the CLI is able to make adjustments to the build
scripts and use them immediately.
This will be needed for testing #515
2025-08-10 16:09:42 -04:00
dependabot[bot]
c5b49646d8
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 ( #514 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action )
from 3.29.4 to 3.29.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases ">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases ">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986 ">#2986</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md ">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md ">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases ">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986 ">#2986</a></li>
</ul>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935 ">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938 ">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950 ">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925 ">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912 ">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/ ">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959 ">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910 ">#2910</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="51f77329afhttps://redirect.github.com/github/codeql-action/issues/2997 ">#2997</a>
from github/update-v3.29.5-80a09d7b0</li>
<li><a
href="8e90243ddb80a09d7b0bhttps://redirect.github.com/github/codeql-action/issues/2996 ">#2996</a>
from github/dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="8388115dc8https://redirect.github.com/github/codeql-action/issues/2994 ">#2994</a>
from github/mergeback/changelog/v3.28.21</li>
<li><a
href="401ecaf503ab5c0c5fa5cd264d4dcdhttps://redirect.github.com/github/codeql-action/issues/2986 ">#2986</a>
from github/update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="4599055b1efd7ad511e6https://redirect.github.com/github/codeql-action/issues/2971 ">#2971</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="ac0c9bfe1e4e828ff8d4...51f77329afhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.29.4&new-version=3.29.5 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-09 14:33:50 -04:00
Gerald Pinder
3a0be4099a
feat: Add bootc support ( #448 )
...
Adds support for using `bootc` as the preferred method for booting from
a locally created image. This new method gets rid of the need to create
a tarball and move it to the correct place and instead it will make use
of `podman scp` which copies the image to the root `containers-storage`
and then has `rpm-ostree` and `bootc` boot from that store.
Closes #418
Closes #200
2025-08-09 14:05:59 -04:00
dependabot[bot]
cf224de676
chore(deps): bump DeterminateSystems/flakehub-push from 5 to 6 ( #496 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[DeterminateSystems/flakehub-push](https://github.com/determinatesystems/flakehub-push )
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/determinatesystems/flakehub-push/releases ">DeterminateSystems/flakehub-push's
releases</a>.</em></p>
<blockquote>
<h2>v6</h2>
<h2>What's Changed</h2>
<ul>
<li>Add flakehub cache to the macos builds by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/161 ">DeterminateSystems/flakehub-push#161</a></li>
<li>Update cargo deps for gix-path by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/160 ">DeterminateSystems/flakehub-push#160</a></li>
<li>Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows
by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/158 ">DeterminateSystems/flakehub-push#158</a></li>
<li>Handle unset derivation outputs attribute by <a
href="https://github.com/edolstra "><code>@edolstra</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/163 ">DeterminateSystems/flakehub-push#163</a></li>
<li>Refactor ReleaseMetadata, PushContext by <a
href="https://github.com/cole-h "><code>@cole-h</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/165 ">DeterminateSystems/flakehub-push#165</a></li>
<li>Make it easier to test without GitHub or a local FlakeHub by <a
href="https://github.com/edolstra "><code>@edolstra</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/164 ">DeterminateSystems/flakehub-push#164</a></li>
<li>ci: disable GHA cache by <a
href="https://github.com/cole-h "><code>@cole-h</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/166 ">DeterminateSystems/flakehub-push#166</a></li>
<li>ci: fixup upload-artifact action by <a
href="https://github.com/cole-h "><code>@cole-h</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/167 ">DeterminateSystems/flakehub-push#167</a></li>
<li>Export the exact flakeref as an output by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/168 ">DeterminateSystems/flakehub-push#168</a></li>
<li>Flake ref output by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/169 ">DeterminateSystems/flakehub-push#169</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/67 ">#67</a>
from DeterminateSystems/allow-obliterating-id-token-privs by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/174 ">DeterminateSystems/flakehub-push#174</a></li>
<li>Update deps by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/177 ">DeterminateSystems/flakehub-push#177</a></li>
<li>Cargo.lock: update deps by <a
href="https://github.com/cole-h "><code>@cole-h</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/179 ">DeterminateSystems/flakehub-push#179</a></li>
<li>[FH-550] prevent pushes from non-default branch by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/184 ">DeterminateSystems/flakehub-push#184</a></li>
<li>Spruce up README docs by <a
href="https://github.com/lucperkins "><code>@lucperkins</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/185 ">DeterminateSystems/flakehub-push#185</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/71 ">#71</a>
from DeterminateSystems/updates by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/187 ">DeterminateSystems/flakehub-push#187</a></li>
<li>Update deps by <a
href="https://github.com/cole-h "><code>@cole-h</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/191 ">DeterminateSystems/flakehub-push#191</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/74 ">#74</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-eb3d92718e by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/195 ">DeterminateSystems/flakehub-push#195</a></li>
<li>Document multiple flakes in a repo by <a
href="https://github.com/lucperkins "><code>@lucperkins</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/196 ">DeterminateSystems/flakehub-push#196</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/78 ">#78</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-0af3b8ec11 by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/199 ">DeterminateSystems/flakehub-push#199</a></li>
<li>relay nice warning if user is not authenticated (possibly not signed
up) by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/198 ">DeterminateSystems/flakehub-push#198</a></li>
<li>fixup: url join for token status endpoint by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/201 ">DeterminateSystems/flakehub-push#201</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/79 ">#79</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm_and_yarn-14f44f5325
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/203 ">DeterminateSystems/flakehub-push#203</a></li>
<li>github: improve error for unauthenticated users by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/202 ">DeterminateSystems/flakehub-push#202</a></li>
<li>improve unauthenticated error message (again) by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/204 ">DeterminateSystems/flakehub-push#204</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/80 ">#80</a>
from DeterminateSystems/fixup-traces by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/205 ">DeterminateSystems/flakehub-push#205</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/81 ">#81</a>
from DeterminateSystems/dont-capture-some-crashes by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/206 ">DeterminateSystems/flakehub-push#206</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/82 ">#82</a>
from DeterminateSystems/even-more-crashes by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/207 ">DeterminateSystems/flakehub-push#207</a></li>
<li>Update <code>detsys-ts</code>: Ignore hyphen-sep'd diags (<a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/83 ">#83</a>)
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/208 ">DeterminateSystems/flakehub-push#208</a></li>
<li>Update <code>detsys-ts</code>: Bump vite from 6.2.3 to 6.2.4 in the
npm_and_yarn group (<a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/85 ">#85</a>)
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/210 ">DeterminateSystems/flakehub-push#210</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/84 ">#84</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-73588cc3c5 by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/209 ">DeterminateSystems/flakehub-push#209</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/86 ">#86</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm_and_yarn-2bd33993d4
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/211 ">DeterminateSystems/flakehub-push#211</a></li>
<li>Remove gix-ref dependency by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/212 ">DeterminateSystems/flakehub-push#212</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/87 ">#87</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-2f3c1638ee by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/215 ">DeterminateSystems/flakehub-push#215</a></li>
<li>Bump tokio from 1.40.0 to 1.43.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/216 ">DeterminateSystems/flakehub-push#216</a></li>
<li>Bump crossbeam-channel from 0.5.13 to 0.5.15 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/218 ">DeterminateSystems/flakehub-push#218</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/88 ">#88</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm_and_yarn-b7c6efa8f1
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/220 ">DeterminateSystems/flakehub-push#220</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/89 ">#89</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-0b8d2803d6 by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/221 ">DeterminateSystems/flakehub-push#221</a></li>
<li>Update wording around paid features by <a
href="https://github.com/lucperkins "><code>@lucperkins</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/219 ">DeterminateSystems/flakehub-push#219</a></li>
<li>Update <code>detsys-ts</code>: Update Nix and JS dependencies (<a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/91 ">#91</a>)
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/223 ">DeterminateSystems/flakehub-push#223</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/92 ">#92</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm_and_yarn-de653eece3
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/224 ">DeterminateSystems/flakehub-push#224</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/93 ">#93</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-a403fbca50 by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/225 ">DeterminateSystems/flakehub-push#225</a></li>
<li>Don't raise on exec by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/227 ">DeterminateSystems/flakehub-push#227</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/94 ">#94</a>
from DeterminateSystems/dependabot/npm_and_yarn/npm-deps-dde80b0a8d by
<a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/226 ">DeterminateSystems/flakehub-push#226</a></li>
<li>Replace the old upload_s3 and x86_64-linux approach with
push-artifact-ids and the CI workflow by <a
href="https://github.com/grahamc "><code>@grahamc</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/228 ">DeterminateSystems/flakehub-push#228</a></li>
<li>Update <code>detsys-ts</code>: Merge pull request <a
href="https://redirect.github.com/determinatesystems/flakehub-push/issues/95 ">#95</a>
from
DeterminateSystems/graham/fh-813-create-a-determinate-nix-action-with-pinned-releases
by <a
href="https://github.com/detsys-pr-bot "><code>@detsys-pr-bot</code></a>
in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/229 ">DeterminateSystems/flakehub-push#229</a></li>
<li>Switch to determinate-nix-action by <a
href="https://github.com/lucperkins "><code>@lucperkins</code></a> in <a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/230 ">DeterminateSystems/flakehub-push#230</a></li>
<li>support semaphore via FLAKEHUB_PUSH_OIDC_TOKEN by <a
href="https://github.com/colemickens "><code>@colemickens</code></a> in
<a
href="https://redirect.github.com/DeterminateSystems/flakehub-push/pull/222 ">DeterminateSystems/flakehub-push#222</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="71f5720881https://redirect.github.com/determinatesystems/flakehub-push/issues/243 ">#243</a>
from detsys-pr-bot/detsys-ts-update-20c4962e328c1eba8...</li>
<li><a
href="6e76125e551dd8eaf512https://redirect.github.com/determinatesystems/flakehub-push/issues/242 ">#242</a>
from DeterminateSystems/eelcodolstra/fh-922-flakehub-...</li>
<li><a
href="403b724ddab93f56c694https://redirect.github.com/determinatesystems/flakehub-push/issues/241 ">#241</a>
from detsys-pr-bot/detsys-ts-update-0095c476e55f64d04...</li>
<li><a
href="0e53aee112#104 ](https://github.com/determinatesystems/flakehub-push/issues/104 ))</code>
(`...</li>
<li><a
href="5fe63adf3bhttps://redirect.github.com/determinatesystems/flakehub-push/issues/235 ">#235</a>
from DeterminateSystems/remove-apple-sdks</li>
<li><a
href="9dd5de1eachttps://redirect.github.com/determinatesystems/flakehub-push/issues/238 ">#238</a>
from detsys-pr-bot/detsys-ts-update-e252a66f00e041869...</li>
<li><a
href="0a374d6ebbfa6354df6e8da9e38b7e...71f5720881https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DeterminateSystems/flakehub-push&package-manager=github_actions&previous-version=5&new-version=6 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gerald Pinder <gmpinder@gmail.com>
2025-07-28 23:15:47 -04:00
dependabot[bot]
80696c9024
chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](398d4b0eee...d58896d6a1
2025-07-28 23:07:21 -04:00
dependabot[bot]
009adf946c
chore(deps): bump DeterminateSystems/nix-installer-action from 18 to 19
...
Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action ) from 18 to 19.
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases )
- [Commits](c723f3a885...90bb610b90
2025-07-28 23:06:19 -04:00
dependabot[bot]
92e71a292d
chore(deps): bump astral-sh/setup-uv from 6.3.1 to 6.4.3
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6.3.1 to 6.4.3.
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](bd01e18f51...e92bafb625
2025-07-28 23:02:26 -04:00
dependabot[bot]
7618aa1fdf
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.2 to 3.29.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](181d5eefc2...4e828ff8d4
2025-07-28 23:02:12 -04:00
dependabot[bot]
822600c9d8
chore(deps): bump github/codeql-action from 3.29.1 to 3.29.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.1 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](39edc492db...181d5eefc2
2025-07-08 13:47:19 -04:00
dependabot[bot]
b4282449e5
chore(deps): bump DeterminateSystems/nix-installer-action from 17 to 18
...
Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action ) from 17 to 18.
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases )
- [Commits](21a544727d...c723f3a885
2025-07-08 13:47:02 -04:00
dependabot[bot]
e647da6efb
chore(deps): bump astral-sh/setup-uv from 6.3.0 to 6.3.1
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](445689ea25...bd01e18f51
2025-06-30 17:09:18 -04:00
dependabot[bot]
059fab9bee
chore(deps): bump github/codeql-action from 3.29.0 to 3.29.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.0 to 3.29.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ce28f5bb42...39edc492db
2025-06-30 17:09:05 -04:00
dependabot[bot]
64b4039fd0
chore(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.1
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](fb28c2b633...398d4b0eee
2025-06-30 17:08:40 -04:00
dependabot[bot]
2b75e2a6ef
chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](3454372f43...fb28c2b633
2025-06-23 09:32:32 -04:00
dependabot[bot]
e32077ac08
chore(deps): bump actions-rust-lang/setup-rust-toolchain
...
Bumps [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases )
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md )
- [Commits](9d7e65c320...fb51252c7b
2025-06-23 09:32:16 -04:00
dependabot[bot]
134b2ee9a7
chore(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.1
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.10.0 to 3.11.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](b5ca514318...e468171a9d
2025-06-23 09:31:57 -04:00
dependabot[bot]
578a77a00c
chore(deps): bump astral-sh/setup-uv from 6.1.0 to 6.3.0
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6.1.0 to 6.3.0.
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](f0ec1fc3b3...445689ea25
2025-06-23 09:31:44 -04:00
Gerald Pinder
5180411545
fix: Allow repos that don't have a files/ directory
2025-06-20 23:52:55 -04:00
RoyalOughtness
d44853da3d
fix: upload-sarif comment formatting
...
This is preventing dependabot from working properly
2025-06-16 15:11:52 -04:00
Gerald Pinder
7677378236
ci: Run arm pre-build on arm runner
2025-06-02 12:02:13 -04:00
dependabot[bot]
8136ec52da
chore(deps): bump astral-sh/setup-uv from 6.0.1 to 6.1.0
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](6b9c6063ab...f0ec1fc3b3
2025-06-02 07:31:29 -04:00
Gerald Pinder
6be68f6b2f
ci: Disable cache for earthly setup
2025-05-31 22:55:55 -04:00
dependabot[bot]
df1d19e71e
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.17 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](60168efe1c...ff0a06e83c
2025-05-20 19:36:46 -04:00
dependabot[bot]
94ac89670a
chore(deps): bump github/codeql-action from 3.28.10 to 3.28.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.10 to 3.28.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b56ba49b26...60168efe1c
2025-05-12 17:00:51 -04:00
dependabot[bot]
bea3f6fe11
chore(deps): bump ublue-os/remove-unwanted-software from 6 to 9
...
Bumps [ublue-os/remove-unwanted-software](https://github.com/ublue-os/remove-unwanted-software ) from 6 to 9.
- [Release notes](https://github.com/ublue-os/remove-unwanted-software/releases )
- [Commits](e3843c85f5...cc0becac70
2025-05-12 17:00:12 -04:00
RoyalOughtness
97cbf8f280
chore: fix github actions dep reference ( #440 )
...
Obsoletes https://github.com/blue-build/cli/pull/439 , which isn't
setting the version properly
2025-05-12 16:59:23 -04:00
Gerald Pinder
c9c2a88613
fix: Setup QEMU for tag builds
2025-05-11 15:05:36 -04:00
dependabot[bot]
2257a70079
chore(deps): bump astral-sh/setup-uv from 4.2.0 to 6.0.1
...
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) from 4.2.0 to 6.0.1.
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](38f3f10444...6b9c6063ab
2025-05-11 07:50:48 -04:00
dependabot[bot]
c87741e33b
chore(deps): bump extractions/setup-just from 1.6.0 to 3.0.0
...
Bumps [extractions/setup-just](https://github.com/extractions/setup-just ) from 1.6.0 to 3.0.0.
- [Release notes](https://github.com/extractions/setup-just/releases )
- [Commits](69d82fb023...e33e0265a0
2025-05-11 07:49:47 -04:00
dependabot[bot]
85c6d5af3f
chore(deps): bump DeterminateSystems/nix-installer-action from 16 to 17
...
Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action ) from 16 to 17.
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases )
- [Commits](e50d5f73bf...21a544727d
2025-05-11 07:49:12 -04:00
dependabot[bot]
2bee5dc5c7
chore(deps): bump docker/login-action from 3.3.0 to 3.4.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3.3.0...74a5d142397b4f367a81961eba4e8cd7edddf772 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-version: 3.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-11 07:48:47 -04:00
dependabot[bot]
6297056b83
chore(deps): bump actions-rust-lang/setup-rust-toolchain
...
Bumps [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases )
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md )
- [Commits](9399c7bb15...9d7e65c320
2025-05-11 07:46:41 -04:00
RoyalOughtness
5d4cfacc56
chore: bump docker/login-action
...
Is there a dependabot misconfiguration?
2025-05-11 07:43:58 -04:00
Gerald Pinder
0896907c0b
chore(tests): Add extra test recipes
2025-05-09 16:58:51 -04:00
Gerald Pinder
ba40f8fe8d
fix: Maximize build space for building the image
2025-05-04 09:14:38 -04:00
Gerald Pinder
f8950b3477
chore: Create separate test and build workflows
2025-05-02 16:33:41 -04:00
Gerald Pinder
0f4621ca66
chore: Rework the workflows to make it easier to manage
2025-05-02 16:24:52 -04:00
RoyalOughtness
f627e969f5
chore: pin actions to commit hashes
2025-03-09 21:28:45 -04:00
Gerald Pinder
7dc9c7e0c1
fix: Allow user to not install Nushell in their system
2025-02-25 08:08:09 -05:00
Gerald Pinder
cbb6efd14d
chore: Switch to using my new proc_macro comlexr
2025-01-12 16:15:29 -05:00
Gerald Pinder
50ed183cde
feat: Allow fresh rechunking of image
2024-12-16 21:07:09 -05:00
Gerald Pinder
41031848df
chore(ci): Add Github Action auditing
2024-12-14 13:17:40 -05:00
Gerald Pinder
4910292fb9
fix: Prevent certain builds from running when the PR is from a fork
2024-12-08 21:17:31 -05:00
Gerald Pinder
b4fbac2a66
feat(rechunk): Add the ability to rechunk an image
2024-12-02 02:23:22 -05:00
Gerald Pinder
879dca348c
fix(ci): Login to earthly for tag build-scripts-all target
2024-11-26 21:30:57 -05:00
Gerald Pinder
2b7305c5d0
fix: Add logic for inspecting multi-manifest images
2024-11-26 21:21:26 -05:00
Gerald Pinder
c8d8ab306c
fix(ci): Build all features for each package and build all archs
2024-11-25 22:09:36 -05:00
Gerald Pinder
d9caf26ee1
fix(ci): Ensure we build the +build-scripts target on tags
2024-11-25 12:57:15 -05:00
Gerald Pinder
4e81c24fbc
fix(ci): Make sure tag job uses +build-images target
2024-11-24 12:15:13 -05:00
