Commit graph

8 commits

Author SHA1 Message Date
dependabot[bot] e380cc3065
chore(deps): Bump docker/setup-buildx-action from 2.6.0 to 2.7.0 (#3398) 2023-06-19 23:21:13 +02:00
dependabot[bot] 59bcab6127
chore(deps): Bump docker/build-push-action from 4.1.0 to 4.1.1 (#3400) 2023-06-19 23:14:09 +02:00
dependabot[bot] 8e87a4d845
chore(deps): Bump docker/setup-buildx-action from 2.5.0 to 2.6.0 (#3388)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 17:12:00 +00:00
dependabot[bot] 7bf772e2d6
chore(deps): Bump docker/build-push-action from 4.0.0 to 4.1.0 (#3390)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 19:10:10 +02:00
dependabot[bot] 69031b969d
chore(deps): Bump anchore/scan-action from 3.3.4 to 3.3.5 (#3217) 2023-04-03 15:00:45 +02:00
dependabot[bot] e890ba46a3
chore(deps): Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#3176)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-14 11:45:27 +13:00
Brennan Kinney aa4d4fe315
ci(fix): Only apply permissions at the job level (#3142)
If permissions are specified at the workflow level, any that are not explicitly set became `none` and jobs cannot request that to change.

Permissions are therefore scoped to the job itself.
2023-03-03 15:32:00 +01:00
Georg Lauterbach 4e82d4de54
ci/docs: add vulnerability scanning workflow & security policy (#3106) 2023-02-23 08:53:12 +01:00