build(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 #291
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.2.0...v2.2.1) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
github_actions
dependabot
bot
deleted the
dependabot/github_actions/docker/setup-buildx-action-2.2.1
branch
sahibamittal
added a commit
to sahibamittal/dependency-track-frontend-upstream
that referenced
this pull request
Oct 25, 2022
commit b6da806 Merge: f6c193f 5de8f9f Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 25 11:08:52 2022 +0200 Merge pull request DependencyTrack#280 from DependencyTrack/dependabot/npm_and_yarn/xmldom/xmldom-0.8.3 build(deps): bump @xmldom/xmldom from 0.8.2 to 0.8.3 commit f6c193f Merge: 3f0ce6d c908972 Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 25 11:08:36 2022 +0200 Merge pull request DependencyTrack#305 from DependencyTrack/dependabot/docker/docker/nginxinc/nginx-unprivileged-94f0b80 build(deps): bump nginxinc/nginx-unprivileged from `2d58b97` to `94f0b80` in /docker commit c908972 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Oct 25 01:59:05 2022 +0000 build(deps): bump nginxinc/nginx-unprivileged in /docker Bumps nginxinc/nginx-unprivileged from `2d58b97` to `94f0b80`. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit 3f0ce6d Merge: f38b9e6 1591b3f Author: Niklas <nscuro@protonmail.com> Date: Mon Oct 24 23:30:04 2022 +0200 Merge pull request DependencyTrack#298 from DependencyTrack/dependabot/github_actions/actions/upload-artifact-3.1.1 build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1 commit f38b9e6 Merge: 47bcf76 9e56c9a Author: Niklas <nscuro@protonmail.com> Date: Mon Oct 24 11:58:10 2022 +0200 Merge pull request DependencyTrack#304 from nscuro/fix-gh-release Specify the target branch when creating a release via GitHub CLI commit 9e56c9a Author: nscuro <nscuro@protonmail.com> Date: Mon Oct 24 11:53:44 2022 +0200 Specify the target branch when creating a release via GitHub CLI It uses `master` per default, which is not the intention when releasing from a release branch. Signed-off-by: nscuro <nscuro@protonmail.com> commit 5de8f9f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Oct 24 09:33:26 2022 +0000 build(deps): bump @xmldom/xmldom from 0.8.2 to 0.8.3 Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.2 to 0.8.3. - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](xmldom/xmldom@0.8.2...0.8.3) --- updated-dependencies: - dependency-name: "@xmldom/xmldom" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 47bcf76 Merge: 9b34ef9 f6763bc Author: Niklas <nscuro@protonmail.com> Date: Mon Oct 24 11:32:14 2022 +0200 Merge pull request DependencyTrack#301 from nscuro/replace-vue-showdown-master Remove dependency on vue-showdown commit f6763bc Author: nscuro <nscuro@protonmail.com> Date: Mon Oct 24 11:21:44 2022 +0200 Fix NPM falsely using SSH URLs for GitHub repos Appears to only be necessary for the build with Node 14. npm/cli#2610 Signed-off-by: nscuro <nscuro@protonmail.com> commit e80627d Author: nscuro <nscuro@protonmail.com> Date: Sat Oct 22 21:25:55 2022 +0200 Remove dependency on vue-showdown Depend on Showdown directly instead, cutting out the middleman. Additionally: * Escape HTML outside of Markdown code blocks, in order to prevent unintended rendering of HTML elements (e.g. the `textarea` in CVE-2022-25869) * Always run Showdown output through DOMPurify Signed-off-by: nscuro <nscuro@protonmail.com> commit 1591b3f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Oct 24 01:54:42 2022 +0000 build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit 9b34ef9 Merge: 9c6bd07 c4ed1f6 Author: Niklas <nscuro@protonmail.com> Date: Sat Oct 22 22:09:59 2022 +0200 Merge pull request DependencyTrack#296 from nscuro/enable-releasing-from-release-branch Enable release creation from non-master branches commit c4ed1f6 Author: nscuro <nscuro@protonmail.com> Date: Sat Oct 22 21:48:47 2022 +0200 Update `RELEASING.md` Signed-off-by: nscuro <nscuro@protonmail.com> commit 33bafea Author: nscuro <nscuro@protonmail.com> Date: Sat Oct 22 21:37:14 2022 +0200 Enable release creation from non-master branches This just makes the destination of version bump commits dependent on the branch the workflow is running on, instead of always pushing to `master`. This will allow us to run the workflow on release branches as well. Signed-off-by: nscuro <nscuro@protonmail.com> commit 9c6bd07 Merge: 1ff579f 839f7de Author: Niklas <nscuro@protonmail.com> Date: Fri Oct 21 13:30:32 2022 +0200 Merge pull request DependencyTrack#295 from sahibamittal/snyk-integration-frontend Snyk integration frontend commit 1ff579f Merge: 8bcac46 031074c Author: Niklas <nscuro@protonmail.com> Date: Fri Oct 21 12:02:22 2022 +0200 Merge pull request DependencyTrack#294 from DependencyTrack/dependabot/github_actions/actions/download-artifact-3.0.1 build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1 commit 031074c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Oct 21 01:57:23 2022 +0000 build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit 8bcac46 Merge: 8362943 abf25ae Author: Niklas <nscuro@protonmail.com> Date: Thu Oct 20 17:56:00 2022 +0200 Merge pull request DependencyTrack#293 from nscuro/release-docs Add release documentation commit 8362943 Merge: c400ae6 2c4e36c Author: Niklas <nscuro@protonmail.com> Date: Thu Oct 20 17:48:08 2022 +0200 Merge pull request DependencyTrack#292 from DependencyTrack/dependabot/docker/docker/nginxinc/nginx-unprivileged-1.23.2-alpine build(deps): bump nginxinc/nginx-unprivileged from 1.23.1-alpine to 1.23.2-alpine in /docker commit c400ae6 Merge: c5c5ab3 ae3c963 Author: Niklas <nscuro@protonmail.com> Date: Thu Oct 20 17:47:52 2022 +0200 Merge pull request DependencyTrack#291 from DependencyTrack/dependabot/github_actions/docker/setup-buildx-action-2.2.1 build(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 commit abf25ae Author: nscuro <nscuro@protonmail.com> Date: Thu Oct 20 17:43:53 2022 +0200 Add release documentation Signed-off-by: nscuro <nscuro@protonmail.com> commit 2c4e36c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Oct 20 01:51:11 2022 +0000 build(deps): bump nginxinc/nginx-unprivileged in /docker Bumps nginxinc/nginx-unprivileged from 1.23.1-alpine to 1.23.2-alpine. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit ae3c963 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Oct 19 01:45:01 2022 +0000 build(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.2.0...v2.2.1) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit c5c5ab3 Merge: 0bf649a 622f275 Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 18 18:57:26 2022 +0200 Merge pull request DependencyTrack#290 from nscuro/revert-272 commit 622f275 Author: nscuro <nscuro@protonmail.com> Date: Tue Oct 18 18:12:27 2022 +0200 Revert "Merge pull request DependencyTrack#272 from rbt-mm/master-show-hierarchical-view-in-project-list" This reverts commit 58b8940, reversing changes made to 3a64bbc. Signed-off-by: nscuro <nscuro@protonmail.com> commit 0bf649a Merge: 58b8940 b03b122 Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 18 17:51:34 2022 +0200 Merge pull request DependencyTrack#274 from rbt-mm/master-limit-alert-rules-to-project-including-all-existing-or-future-versions Include a projects children in an alert rules limitations commit 58b8940 Merge: 3a64bbc abfe53c Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 18 17:46:59 2022 +0200 Merge pull request DependencyTrack#272 from rbt-mm/master-show-hierarchical-view-in-project-list Show hierarchical view in project list commit abfe53c Author: rbt-mm <113189967+rbt-mm@users.noreply.github.com> Date: Tue Oct 18 17:05:21 2022 +0200 Hide detail view button when no active child Signed-off-by: RBickert <rbt@mm-software.com> Co-authored-by: Niklas <nscuro@protonmail.com> Signed-off-by: RBickert <rbt@mm-software.com> commit dbb34d3 Author: RBickert <rbt@mm-software.com> Date: Tue Oct 4 17:56:55 2022 +0200 Change prototype method in project list Do not access Object.prototype method 'hasOwnProperty' from target object. Only show project name in create project modal, if a project does not have a version Signed-off-by: RBickert <rbt@mm-software.com> commit a79d535 Author: RBickert <rbt@mm-software.com> Date: Tue Oct 4 17:03:10 2022 +0200 Revert "Update ci-build.yaml" This reverts commit aeccadc. Signed-off-by: RBickert <rbt@mm-software.com> commit d7b8d69 Author: RBickert <rbt@mm-software.com> Date: Fri Sep 30 16:27:18 2022 +0200 Filter detail view parents in backend Available parents in a project detail view are now filtered in the backend instead of the UI Signed-off-by: RBickert <rbt@mm-software.com> commit 87a9d8c Author: RBickert <rbt@mm-software.com> Date: Thu Sep 29 16:37:23 2022 +0200 Fix switching parent to inactive A parent project cannot be set to inactive if any of his children are set to active Signed-off-by: RBickert <rbt@mm-software.com> commit 11c7eab Author: RBickert <rbt@mm-software.com> Date: Fri Sep 23 16:28:37 2022 +0200 Add hierarchical view in project list Added CSwitch in project list to switch between current flat view (default) and a new hierarchical view (shows root projects and their children in the detail view of a row). Project detail view only shows viable projects as selectable parent. Hierarchical project list shows inactive projects for children and children are sortable. Signed-off-by: RBickert <rbt@mm-software.com> commit ee96685 Author: RBickert <rbt@mm-software.com> Date: Tue Sep 20 17:03:51 2022 +0200 Add persistent selection of parent to detail view Send selected parent in project detail view via API call to backend to create a persistent parent-child-relationship. Signed-off-by: RBickert <rbt@mm-software.com> commit b05a11c Author: RBickert <rbt@mm-software.com> Date: Mon Sep 19 16:53:00 2022 +0200 Add parent in project creation and detail view Display list of every project in `Create Project` and `View Project` to select a parent project for the new or current project. Send selected parent in project creation via API call to backend to create a persistent parent-child-relationship. Signed-off-by: RBickert <rbt@mm-software.com> commit 053f6fa Author: rbt-mm <113189967+rbt-mm@users.noreply.github.com> Date: Wed Sep 28 13:24:38 2022 +0200 Update ci-build.yaml Workflow now starts on every pull request, if the branch name contains 'master' in it. Signed-off-by: RBickert <rbt@mm-software.com> commit b03b122 Author: RBickert <rbt@mm-software.com> Date: Tue Oct 18 13:11:23 2022 +0200 Make inclusion of children optional Added a switch in the alerts view which optionally includes every active child of the subscribed projects in the notification rule. Signed-off-by: RBickert <rbt@mm-software.com> commit 298c5be Merge: 54e7c51 3a64bbc Author: rbt-mm <113189967+rbt-mm@users.noreply.github.com> Date: Tue Oct 18 13:01:18 2022 +0200 Merge branch 'DependencyTrack:master' into master-limit-alert-rules-to-project-including-all-existing-or-future-versions commit 3a64bbc Merge: 8a1239c 9d78a3b Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 18 10:06:35 2022 +0200 Merge pull request DependencyTrack#287 from DependencyTrack/dependabot/docker/docker/nginxinc/nginx-unprivileged-5af0906 build(deps): bump nginxinc/nginx-unprivileged from `31ac9ab` to `5af0906` in /docker commit 8a1239c Merge: 21cd1f0 0610ba0 Author: Niklas <nscuro@protonmail.com> Date: Tue Oct 18 10:06:26 2022 +0200 Merge pull request DependencyTrack#288 from DependencyTrack/dependabot/github_actions/docker/setup-buildx-action-2.2.0 build(deps): bump docker/setup-buildx-action from 2.1.0 to 2.2.0 commit 0610ba0 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Oct 18 01:33:58 2022 +0000 build(deps): bump docker/setup-buildx-action from 2.1.0 to 2.2.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> commit 9d78a3b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Oct 18 01:33:57 2022 +0000 build(deps): bump nginxinc/nginx-unprivileged in /docker Bumps nginxinc/nginx-unprivileged from `31ac9ab` to `5af0906`. --- updated-dependencies: - dependency-name: nginxinc/nginx-unprivileged dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit 54e7c51 Merge: 1eaefe5 c80f0ea Author: rbt-mm <113189967+rbt-mm@users.noreply.github.com> Date: Wed Oct 5 14:09:32 2022 +0200 Merge pull request #3 from rbt-mm/rbt-limit-alert-rules-to-project-including-all-existing-or-future-versions Limit alert rules to project including all existing or future versions commit c80f0ea Author: RBickert <rbt@mm-software.com> Date: Wed Oct 5 10:53:17 2022 +0200 Add new info in alerts view Change "Limit to projects" to "Limit to projects (including all of their active children)" to indicate that every child of a subscribed project will also be included in the notification rule. Signed-off-by: RBickert <rbt@mm-software.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps docker/setup-buildx-action from 2.2.0 to 2.2.1.
Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
8c0edbcMerge pull request #175 from crazy-max/input-list-quotes1fb9cbdescape surrounding quotes for platforms input693fdd6Merge pull request #174 from crazy-max/input-quotefe4c1acpreserve quotes surrounding fields in input listDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)