Skip to content

ci: bump docker/login-action from 3 to 4#4

Merged
GeiserX merged 1 commit intomainfrom
dependabot/github_actions/docker/login-action-4
Apr 16, 2026
Merged

ci: bump docker/login-action from 3 to 4#4
GeiserX merged 1 commit intomainfrom
dependabot/github_actions/docker/login-action-4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026
edited by coderabbitai bot
Loading

Bumps docker/login-action from 3 to 4.

Release notes

Sourced from docker/login-action's releases.

v4.0.0

Full Changelog: docker/login-action@v3.7.0...v4.0.0

v3.7.0

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Full Changelog: docker/login-action@v3.3.0...v3.4.0

... (truncated)

Commits
  • 4907a6d Merge pull request #930 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 1e233e6 chore: update generated content
  • 6c24ead build(deps): bump the aws-sdk-dependencies group with 2 updates
  • ee034d7 Merge pull request #958 from docker/dependabot/npm_and_yarn/lodash-4.18.1
  • 1527209 Merge pull request #937 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • d39362a build(deps): bump lodash from 4.17.23 to 4.18.1
  • a6f092b chore: update generated content
  • 60953f0 build(deps): bump the proxy-agent-dependencies group with 2 updates
  • 62c6885 Merge pull request #936 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 102c0e6 chore: update generated content
  • Additional commits viewable in compare view

Summary by CodeRabbit

  • Chores
    • Updated Docker registry authentication action to the latest version to maintain compatibility and access to security improvements.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 16, 2026

Labels

The following labels could not be found: automated, ci. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 16, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The Docker registry login action in the release workflow was upgraded from version 3 to version 4, with configuration parameters remaining unchanged.

Changes

Cohort / File(s) Summary
Workflow Dependencies
.github/workflows/release.yml		 Updated docker/login-action from v3 to v4; authentication inputs unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely describes the main change: bumping the docker/login-action dependency from v3 to v4.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/github_actions/docker/login-action-4

Comment @coderabbitai help to get the list of available commands and usage tips.

@dependabot
ci: bump docker/login-action from 3 to 4
8f6582c 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v3...v4)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/docker/login-action-4 branch from 19c1313 to 8f6582c Compare April 16, 2026 11:38
@GeiserX
Copy link
Copy Markdown
Owner

GeiserX commented Apr 16, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 16, 2026

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

coderabbitai[bot]
coderabbitai bot reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
.github/workflows/release.yml (1)

34-37: LGTM! Version upgrade looks good.

The upgrade to v4 brings Node 24 as the default runtime and requires Actions Runner v2.327.1 or later. The username and password inputs remain valid in v4, and since this workflow uses ubuntu-latest, runner compatibility is not a concern.

Optional: Consider using GitHub variables for the username.

The documentation recommends using ${{ vars.DOCKERHUB_USERNAME }} instead of hardcoding the username. This provides better flexibility if the username needs to change in the future.

♻️ Optional refactor 
       - uses: docker/login-action@v4
         with:
-          username: drumsergio
+          username: ${{ vars.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}

Note: This would require creating a repository variable DOCKERHUB_USERNAME with value drumsergio.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/release.yml around lines 34 - 37, Replace the hardcoded
DockerHub username in the docker/login-action step by reading it from a GitHub
variable; specifically update the docker/login-action@v4 step (the username:
field) to use the repo variable expression (e.g. ${{ vars.DOCKERHUB_USERNAME }})
instead of the literal "drumsergio", and ensure a repository variable named
DOCKERHUB_USERNAME is created with value drumsergio; leave password using ${{
secrets.DOCKERHUB_TOKEN }} unchanged.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/release.yml:
- Around line 34-37: Replace the hardcoded DockerHub username in the
docker/login-action step by reading it from a GitHub variable; specifically
update the docker/login-action@v4 step (the username: field) to use the repo
variable expression (e.g. ${{ vars.DOCKERHUB_USERNAME }}) instead of the literal
"drumsergio", and ensure a repository variable named DOCKERHUB_USERNAME is
created with value drumsergio; leave password using ${{ secrets.DOCKERHUB_TOKEN
}} unchanged.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d711747f-9256-495f-ab12-d1bcb462325b

📥 Commits

Reviewing files that changed from the base of the PR and between be1ff91 and 8f6582c.

📒 Files selected for processing (1)
  • .github/workflows/release.yml

@GeiserX GeiserX merged commit e04db3f into main Apr 16, 2026
5 checks passed
@GeiserX GeiserX deleted the dependabot/github_actions/docker/login-action-4 branch April 16, 2026 11:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GeiserX