Bump docker/build-push-action from 3.2.0 to 3.3.0
Created by: dependabot[bot]
Bumps docker/build-push-action from 3.2.0 to 3.3.0.
Release notes
Sourced from docker/build-push-action's releases.
v3.3.0
- Add
attests
,provenance
andsbom
inputs by@crazy-max
(#746 #759)- Log GitHub Actions runtime token access controls by
@crazy-max
(#707)- Examples moved to docs website by
@crazy-max
(#718)- Bump minimatch from 3.0.4 to 3.1.2 (#732)
- Bump csv-parse from 5.3.0 to 5.3.3 (#729)
- Bump json5 from 2.2.0 to 2.2.3 (#749)
Full Changelog: https://github.com/docker/build-push-action/compare/v3.2.0...v3.3.0
Commits
-
37abced
Merge pull request #760 from crazy-max/test-envs -
67109bc
test: move envs to jest config -
d1b0eb0
Merge pull request #759 from crazy-max/fix-provenance-input -
a0635fe
update generated content -
f834265
tests for provenance -
0191543
fix provenance input -
2a16835
Merge pull request #758 from crazy-max/revert-736 -
9b96801
Revert build-args newline split -
6afac85
Merge pull request #736 from ruslandoga/build-args-newline-split -
3bfdd83
pre-checkin - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)