Compare commits

...

3 Commits

Author SHA1 Message Date
dependabot[bot]
abc2749882
build(deps): bump the crazy-max-dot-github group across 1 directory with 2 updates
Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).


Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)

Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](9ba6e6f945...46267a6e61)

---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-15 04:42:19 +00:00
temenuzhka-thede
c887d9748d
Merge pull request #568 from docker/sec-cli/npm-ci-20260612-184913
Some checks failed
ci / buildkitd-config (push) Has been cancelled
ci / buildkitd-config-inline (push) Has been cancelled
ci / with-qemu (, all) (push) Has been cancelled
ci / with-qemu (, arm64,riscv64,arm) (push) Has been cancelled
ci / with-qemu (v0.9.1, all) (push) Has been cancelled
ci / with-qemu (v0.9.1, arm64,riscv64,arm) (push) Has been cancelled
ci / build-ref (cb185f095fd3d9444e0aa605d3789e9e05f2a1e7) (push) Has been cancelled
ci / build-ref (master) (push) Has been cancelled
ci / build-ref (refs/pull/731/head) (push) Has been cancelled
ci / build-ref (refs/tags/v0.5.1) (push) Has been cancelled
ci / standalone-cmd (push) Has been cancelled
ci / standalone-action (push) Has been cancelled
ci / append (push) Has been cancelled
ci / platforms (push) Has been cancelled
ci / docker-context (push) Has been cancelled
ci / cleanup (false) (push) Has been cancelled
ci / cleanup (true) (push) Has been cancelled
ci / k3s (latest) (push) Has been cancelled
ci / k3s (v0.10.5) (push) Has been cancelled
ci / k3s (v0.11.0) (push) Has been cancelled
ci / cache-binary (false) (push) Has been cancelled
ci / cache-binary (true) (push) Has been cancelled
ci / windows-error (push) Has been cancelled
ci / keep-state (push) Has been cancelled
ci / keep-state-error (push) Has been cancelled
codeql / analyze (push) Has been cancelled
test / test (push) Has been cancelled
validate / prepare (push) Has been cancelled
zizmor / zizmor (push) Has been cancelled
validate / validate (push) Has been cancelled
fix: replace npm install with npm ci (20260612-184913)
2026-06-12 14:10:56 -05:00
securityeng-bot[bot]
cfdae34ead
fix: use lockfile-aware install commands 2026-06-12 18:49:15 +00:00
3 changed files with 3 additions and 3 deletions

View File

@ -11,7 +11,7 @@ on:
jobs:
run:
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
pull-requests: write

View File

@ -19,7 +19,7 @@ on:
jobs:
zizmor:
uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
uses: crazy-max/.github/.github/workflows/zizmor.yml@46267a6e61cd56aac2fc79943df180152f4c89d6 # v1.10.1
permissions:
contents: read
security-events: write

View File

@ -17,7 +17,7 @@ FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/.yarn/cache \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /vendor && cp yarn.lock /vendor
yarn install --immutable && mkdir /vendor && cp yarn.lock /vendor
FROM scratch AS vendor-update
COPY --from=deps /vendor /