chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](c10b8064de...95e58e9a2c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #644 from crazy-max/fix-zizmor
2026-04-18 06:26:00 +00:00 · 2026-04-17 19:23:46 +00:00 · 2026-04-15 14:25:48 -07:00 · 2026-04-15 16:01:58 +02:00 · 2026-04-09 10:22:09 +02:00 · 2026-04-08 19:22:42 +00:00
6 changed files with 9 additions and 10 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -19,6 +19,8 @@ updates:
      interval: "daily"
    cooldown:
      default-days: 2
+      exclude:
+        - "@docker/actions-toolkit"
    versioning-strategy: "increase"
    allow:
      - dependency-type: "production"
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,12 +35,12 @@ jobs:
          node-version: ${{ env.NODE_VERSION }}
      -
        name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
        with:
          languages: javascript-typescript
          build-mode: none
      -
        name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
        with:
          category: "/language:javascript-typescript"
--- a/.github/workflows/pr-assign-author.yml
+++ b/.github/workflows/pr-assign-author.yml
@@ -11,7 +11,7 @@ on:

 jobs:
  run:
-    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
+    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@d89fe92d808a15e2b2ed5cdb62db7c172c31410d # v1.6.0
    permissions:
      contents: read
      pull-requests: write
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -19,7 +19,7 @@ on:

 jobs:
  zizmor:
-    uses: crazy-max/.github/.github/workflows/zizmor.yml@bb328ea508cd6a89d0865555ddbeb148e5724aed # v1.3.0
+    uses: crazy-max/.github/.github/workflows/zizmor.yml@d89fe92d808a15e2b2ed5cdb62db7c172c31410d # v1.6.0
    permissions:
      contents: read
      security-events: write
--- a/.github/zizmor.yml
+++ b/.github/zizmor.yml
@@ -1,3 +0,0 @@
-rules:
-  secrets-outside-env: # FIXME: remove this rule when zizmor 1.24.0 is released, fixing the right persona attached to this rule: https://github.com/zizmorcore/zizmor/pull/1783
-    disable: true
--- a/yarn.lock
+++ b/yarn.lock
@@ -4605,8 +4605,8 @@ __metadata:
  linkType: hard

 "vite@npm:^6.0.0 || ^7.0.0":
-  version: 7.3.2
-  resolution: "vite@npm:7.3.2"
+  version: 7.3.1
+  resolution: "vite@npm:7.3.1"
  dependencies:
    esbuild: "npm:^0.27.0"
    fdir: "npm:^6.5.0"
@@ -4655,7 +4655,7 @@ __metadata:
      optional: true
  bin:
    vite: bin/vite.js
-  checksum: 10/c5f7a9a60011c41c836cedf31c8ee7624102aff9b6a7f3aab2ff47639721bba0916f81994c3a3ea6577a16c4f0dfee1e7dbd244e0da8edd5954e3c6d48daaaa2
+  checksum: 10/62e48ffa4283b688f0049005405a004447ad38ffc99a0efea4c3aa9b7eed739f7402b43f00668c0ee5a895b684dc953d62f0722d8a92c5b2f6c95f051bceb208
  languageName: node
  linkType: hard
Author	SHA1	Message	Date
dependabot[bot]	da96386992	chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`c10b8064de...95e58e9a2c`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-17 19:23:46 +00:00
Tõnis Tiigi	deaa0dee56	Merge pull request #644 from crazy-max/fix-zizmor ci(zizmor): update rules	2026-04-15 14:25:48 -07:00
CrazyMax	0865878ea7	ci(zizmor): update rules Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-04-15 16:01:58 +02:00
CrazyMax	a7807070e6	Merge pull request #638 from docker/dependabot/github_actions/crazy-max-dot-github-f0991e81fd chore(deps): Bump the crazy-max-dot-github group with 2 updates	2026-04-09 10:22:09 +02:00
dependabot[bot]	445fddb648	chore(deps): Bump the crazy-max-dot-github group with 2 updates Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github). Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.3.0 to 1.6.0 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](`bb328ea508...d89fe92d80`) Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.3.0 to 1.6.0 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](`bb328ea508...d89fe92d80`) --- updated-dependencies: - dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml dependency-version: 1.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crazy-max-dot-github - dependency-name: crazy-max/.github/.github/workflows/zizmor.yml dependency-version: 1.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crazy-max-dot-github ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-08 19:22:42 +00:00