Skip to content

chore(deps): bump complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml from 68fa970f535858f703369a6de4baa2237c38fa3c to 5684c8275536d5d6f47511c672751b646d18e189#102

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_publish_ghcr.yml-5684c8275536d5d6f47511c672751b646d18e189
Closed

chore(deps): bump complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml from 68fa970f535858f703369a6de4baa2237c38fa3c to 5684c8275536d5d6f47511c672751b646d18e189#102
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_publish_ghcr.yml-5684c8275536d5d6f47511c672751b646d18e189

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml from 68fa970f535858f703369a6de4baa2237c38fa3c to 5684c8275536d5d6f47511c672751b646d18e189.

Changelog

Sourced from complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml's changelog.

Changelog

Unreleased

Changed

  • crapload workflow: Replaced custom scripts/compare-crapload.sh (315 lines) with gaze's native gaze crap --baseline comparison. The workflow now writes a temporary .gaze.yaml from workflow inputs when the consumer repo has no config file, preserving backward compatibility. PR comment generation is inline via jq. (#328)

Removed

  • scripts/compare-crapload.sh — comparison logic is now native to gaze
  • TestCompareCrapload test class (5 tests, 203 lines) — covered by 34 upstream tests in gaze
Commits
  • 5684c82 fix: add per-linter vendor regex exclusion for PR mode (#402)
  • e613097 ci(deps): bump docker/build-push-action from 7.2.0 to 7.3.0
  • cfc4d45 ci(deps): bump docker/setup-qemu-action from 4.1.0 to 4.2.0
  • d75937f feat(ci): add org-level linter config fallback to reusable CI workflow
  • f6474e5 chore: add .uf/feedback/ to .gitignore
  • ef64de3 fix(ci): address PR review feedback for build-only mode
  • 701c9a9 fix(ci): add disk space cleanup and permission docs
  • 6c9efc0 fix(ci): add concurrency controls and build-only verification
  • c05586b feat(ci): add build-only mode to reusable_publish_ghcr.yml
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

…lish_ghcr.yml

Bumps [complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml](https://github.com/complytime/org-infra) from 68fa970f535858f703369a6de4baa2237c38fa3c to 5684c8275536d5d6f47511c672751b646d18e189.
- [Release notes](https://github.com/complytime/org-infra/releases)
- [Changelog](https://github.com/complytime/org-infra/blob/main/CHANGELOG.md)
- [Commits](complytime/org-infra@68fa970...5684c82)

---
updated-dependencies:
- dependency-name: complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml
  dependency-version: 5684c8275536d5d6f47511c672751b646d18e189
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 3, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 3, 2026 01:54
@dependabot dependabot Bot requested review from gxmiranda and jpower432 and removed request for a team July 3, 2026 01:54
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 3, 2026
@marcusburghardt

Copy link
Copy Markdown
Member

Should be automatically closed after #103

@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #107.

@dependabot dependabot Bot closed this Jul 3, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_publish_ghcr.yml-5684c8275536d5d6f47511c672751b646d18e189 branch July 3, 2026 10:18
marcusburghardt added a commit that referenced this pull request Jul 3, 2026
Update actions/setup-go from v5.2.0 to v6.5.0 in ci.yml and release.yml.

Pin all complytime/org-infra reusable workflow references to the v0.5.0
release SHA (638b2037) instead of arbitrary main branch commits:
- reusable_ci.yml: 37b9e820 (main) -> 638b2037 (v0.5.0)
- reusable_security.yml: comment updated from main to v0.5.0
- reusable_vuln_scan.yml: comment updated from main to v0.5.0
- reusable_publish_ghcr.yml: 68fa970f (main) -> 638b2037 (v0.5.0)
- reusable_trivy_image_scan.yml: e266be09 (main) -> 638b2037 (v0.5.0)
- reusable_sign_and_verify.yml: e30c5cd8 (main) -> 638b2037 (v0.5.0)

Already up to date (no changes needed):
- actions/checkout v7.0.0
- softprops/action-gh-release v3.0.1

Supersedes: #96, #97, #98, #99, #102

Assisted-by: OpenCode (claude-opus-4-6)
Signed-off-by: Marcus Burghardt <maburgha@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant