chore(deps): update docker/login-action action to v4

chore(deps): update actions/checkout action to v6.0.2 (#38 )
Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
2026-03-04 10:01:04 +00:00 · 2026-01-22 18:53:21 +00:00 · 2026-01-21 20:49:43 +00:00 · 2026-01-19 20:45:20 +00:00 · 2025-12-06 10:52:01 +00:00 · 2025-12-06 10:50:19 +00:00
4 changed files with 25 additions and 13 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v6.0.2
        with:
          fetch-depth: 0

@@ -38,10 +38,10 @@ jobs:
      #     # command: snyk
      #     args: snyk code test --all-projects --exclude=.archive

-      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python@master
-        continue-on-error: true # Sometimes vulns aren't immediately fixable
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: test --all-projects
+      # - name: Snyk Vulnerability Scan
+      #   uses: snyk/actions/python@master
+      #   continue-on-error: true # Sometimes vulns aren't immediately fixable
+      #   env:
+      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      #   with:
+      #     args: test --all-projects
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -45,7 +45,7 @@ jobs:
          REPO: ${{ gitea.repository }}

      - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v6.0.2
        with:
          fetch-depth: 0
          ref: ${{ needs.tag.outputs.tag_name }}
@@ -54,14 +54,14 @@ jobs:
        uses: docker/setup-buildx-action@v3

      - name: Log in to Gitea Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
        with:
          registry: ${{ vars.PACKAGES_REGISTRY_URL }}
          username: ${{ vars.ACTIONS_USERNAME }}
          password: ${{ secrets.ACTIONS_TOKEN }}

      - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
        with:
          registry: ghcr.io
          username: ${{ vars.GHCR_USERNAME }}
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM alpine:3.22 AS build
+FROM alpine:3.23 AS build
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"

 FROM build AS webproc
--- a/renovate.json
+++ b/renovate.json
@@ -11,6 +11,8 @@
  "semanticCommits": "enabled",
  "semanticCommitScope": "deps",
  "semanticCommitType": "feat",
+  "osvVulnerabilityAlerts": true,
+  "dependencyDashboardOSVVulnerabilitySummary": "all",
  "vulnerabilityAlerts": {
    "commitMessagePrefix": "[SECURITY] ",
    "enabled": true,
@@ -19,5 +21,15 @@
  },
  "lockFileMaintenance": {
    "enabled": true
-  }
+  },
+  "packageRules": [
+    {
+      "matchDepTypes": ["devDependencies"],
+      "automerge": true
+    },
+    {
+      "matchUpdateTypes": ["patch"],
+      "automerge": true
+    }
+  ]
 }
Author	SHA1	Message	Date
renovate[bot]	4e2e31f6c5	chore(deps): update docker/login-action action to v4 All checks were successful CI / ci (pull_request) Successful in 6s Details Validate PR Title / validate (pull_request) Successful in 2s Details	2026-03-04 10:01:04 +00:00
renovate[bot]	7651d69f6c	chore(deps): update actions/checkout action to v6.0.2 (#38 ) Some checks failed Release / Tag release (push) Successful in 9s Details Release / Create Release (push) Successful in 5s Details Release / Publish Docker Images (push) Failing after 44s Details Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2026-01-22 18:53:21 +00:00
Luke Tainton	8c603e7b0e	chore(deps): comment out Snyk Vulnerability Scan step in CI workflow (#37 ) Some checks failed Release / Tag release (push) Successful in 6s Details Release / Create Release (push) Successful in 3s Details Release / Publish Docker Images (push) Failing after 34s Details Reviewed-on: #37	2026-01-21 20:49:43 +00:00
Luke Tainton	918e84eb08	chore(ci): Update renovate.json (#36 ) Some checks failed Release / Tag release (push) Successful in 8s Details Release / Create Release (push) Successful in 3s Details Release / Publish Docker Images (push) Failing after 41s Details Reviewed-on: #36	2026-01-19 20:45:20 +00:00
renovate[bot]	26c20e144b	chore(deps): update actions/checkout action to v6.0.1 (#33 ) Some checks failed Release / Tag release (push) Successful in 7s Details Release / Create Release (push) Successful in 2s Details Release / Publish Docker Images (push) Failing after 29s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [actions/checkout](https://github.com/actions/checkout) \| action \| patch \| `v6.0.0` -> `v6.0.1` \| --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.1`](https://github.com/actions/checkout/releases/tag/v6.0.1) [Compare Source](https://github.com/actions/checkout/compare/v6.0.0...v6.0.1) #### What's Changed - Update all references from v5 and v4 to v6 by [@ericsciple](https://github.com/ericsciple) in [#2314](https://github.com/actions/checkout/pull/2314) - Add worktree support for persist-credentials includeIf by [@ericsciple](https://github.com/ericsciple) in [#2327](https://github.com/actions/checkout/pull/2327) - Clarify v6 README by [@ericsciple](https://github.com/ericsciple) in [#2328](https://github.com/actions/checkout/pull/2328) Full Changelog: <https://github.com/actions/checkout/compare/v6...v6.0.1> </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMC4xIiwidXBkYXRlZEluVmVyIjoiNDIuMzAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #33 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2025-12-06 10:52:01 +00:00
renovate[bot]	acc57b22dc	chore(deps): update alpine docker tag to v3.23 (#35 ) Some checks failed Release / Tag release (push) Successful in 8s Details Release / Create Release (push) Successful in 25s Details Release / Publish Docker Images (push) Failing after 37s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| alpine \| final \| minor \| `3.22` -> `3.23` \| --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMy4xIiwidXBkYXRlZEluVmVyIjoiNDIuMzMuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #35 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2025-12-06 10:50:19 +00:00
renovate[bot]	12d1195177	chore(deps): update actions/checkout action to v6 (#31 ) Some checks failed Release / Tag release (push) Successful in 8s Details Release / Create Release (push) Successful in 4s Details Release / Publish Docker Images (push) Failing after 30s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [actions/checkout](https://github.com/actions/checkout) \| action \| major \| `v5.0.1` -> `v6.0.0` \| --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.0`](https://github.com/actions/checkout/releases/tag/v6.0.0) [Compare Source](https://github.com/actions/checkout/compare/v5.0.1...v6.0.0) #### What's Changed - Update README to include Node.js 24 support details and requirements by [@salmanmkc](https://github.com/salmanmkc) in [#2248](https://github.com/actions/checkout/pull/2248) - Persist creds to a separate file by [@ericsciple](https://github.com/ericsciple) in [#2286](https://github.com/actions/checkout/pull/2286) - v6-beta by [@ericsciple](https://github.com/ericsciple) in [#2298](https://github.com/actions/checkout/pull/2298) - update readme/changelog for v6 by [@ericsciple](https://github.com/ericsciple) in [#2311](https://github.com/actions/checkout/pull/2311) Full Changelog: <https://github.com/actions/checkout/compare/v5.0.0...v6.0.0> </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xOC4wIiwidXBkYXRlZEluVmVyIjoiNDIuMTguMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #31 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2025-11-20 18:08:02 +00:00
renovate[bot]	9e11306623	chore(deps): update actions/checkout action to v5.0.1 (#29 ) Some checks failed Release / Tag release (push) Successful in 7s Details Release / Create Release (push) Successful in 4s Details Release / Publish Docker Images (push) Failing after 27s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [actions/checkout](https://github.com/actions/checkout) \| action \| patch \| `v5.0.0` -> `v5.0.1` \| --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v5.0.1`](https://github.com/actions/checkout/releases/tag/v5.0.1) [Compare Source](https://github.com/actions/checkout/compare/v5.0.0...v5.0.1) #### What's Changed - Port v6 cleanup to v5 by [@ericsciple](https://github.com/ericsciple) in [#2301](https://github.com/actions/checkout/pull/2301) Full Changelog: <https://github.com/actions/checkout/compare/v5...v5.0.1> </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xMi4xIiwidXBkYXRlZEluVmVyIjoiNDIuMTIuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #29 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2025-11-17 19:22:05 +00:00