Skip to content

chore(deps): bump NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml from 1.11.4 to 1.12.0#802

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/NethermindEth/github-workflows/dot-github/workflows/docker-build-push-jfrog.yaml-1.12.0
Open

chore(deps): bump NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml from 1.11.4 to 1.12.0#802
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/NethermindEth/github-workflows/dot-github/workflows/docker-build-push-jfrog.yaml-1.12.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml from 1.11.4 to 1.12.0.

Release notes

Sourced from NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml's releases.

v1.12.0

1.12.0 (2026-03-27)

Features

  • add Infisical secrets composite action and example workflows (#134) (2f0ac6f)
  • implement get_infisical_secrets composite action with examples and documentation (2f0ac6f)

Bug Fixes

  • address all code scanning alerts (#136) (def5c61)
  • harden all reusable workflows against code scanning alerts (3e49533)
  • harden all reusable workflows against code scanning alerts (def5c61)

v1.11.6

1.11.6 (2026-03-24)

Bug Fixes

  • bump trivy version to the latest and update the comment (#131) (497acc5)

v1.11.5

1.11.5 (2026-03-24)

Bug Fixes

  • deps: bump aquasecurity/trivy-action (b33ea8f)
  • deps: bump aquasecurity/trivy-action from e368e328979b113139d6f9068e03accaed98a518 to 57a97c7e7821a5776cebc9bb87c984fa69cba8f1 (#128) (b33ea8f)
  • deps: bump azure/setup-helm from 4.3.1 to 5.0.0 (#127) (46b6c1f)
  • deps: bump docker/login-action from 3.7.0 to 4.0.0 (#123) (8fdf229)
  • deps: bump marocchino/sticky-pull-request-comment from 2 to 3 (#125) (5b0e3f6)
  • update composite action to remediate Trivy supply chain attack (#126) (619371e)
Changelog

Sourced from NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml's changelog.

1.12.0 (2026-03-27)

Features

  • add Infisical secrets composite action and example workflows (#134) (2f0ac6f)
  • implement get_infisical_secrets composite action with examples and documentation (2f0ac6f)

Bug Fixes

  • address all code scanning alerts (#136) (def5c61)
  • harden all reusable workflows against code scanning alerts (3e49533)
  • harden all reusable workflows against code scanning alerts (def5c61)

1.11.6 (2026-03-24)

Bug Fixes

  • bump trivy version to the latest and update the comment (#131) (497acc5)

1.11.5 (2026-03-24)

Bug Fixes

  • deps: bump aquasecurity/trivy-action (b33ea8f)
  • deps: bump aquasecurity/trivy-action from e368e328979b113139d6f9068e03accaed98a518 to 57a97c7e7821a5776cebc9bb87c984fa69cba8f1 (#128) (b33ea8f)
  • deps: bump azure/setup-helm from 4.3.1 to 5.0.0 (#127) (46b6c1f)
  • deps: bump docker/login-action from 3.7.0 to 4.0.0 (#123) (8fdf229)
  • deps: bump marocchino/sticky-pull-request-comment from 2 to 3 (#125) (5b0e3f6)
  • update composite action to remediate Trivy supply chain attack (#126) (619371e)
Commits
  • bd40a6f chore(main): release 1.12.0 (#135)
  • 3e49533 fix: harden all reusable workflows against code scanning alerts
  • def5c61 fix: address all code scanning alerts (#136)
  • 2f0ac6f feat: add Infisical secrets composite action and example workflows (#134)
  • ca1429f chore: group Dependabot GitHub Actions updates into a single PR (#130)
  • 462cd25 Add instructions on releases and stable tag (#133)
  • 7a39b6d chore(main): release 1.11.6 (#132)
  • 497acc5 fix: bump trivy version to the latest and update the comment (#131)
  • e8b3402 chore(main): release 1.11.5 (#129)
  • 619371e fix: update composite action to remediate Trivy supply chain attack (#126)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump NethermindEth/github-workflows/.github/workflows/do…
c992e6a 
…cker-build-push-jfrog.yaml

Bumps [NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml](https://github.com/nethermindeth/github-workflows) from 1.11.4 to 1.12.0.
- [Release notes](https://github.com/nethermindeth/github-workflows/releases)
- [Changelog](https://github.com/NethermindEth/github-workflows/blob/main/CHANGELOG.md)
- [Commits](NethermindEth/github-workflows@v1.11.4...v1.12.0)

---
updated-dependencies:
- dependency-name: NethermindEth/github-workflows/.github/workflows/docker-build-push-jfrog.yaml
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Dependency updates github_actions Pull requests that update GitHub Actions code labels Apr 6, 2026
@dependabot dependabot bot added dependencies Dependency updates github_actions Pull requests that update GitHub Actions code labels Apr 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wurdum wurdum wurdum approved these changes

@damian-orzechowski damian-orzechowski Awaiting requested review from damian-orzechowski damian-orzechowski is a code owner

@hudem1 hudem1 Awaiting requested review from hudem1 hudem1 is a code owner

@AnkushinDaniil AnkushinDaniil Awaiting requested review from AnkushinDaniil AnkushinDaniil is a code owner

@svlachakis svlachakis Awaiting requested review from svlachakis svlachakis is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Dependency updates github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wurdum