build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0 by dependabot[bot] · Pull Request #970 · docker/login-action

dependabot · 2026-04-16T05:53:02Z

Bumps @docker/actions-toolkit from 0.86.0 to 0.90.0.

Release notes

Sourced from @docker/actions-toolkit's releases.

v0.90.0

buildx(build): pin implicit git contexts and support opt-in fetch-by-commit by @crazy-max in docker/actions-toolkit#1085

build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 in docker/actions-toolkit#1110

build(deps): bump ip-address from 10.0.1 to 10.2.0 in docker/actions-toolkit#1107

build(deps): bump postcss from 8.5.6 to 8.5.14 in docker/actions-toolkit#1106

build(deps): bump semver from 7.7.4 to 7.8.0 in docker/actions-toolkit#1111

build(deps): bump tar-stream from 3.1.7 to 3.2.0 in docker/actions-toolkit#1104

Full Changelog: docker/actions-toolkit@v0.89.1...v0.90.0

v0.89.1

fix Handlebars default import interop by @crazy-max in docker/actions-toolkit#1101

Full Changelog: docker/actions-toolkit@v0.89.0...v0.89.1

v0.89.0

docker(install): update lima images by @crazy-max in docker/actions-toolkit#1087

docker(install): retry macOS archive installs on transient apt mirror failures by @crazy-max in docker/actions-toolkit#1090

docker(install): lima install diagnostics for Docker provisioning failures by @crazy-max in docker/actions-toolkit#1089

util: add opt-in whitespace preservation for multiline inputs by @crazy-max in docker/actions-toolkit#1099

util: add handlebars render helper by @crazy-max in docker/actions-toolkit#1072

build(deps): bump @actions/core from 3.0.0 to 3.0.1 in docker/actions-toolkit#1098

build(deps): bump @actions/github from 9.1.0 to 9.1.1 in docker/actions-toolkit#1096

build(deps): bump @actions/http-client from 4.0.0 to 4.0.1 in docker/actions-toolkit#1097

build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 in docker/actions-toolkit#1095

Full Changelog: docker/actions-toolkit@v0.88.0...v0.89.0

v0.88.0

buildx(build): stabilize pull request git contexts by @crazy-max in docker/actions-toolkit#1067

build(deps): bump @actions/github from 9.0.0 to 9.1.0 in docker/actions-toolkit#1066

build(deps): bump lodash from 4.17.23 to 4.18.1 in docker/actions-toolkit#1058

Full Changelog: docker/actions-toolkit@v0.87.0...v0.88.0

v0.87.0

buildx(build): simplify git context format fallback by @crazy-max in docker/actions-toolkit#1033

sigstore: default blob attestation verification to SLSA provenance v1 by @crazy-max in docker/actions-toolkit#1060

sigstore: wire to explicit cosign binary by @crazy-max in docker/actions-toolkit#1061

build(deps): bump brace-expansion from 1.1.12 to 1.1.13 in docker/actions-toolkit#1048

build(deps): bump handlebars from 4.7.8 to 4.7.9 in docker/actions-toolkit#1045

build(deps): bump picomatch from 4.0.3 to 4.0.4 in docker/actions-toolkit#1039

build(deps): bump vite from 7.3.1 to 7.3.2 in docker/actions-toolkit#1056

Full Changelog: docker/actions-toolkit@v0.86.0...v0.87.0

Commits

1a71fe7 Merge pull request #1111 from docker/dependabot/npm_and_yarn/semver-7.8.0
aeb1ae6 Merge pull request #1112 from docker/dependabot/github_actions/github/codeql-...
d0d722b build(deps): bump github/codeql-action from 4.35.3 to 4.35.4
34256b6 build(deps): bump semver from 7.7.4 to 7.8.0
84d0f6d Merge pull request #1110 from docker/dependabot/npm_and_yarn/fast-xml-builder...
9c827f1 build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0
4386736 Merge pull request #1085 from crazy-max/git-context-pin
b7f80a0 Merge pull request #1107 from docker/dependabot/npm_and_yarn/ip-address-10.2.0
0b5c584 Merge pull request #1109 from docker/bot/buildx-releases-json
bf3779d github: update .github/buildx-releases.json
Additional commits viewable in compare view

dependabot · 2026-05-22T05:53:01Z

A newer version of @docker/actions-toolkit exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

crazy-max · 2026-05-22T09:38:37Z

@dependabot recreate

Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.86.0 to 0.90.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](docker/actions-toolkit@v0.86.0...v0.90.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-version: 0.88.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

….1.0 ➔ v4.2.0 ) (#9) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [https://github.com/docker/login-action](https://github.com/docker/login-action) | action | minor | `v4.1.0` → `v4.2.0` | --- ### Release Notes <details> <summary>docker/login-action (https://github.com/docker/login-action)</summary> ### [`v4.2.0`](https://github.com/docker/login-action/releases/tag/v4.2.0) [Compare Source](docker/login-action@v4.1.0...v4.2.0) - Bump [@actions/core](https://github.com/actions/core) from 3.0.0 to 3.0.1 in [#976](docker/login-action#976) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.1050.0 in [#960](docker/login-action#960) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.86.0 to 0.90.0 in [#970](docker/login-action#970) - Bump brace-expansion from 2.0.1 to 5.0.6 in [#993](docker/login-action#993) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#985](docker/login-action#985) - Bump fast-xml-parser from 5.3.6 to 5.8.0 in [#963](docker/login-action#963) - Bump http-proxy-agent and https-proxy-agent to 9.0.0 in [#961](docker/login-action#961) - Bump postcss from 8.5.6 to 8.5.10 in [#979](docker/login-action#979) - Bump tar from 6.2.1 to 7.5.15 in [#991](docker/login-action#991) - Bump vite from 7.3.1 to 7.3.3 in [#986](docker/login-action#986) **Full Changelog**: <docker/login-action@v4.1.0...v4.2.0> </details> --- ### Configuration 📅 **Schedule**: (in timezone Europe/Amsterdam) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).  Reviewed-on: https://git.dcunha.io/Exikle/containers/pulls/9

@crazy-max

##### [\`v4.2.0\`](https://github.com/docker/login-action/releases/tag/v4.2.0) - Bump [@actions/core](https://github.com/actions/core) from 3.0.0 to 3.0.1 in [#976](docker/login-action#976) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.1050.0 in [#960](docker/login-action#960) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.86.0 to 0.90.0 in [#970](docker/login-action#970) - Bump brace-expansion from 2.0.1 to 5.0.6 in [#993](docker/login-action#993) - Bump fast-xml-builder from 1.1.4 to 1.2.0 in [#985](docker/login-action#985) - Bump fast-xml-parser from 5.3.6 to 5.8.0 in [#963](docker/login-action#963) - Bump http-proxy-agent and https-proxy-agent to 9.0.0 in [#961](docker/login-action#961) - Bump postcss from 8.5.6 to 8.5.10 in [#979](docker/login-action#979) - Bump tar from 6.2.1 to 7.5.15 in [#991](docker/login-action#991) - Bump vite from 7.3.1 to 7.3.3 in [#986](docker/login-action#986) **Full Changelog**: <docker/login-action@v4.1.0...v4.2.0> --- ##### [\`v4.1.0\`](https://github.com/docker/login-action/releases/tag/v4.1.0) - Fix scoped Docker Hub cleanup path when registry is omitted by [@crazy-max](https://github.com/crazy-max) in [#945](docker/login-action#945) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.1020.0 in [#930](docker/login-action#930) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.77.0 to 0.86.0 in [#932](docker/login-action#932) [#936](docker/login-action#936) - Bump brace-expansion from 1.1.12 to 1.1.13 in [#952](docker/login-action#952) - Bump fast-xml-parser from 5.3.4 to 5.3.6 in [#942](docker/login-action#942) - Bump flatted from 3.3.3 to 3.4.2 in [#944](docker/login-action#944) - Bump glob from 10.3.12 to 10.5.0 in [#940](docker/login-action#940) - Bump handlebars from 4.7.8 to 4.7.9 in [#949](docker/login-action#949) - Bump http-proxy-agent and https-proxy-agent to 8.0.0 in [#937](docker/login-action#937) - Bump lodash from 4.17.23 to 4.18.1 in [#958](docker/login-action#958) - Bump minimatch from 3.1.2 to 3.1.5 in [#941](docker/login-action#941) - Bump picomatch from 4.0.3 to 4.0.4 in [#948](docker/login-action#948) - Bump undici from 6.23.0 to 6.24.1 in [#938](docker/login-action#938) **Full Changelog**: <docker/login-action@v4.0.0...v4.1.0> --- ##### [\`v4.0.0\`](https://github.com/docker/login-action/releases/tag/v4.0.0) - Node 24 as default runtime (requires [Actions Runner v2.327.1](https://github.com/actions/runner/releases/tag/v2.327.1) or later) by [@crazy-max](https://github.com/crazy-max) in [#929](docker/login-action#929) - Switch to ESM and update config/test wiring by [@crazy-max](https://github.com/crazy-max) in [#927](docker/login-action#927) - Bump [@actions/core](https://github.com/actions/core) from 1.11.1 to 3.0.0 in [#919](docker/login-action#919) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) from 3.890.0 to 3.1000.0 in [#909](docker/login-action#909) [#920](docker/login-action#920) - Bump [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) from 3.890.0 to 3.1000.0 in [#909](docker/login-action#909) [#920](docker/login-action#920) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.63.0 to 0.77.0 in [#910](docker/login-action#910) [#928](docker/login-action#928) - Bump [@isaacs/brace-expansion](https://github.com/isaacs/brace-expansion) from 5.0.0 to 5.0.1 in [#921](docker/login-action#921) - Bump js-yaml from 4.1.0 to 4.1.1 in [#901](docker/login-action#901) **Full Changelog**: <docker/login-action@v3.7.0...v4.0.0> --- ##### [\`v4\`](docker/login-action@v3...v4) --- ##### [\`v3.7.0\`](https://github.com/docker/login-action/releases/tag/v3.7.0) - Add `scope` input to set scopes for the authentication token by [@crazy-max](https://github.com/crazy-max) in [#912](docker/login-action#912) - Add support for AWS European Sovereign Cloud ECR by [@dphi](https://github.com/dphi) in [#914](docker/login-action#914) - Ensure passwords are redacted with `registry-auth` input by [@crazy-max](https://github.com/crazy-max) in [#911](docker/login-action#911) - build(deps): bump lodash from 4.17.21 to 4.17.23 in [#915](docker/login-action#915) **Full Changelog**: <docker/login-action@v3.6.0...v3.7.0> --- ##### [\`v3.6.0\`](https://github.com/docker/login-action/releases/tag/v3.6.0) - Add `registry-auth` input for raw authentication to registries by [@crazy-max](https://github.com/crazy-max) in [#887](docker/login-action#887) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) to 3.890.0 in [#882](docker/login-action#882) [#890](docker/login-action#890) - Bump [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.890.0 in [#882](docker/login-action#882) [#890](docker/login-action#890) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.62.1 to 0.63.0 in [#883](docker/login-action#883) - Bump brace-expansion from 1.1.11 to 1.1.12 in [#880](docker/login-action#880) - Bump undici from 5.28.4 to 5.29.0 in [#879](docker/login-action#879) - Bump tmp from 0.2.3 to 0.2.4 in [#881](docker/login-action#881) **Full Changelog**: <docker/login-action@v3.5.0...v3.6.0> --- ##### [\`v3.5.0\`](https://github.com/docker/login-action/releases/tag/v3.5.0) - Support dual-stack endpoints for AWS ECR by [@Spacefish](https://github.com/Spacefish) [@crazy-max](https://github.com/crazy-max) in [#874](docker/login-action#874) [#876](docker/login-action#876) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) to 3.859.0 in [#860](docker/login-action#860) [#878](docker/login-action#878) - Bump [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.859.0 in [#860](docker/login-action#860) [#878](docker/login-action#878) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.57.0 to 0.62.1 in [#870](docker/login-action#870) - Bump form-data from 2.5.1 to 2.5.5 in [#875](docker/login-action#875) **Full Changelog**: <docker/login-action@v3.4.0...v3.5.0> --- ##### [\`v3.4.0\`](https://github.com/docker/login-action/releases/tag/v3.4.0) - Bump [@actions/core](https://github.com/actions/core) from 1.10.1 to 1.11.1 in [#791](docker/login-action#791) - Bump [@aws-sdk/client-ecr](https://github.com/aws-sdk/client-ecr) to 3.766.0 in [#789](docker/login-action#789) [#856](docker/login-action#856) - Bump [@aws-sdk/client-ecr-public](https://github.com/aws-sdk/client-ecr-public) to 3.758.0 in [#789](docker/login-action#789) [#856](docker/login-action#856) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.35.0 to 0.57.0 in [#801](docker/login-action#801) [#806](docker/login-action#806) [#858](docker/login-action#858) - Bump cross-spawn from 7.0.3 to 7.0.6 in [#814](docker/login-action#814) - Bump https-proxy-agent from 7.0.5 to 7.0.6 in [#823](docker/login-action#823) - Bump path-to-regexp from 6.2.2 to 6.3.0 in [#777](docker/login-action#777) **Full Changelog**: <docker/login-action@v3.3.0...v3.4.0> --- ##### [\`v3.3.0\`](https://github.com/docker/login-action/releases/tag/v3.3.0) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.24.0 to 0.35.0 in [#754](docker/login-action#754) - Bump https-proxy-agent from 7.0.4 to 7.0.5 in [#741](docker/login-action#741) - Bump braces from 3.0.2 to 3.0.3 in [#730](docker/login-action#730) **Full Changelog**: <docker/login-action@v3.2.0...v3.3.0> --- ##### [\`v3.2.0\`](https://github.com/docker/login-action/releases/tag/v3.2.0) - Improve missing username/password by [@Frankkkkk](https://github.com/Frankkkkk) in [#706](docker/login-action#706) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.18.0 to 0.24.0 in [#715](docker/login-action#715) [#721](docker/login-action#721) - Bump aws-sdk-dependencies to 3.583.0 in [#720](docker/login-action#720) - Bump undici from 5.28.3 to 5.28.4 in [#694](docker/login-action#694) **Full Changelog**: <docker/login-action@v3.1.0...v3.2.0> --- ##### [\`v3.1.0\`](https://github.com/docker/login-action/releases/tag/v3.1.0) - Bump [@babel/traverse](https://github.com/babel/traverse) from 7.17.3 to 7.23.2 in [#618](docker/login-action#618) - Bump [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.12.0 to 0.18.0 in [#616](docker/login-action#616) [#636](docker/login-action#636) [#682](docker/login-action#682) - Bump aws-sdk dependencies to 3.529.1 in [#624](docker/login-action#624) [#685](docker/login-action#685) - Bump http-proxy-agent to 7.0.2 in [#676](docker/login-action#676) - Bump https-proxy-agent to 7.0.4 in [#676](docker/login-action#676) - Bump undici from 5.26.5 to 5.28.3 in [#677](docker/login-action#677) **Full Changelog**: <docker/login-action@v3.0.0...v3.1.0>

dependabot Bot added bot dependencies labels Apr 16, 2026

dependabot Bot mentioned this pull request Apr 16, 2026

build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.87.0 #966

Closed

dependabot Bot changed the title ~~build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.88.0~~ build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0 May 22, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/docker/actions-toolkit-0.88.0 branch from e26be53 to 56d092c Compare May 22, 2026 09:40

chore: update generated content

4eefcd3

crazy-max approved these changes May 22, 2026

View reviewed changes

crazy-max merged commit 39d8580 into master May 22, 2026
11 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/docker/actions-toolkit-0.88.0 branch May 22, 2026 09:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0#970

build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0#970
crazy-max merged 2 commits into
masterfrom
dependabot/npm_and_yarn/docker/actions-toolkit-0.88.0

dependabot Bot commented on behalf of github Apr 16, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github May 22, 2026

Uh oh!

crazy-max commented May 22, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.90.0

v0.89.1

v0.89.0

v0.88.0

v0.87.0

Uh oh!

dependabot Bot commented on behalf of github May 22, 2026

Uh oh!

crazy-max commented May 22, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Apr 16, 2026 •

edited

Loading