Note
All notable changes to this project will be documented in this file; the format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Update github/codeql-action from
4.31.5to4.31.6. (#53) @dependabot - Update docker/metadata-action from
5.9.0to5.10.0. (#53) @dependabot - Update actions/checkout from
6.0.0to6.0.1. (#55) @dependabot - Update github/codeql-action from
4.31.6to4.31.9. (#55) @dependabot - Update docker/setup-buildx-action from
3.11.1to3.12.0. (#55) @dependabot - Update actions/attest-build-provenance from
3.0.0to3.1.0. (#55) @dependabot - Update actions/download-artifact from
6.0.0to7.0.0. (#56) @dependabot - Update actions/upload-artifact from
5.0.0to6.0.0. (#57) @dependabot - Update github/codeql-action from
4.31.9to4.31.10. (#58) @dependabot
v0.10.3 - 2025-11-26
- Update docker/setup-qemu-action from
3.6.0to3.7.0. (#48) @dependabot - Update docker/metadata-action from
5.8.0to5.9.0. (#48) @dependabot - Update github/codeql-action from
4.31.2to4.31.5. (#50) @dependabot - Update actions/checkout from
5.0.0to6.0.0. (#51) @dependabot - Update action-stars/generic-workflows/.github/workflows/dependabot-changelog.yaml from
0.7.3to0.7.4. (#52) @dependabot - Update action-stars/generic-workflows/.github/workflows/release.yaml from
0.7.3to0.7.4. (#52) @dependabot - Update action-stars/generic-workflows/.github/workflows/validate-gh-workflows.yaml from
0.7.3to0.7.4. (#52) @dependabot
v0.10.2 - 2025-11-04
- Update action-stars/install-tool-from-github-release from
0.2.5to0.2.6. (#45) @dependabot - Update sigstore/cosign-installer from
3.10.0to4.0.0. (#42) @dependabot - Update actions/download-artifact from
5.0.0to6.0.0. (#44) @dependabot - Update github/codeql-action from
3.30.5to4.30.9. (#43) @dependabot - Update action-stars/generic-workflows from
0.7.2to0.7.3. (#46) @dependabot - Update actions/upload-artifact from
4.6.2to5.0.0. (#47) @dependabot
v0.10.1 - 2025-09-29
- Fix removal of
security-eventswrite permission. (#40) @stevehipwell
v0.10.0 - 2025-09-29
- Update sigstore/cosign-installer from
3.9.2to3.10.0. (#36) @dependabot - Use GitHub dependency format created by
syft. (#37) @stevehipwell - Deduplicate GitHub dependency submissions. (#37) @stevehipwell
- Update action-stars/generic-workflows from
0.7.1to0.7.2. (#39) @dependabot - Update github/codeql-action from
3.30.3to3.30.5. (#39) @dependabot - Update docker/login-action from
3.5.0to3.6.0. (#39) @dependabot
v0.9.0 - 2025-09-11
- Update actions/attest-build-provenance from
2.4.0to3.0.0. (#34) @dependabot - Update actions/attest-sbo from
2.4.0to3.0.0. (#33) @dependabot - Update github/codeql-action from
3.30.0to3.30.1. (#32) @dependabot
- Correct Hadolint binary name format after latest release changed casing. (#35) @dependabot
v0.8.1 - 2025-09-03
- Update github/codeql-action from
3.29.9to3.29.10. (#29) @dependabot - Update action-stars/generic-workflows from
0.7.0to0.7.1. (#31) @dependabot - Update github/codeql-action from
3.29.10to3.30.0. (#31) @dependabot
v0.8.0 - 2025-08-12
- Update actions/checkout_ from
4.2.2to5.0.0. (#26) @dependabot - Update actions/download-artifact from
4.3.0to5.0.0. (#27) @dependabot - Update action-stars/generic-workflows from
0.6.0to0.7.0. (#28) @dependabot - Update github/codeql-action from
3.29.7to3.29.9. (#28) @dependabot
v0.7.0 - 2025-08-08
- Add manifest SBOM. (#24) @stevehipwell
- Update github/codeql-action from
3.29.1to3.29.2. (#21) @dependabot - Update github/codeql-action from
3.29.2to3.29.5. (#23) @dependabot - Update docker/login-action from
3.4.0to3.5.0. (#23) @dependabot - Update docker/metadata-action from
5.7.0to5.8.0. (#23) @dependabot - Update sigstore/cosign-installer from
3.9.1to3.9.2. (#23) @dependabot
v0.6.0 - 2025-06-30
- Update github/codeql-action from
3.28.17to3.28.18. (#17) @dependabot - Update docker/build-push-action from
6.16.0to6.17.0. (#17) @dependabot - Update github/codeql-action from
3.28.18to3.28.19. (#18) @dependabot - Update docker/build-push-action from
6.17.0to6.18.0. (#18) @dependabot - Update github/codeql-action from
3.28.19to3.29.0. (#20) @dependabot - Update docker/setup-buildx-action from
3.10.0to3.11.1. (#20) @dependabot - Update actions/attest-build-provenance from
2.3.0to2.4.0. (#20) @dependabot - Update actions/attest-sbom from
2.2.0to2.4.0. (#20) @dependabot - Update sigstore/cosign-installer from
3.8.2to3.9.0. (#20) @dependabot
v0.5.1 - 2025-05-13
- Update github/codeql-action from
3.28.16to3.28.17. (#14) @dependabot - Update action-stars/install-tool-from-github-release from
0.2.4to0.2.5. (#16) @dependabot
v0.5.0 - 2025-04-30
- Update github/codeql-action from
3.28.13to3.28.14. (#11) @dependabot - Update github/codeql-action from
3.28.14to3.28.15. (#12) @dependabot - Update github/codeql-action from
3.28.15to3.28.16. (#13) @dependabot - Update actions/download-artifact from
4.2.1to4.3.0. (#13) @dependabot - Update docker/build-push-action from
6.15.0to6.16.0. (#13) @dependabot - Update actions/attest-build-provenance from
2.2.3to2.3.0. (#13) @dependabot - Update sigstore/cosign-installer from
3.8.1to3.8.2. (#13) @dependabot
v0.4.0 - 2025-03-27
- Add
WORKFLOW_ARTIFACTSbuild argument to support accessing the artifacts passed to the workflow. (#7) @stevehipwell
- Only setup QEMU if the platform doesn't match the runner architecture. (#7) @stevehipwell
- Update docker/login-action from
3.3.0to3.4.0. (#8) @dependabot - Update github/codeql-action from
3.28.11to3.28.13. (#9) @dependabot - Update actions/upload-artifact from
4.6.1to4.6.2. (#9) @dependabot - Update actions/download-artifact from
4.1.9to4.2.1. (#9) @dependabot
v0.3.0 - 2025-03-12
- Fix missing permission for validate job. (#6) @stevehipwell
v0.2.0 - 2025-03-12
- Fix the image media type created by the Build OCI Image workflow not being OCI. (#5) @stevehipwell
- Fix missing annotation for the OCI image index created by the Build OCI Image workflow. (#5) @stevehipwell
v0.1.0 - 2025-03-12
- Add initial version of the Build OCI Image workflow. (#2) @stevehipwell