13 Commits

• build(deps): bump github/codeql-action from 4.35.5 to 4.36.0

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.5 to 4.36.0.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)
  
  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-version: 4.36.0
    dependency-type: direct:production
    update-type: version-update:semver-minor
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2026-05-26 07:53:28 +00:00
  652059025f
• build(deps): bump github/codeql-action from 4.35.2 to 4.35.5

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.2 to 4.35.5.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...9e0d7b8d25671d64c341c19c0152d693099fb5ba)
  
  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-version: 4.35.5
    dependency-type: direct:production
    update-type: version-update:semver-patch
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2026-05-18 08:04:15 +00:00
  b45b323e05
• Merge pull request #971 from docker/dependabot/github_actions/github/codeql-action-4.35.2

  build(deps): bump github/codeql-action from 4.35.1 to 4.35.2

  CrazyMax · 2026-04-24 09:48:54 +02:00
  ae469901b0
• build(deps): bump actions/setup-node from 6.3.0 to 6.4.0

  Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6.3.0 to 6.4.0.
  - [Release notes](https://github.com/actions/setup-node/releases)
  - [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e)
  
  ---
  updated-dependencies:
  - dependency-name: actions/setup-node
    dependency-version: 6.4.0
    dependency-type: direct:production
    update-type: version-update:semver-minor
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2026-04-21 05:53:38 +00:00
  1ed1634702
• build(deps): bump github/codeql-action from 4.35.1 to 4.35.2

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225)
  
  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-version: 4.35.2
    dependency-type: direct:production
    update-type: version-update:semver-patch
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2026-04-17 05:53:52 +00:00
  5565f3ba0d
• fix zizmor findings

  Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>

  CrazyMax · 2026-03-30 13:44:09 +02:00
  abb6787042
• ci: update codeql workflow

  Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>

  CrazyMax · 2026-03-20 11:48:51 +01:00
  b78dc2c156
• build(deps): bump actions/checkout from 5 to 6

  Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
  - [Release notes](https://github.com/actions/checkout/releases)
  - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/actions/checkout/compare/v5...v6)
  
  ---
  updated-dependencies:
  - dependency-name: actions/checkout
    dependency-version: '6'
    dependency-type: direct:production
    update-type: version-update:semver-major
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2025-11-21 05:01:49 +00:00
  4349d75975
• build(deps): bump github/codeql-action from 3 to 4

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/v3...v4)
  
  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-version: '4'
    dependency-type: direct:production
    update-type: version-update:semver-major
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2025-10-08 05:01:54 +00:00
  2064b45545
• build(deps): bump actions/checkout from 4 to 5

  Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
  - [Release notes](https://github.com/actions/checkout/releases)
  - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/actions/checkout/compare/v4...v5)
  
  ---
  updated-dependencies:
  - dependency-name: actions/checkout
    dependency-version: '5'
    dependency-type: direct:production
    update-type: version-update:semver-major
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2025-08-12 14:16:25 +00:00
  9b3389107c
• build(deps): bump github/codeql-action from 2 to 3

  Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
  - [Release notes](https://github.com/github/codeql-action/releases)
  - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
  - [Commits](https://github.com/github/codeql-action/compare/v2...v3)
  
  ---
  updated-dependencies:
  - dependency-name: github/codeql-action
    dependency-type: direct:production
    update-type: version-update:semver-major
  ...
  
  Signed-off-by: dependabot[bot] <support@github.com>

  dependabot[bot] · 2023-12-14 05:50:29 +00:00
  f405860ca0
• ci(codeql): restrict code scanning to src folder

  Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>

  CrazyMax · 2023-10-24 16:38:18 +02:00
  6452b9a4db
• introduce CodeQL to enable SAST scanning

  Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
  Signed-off-by: temenuzhka-thede <temenuzhka.thede@docker.com>
  Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>

  temenuzhka-thede · 2023-10-24 11:24:29 +02:00
  b96c2c0282