Skip to content

ci: bump docker/build-push-action from 6 to 7#178

Merged
yimsk merged 3 commits intomainfrom
dependabot/github_actions/docker/build-push-action-7
Mar 14, 2026
Merged

ci: bump docker/build-push-action from 6 to 7#178
yimsk merged 3 commits intomainfrom
dependabot/github_actions/docker/build-push-action-7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 10, 2026

Bumps docker/build-push-action from 6 to 7.

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

v6.19.2

Full Changelog: docker/build-push-action@v6.19.1...v6.19.2

v6.19.1

Full Changelog: docker/build-push-action@v6.19.0...v6.19.1

v6.19.0

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

v6.18.0

[!NOTE] Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

[!NOTE] Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

... (truncated)

Commits
  • d08e5c3 Merge pull request #1479 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • cbd2dff chore: update generated content
  • f76f51f chore(deps): Bump @​docker/actions-toolkit from 0.78.0 to 0.79.0
  • 7d03e66 Merge pull request #1473 from crazy-max/rm-deprecated-envs
  • 98f853d chore: update generated content
  • cadccf6 remove deprecated envs
  • 03fe877 Merge pull request #1478 from docker/dependabot/github_actions/docker/setup-b...
  • 827e366 chore(deps): Bump docker/setup-buildx-action from 3 to 4
  • e25db87 Merge pull request #1474 from crazy-max/rm-export-build-tool
  • 1ac2573 Merge pull request #1470 from crazy-max/node24
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
ci: bump docker/build-push-action from 6 to 7
85ea5fb 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v6...v7)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 10, 2026

Labels

The following labels could not be found: ci, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@claude
Copy link
Copy Markdown

claude Bot commented Mar 14, 2026

PR Review: Bump docker/build-push-action from 6 to 7

This is a straightforward Dependabot dependency update with a minimal, single-line diff. Overall this looks fine to merge.

Summary of Changes

  • Bumps docker/build-push-action from v6 to v7 in .github/workflows/docker.yml

Key Changes in v7

  • Node 24 runtime: v7 requires Actions Runner v2.327.1 or later. GitHub-hosted runners (ubuntu-latest) should already meet this requirement, but worth confirming if you use self-hosted runners.
  • Removed deprecated env vars (DOCKER_BUILD_NO_SUMMARY, DOCKER_BUILD_EXPORT_RETENTION_DAYS) — none of these are used in this workflow, so no impact.
  • Removed legacy export-build tool support — not used here either.

Notes

  • No configuration changes are needed; the workflow inputs/outputs remain compatible.
  • The Dependabot compatibility score badge is present, indicating a low-risk upgrade.

Unrelated Observation (pre-existing)

The workflow currently uses actions/checkout@v6, which does not exist — the latest stable release is v4. This is a pre-existing issue unrelated to this PR, but worth fixing separately to avoid unexpected behavior.

Verdict

Looks good to merge. The change is minimal and low-risk for standard GitHub-hosted runners.

@claude
Copy link
Copy Markdown

claude Bot commented Mar 14, 2026

PR Review: ci: bump docker/build-push-action from 6 to 7

This is a routine Dependabot major-version bump with a single-line change. Here's a quick assessment:

Summary of v7 Changes

  • Node 24 runtime — requires Actions Runner v2.327.1 or later. GitHub-hosted runners (ubuntu-latest) should already meet this requirement.
  • Removed deprecated env varsDOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS are no longer supported, but neither is used in this workflow.
  • Removed legacy export-build tool — no impact here; the workflow uses GHA cache (type=gha), which is unaffected.
  • ESM migration and @actions/core 3.x — internal to the action; no API changes for users.

Workflow Review

The surrounding workflow (.github/workflows/docker.yml) looks healthy:

  • Multi-arch build (linux/amd64,linux/arm64) is correctly configured.
  • Push is correctly gated on github.event_name != 'pull_request', so no image is pushed from PRs.
  • GHA layer caching (cache-from/cache-to) is in place.
  • GHCR login is only performed when actually pushing.

Minor Observations (not blocking)

  • Action version pinning: The workflow uses floating major-version tags (@v7, @v4, @v6) rather than full SHA pinning. SHA pinning is more supply-chain secure, but adopting it is a separate concern from this PR.
  • docker/metadata-action@v6: Ensure this is the current stable release; it may be worth a separate Dependabot check if it's lagging.

Verdict

Safe to merge. The change is minimal, no deprecated features are in use, and the compatibility score from Dependabot is included. No code quality, security, or performance concerns specific to this PR.

@yimsk yimsk merged commit 0e2714b into main Mar 14, 2026
8 checks passed
@yimsk yimsk deleted the dependabot/github_actions/docker/build-push-action-7 branch March 14, 2026 01:26
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Mar 16, 2026
build(deps): update github:clawscli/claws to v0.15.3
2e4176e 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [github:clawscli/claws](https://github.com/clawscli/claws) | patch | `0.15.2` → `0.15.3` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>clawscli/claws (github:clawscli/claws)</summary>

### [`v0.15.3`](https://github.com/clawscli/claws/releases/tag/v0.15.3)

[Compare Source](clawscli/claws@v0.15.2...v0.15.3)

#### Changelog

- [`73631ff`](clawscli/claws@73631ff) Add Aliases using 1080p width, including TAGs in describe
- [`fd13466`](clawscli/claws@fd13466) Merge branch 'main' into dependabot/github\_actions/docker/build-push-action-7
- [`11432c1`](clawscli/claws@11432c1) Merge branch 'main' into dependabot/github\_actions/docker/build-push-action-7
- [`14afff7`](clawscli/claws@14afff7) Merge branch 'main' into dependabot/github\_actions/docker/login-action-4
- [`5247a49`](clawscli/claws@5247a49) Merge branch 'main' into dependabot/github\_actions/docker/login-action-4
- [`3cb49e9`](clawscli/claws@3cb49e9) Merge branch 'main' into dependabot/github\_actions/docker/metadata-action-6
- [`d9f5a92`](clawscli/claws@d9f5a92) Merge branch 'main' into dependabot/github\_actions/docker/setup-buildx-action-4
- [`dfd2cc3`](clawscli/claws@dfd2cc3) Merge branch 'main' into dependabot/github\_actions/docker/setup-buildx-action-4
- [`56da14c`](clawscli/claws@56da14c) Merge branch 'main' into main
- [`50fbe43`](clawscli/claws@50fbe43) Merge pull request [#&#8203;174](clawscli/claws#174) from paulofloresjunior/main
- [`9ae8ff2`](clawscli/claws@9ae8ff2) Merge pull request [#&#8203;176](clawscli/claws#176) from clawscli/dependabot/github\_actions/docker/metadata-action-6
- [`cffada4`](clawscli/claws@cffada4) Merge pull request [#&#8203;177](clawscli/claws#177) from clawscli/dependabot/github\_actions/docker/setup-buildx-action-4
- [`0e2714b`](clawscli/claws@0e2714b) Merge pull request [#&#8203;178](clawscli/claws#178) from clawscli/dependabot/github\_actions/docker/build-push-action-7
- [`d433f49`](clawscli/claws@d433f49) Merge pull request [#&#8203;179](clawscli/claws#179) from clawscli/dependabot/github\_actions/docker/login-action-4
- [`3b34798`](clawscli/claws@3b34798) Please provide the file changes to generate a commit message.
- [`85ea5fb`](clawscli/claws@85ea5fb) ci: bump docker/build-push-action from 6 to 7
- [`661fe9e`](clawscli/claws@661fe9e) ci: bump docker/login-action from 3 to 4
- [`90628f4`](clawscli/claws@90628f4) ci: bump docker/metadata-action from 5 to 6
- [`056ddc3`](clawscli/claws@056ddc3) ci: bump docker/setup-buildx-action from 3 to 4
- [`c21e727`](clawscli/claws@c21e727) ci: fix actions/checkout version from v6 to v4
- [`dd93b04`](clawscli/claws@dd93b04) feat: Add `DetailBuilder` for consistent and structured rendering of detail views with styling and placeholder support.
- [`f1dc370`](clawscli/claws@f1dc370) fix: remove extra indentation from Tag method and refactor tags rendering
- [`a031f02`](clawscli/claws@a031f02) fix: render CloudFront tags aligned with other detail sections
- [`bb86c91`](clawscli/claws@bb86c91) revert: restore integration-test.yml and ecs/clusters to upstream state
- [`c20ebf2`](clawscli/claws@c20ebf2) revert: undo unrelated changes outside CloudFront scope

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My43Ni4zIiwidXBkYXRlZEluVmVyIjoiNDMuNzYuMyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90IiwiYXV0b21hdGlvbjpib3QtYXV0aG9yZWQiLCJkZXBlbmRlbmN5LXR5cGU6OnBhdGNoIl19-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yimsk