Skip to content

Update GitHub Action Versions#221

Closed
snowdream wants to merge 184 commits intomainfrom
gh-actions-update-1774147440
Closed

Update GitHub Action Versions#221
snowdream wants to merge 184 commits intomainfrom
gh-actions-update-1774147440

Conversation

@snowdream
Copy link
Copy Markdown
Contributor

@snowdream snowdream commented Mar 22, 2026

GitHub Actions Version Updates

snowdream and others added 30 commits June 2, 2024 21:32
@snowdream
Initial commit
c9ea7c1
@snowdream
feat: alpine 3.20.0
ca90bd1
@snowdream
feat: LICENSE
f5313a2
@snowdream
feat: .dockerignore
270926f
@snowdream
feat: locale
bc5bacb
@github-actions
Update GitHub Action Versions
45183b8
@snowdream
Merge pull request #1 from snowdreamtech/gh-actions-update-1718461962
b5f191d 
Update GitHub Action Versions
@snowdream
feat: docker-entrypoint.sh
dc47f9e
@snowdream
feat: exec "$@"
0921d2e
@snowdream
feat: gitignore
06722c7
@snowdream
feat: github-actions with self-hosted
428bb57
@snowdream
feat: github-actions with self-hosted
95ace2b
@github-actions
Update GitHub Action Versions
e7e1bc6
@snowdream
Merge pull request #3 from snowdreamtech/gh-actions-update-1718868196
f4a03f0 
Update GitHub Action Versions
@snowdream
Merge remote-tracking branch 'origin/entrypoint' into entrypoint
6ff61f2
@github-actions
Update GitHub Action Versions
713e04f
@snowdream
Merge pull request #5 from snowdreamtech/gh-actions-update-1718983454
7aca572 
Update GitHub Action Versions
@snowdream
Merge remote-tracking branch 'origin/entrypoint' into entrypoint
2d41d9a
@snowdream
feat: openssl
5064dac 
wget
ca-certificates
@github-actions
Update GitHub Action Versions
e7b072a
@snowdream
Merge pull request #7 from snowdreamtech/gh-actions-update-1719453611
edb6d50 
Update GitHub Action Versions
@snowdream
Merge remote-tracking branch 'origin/entrypoint' into entrypoint
352d1c6
@snowdream
feat: .dockerignore
94e5ce9
@github-actions
Update GitHub Action Versions
af72d91
@snowdream
Merge pull request #8 from snowdreamtech/gh-actions-update-1720492181
461bd18 
Update GitHub Action Versions
@snowdream
feat: enable dege repositories
7efc6e8
@snowdream
feat: runs-on: 1H1G
2f10e92
@snowdream
feat: GitHub Actions Continuous Delivery
7cbe177
@snowdream
feat: max-parallelism = 2
7f829ba
@snowdream
feat: GitHub Actions Version Updater
8dc2baf
snowdream and others added 27 commits July 27, 2025 16:17
@snowdream
chore: update base image and version to Alpine 3.22.0
93b5aec
@github-actions
Update GitHub Action Versions
186f658
@snowdream
Merge pull request #193 from snowdreamtech/gh-actions-update-1762758164
f986818 
Update GitHub Action Versions
@snowdream
chore: update Dockerfile and entrypoint script to support custom user…
8801855 
… and group IDs
@snowdream
chore: refactor Dockerfile and entrypoint scripts for improved user h…
66c3ffd 
…andling and debugging
@snowdream
chore: change KEEPALIVE from ENV to ARG and update environment variab…
f4ae379 
…le handling in Dockerfile
@snowdream
chore: add user creation with UID and GID in Dockerfile
b7720f8
@snowdream
chore: update Alpine base image to version 3.22.1 in Dockerfile
2817188
@snowdream
chore: update Alpine base image to version 3.22.2 in Dockerfile
22b9b14
@snowdream
chore: update GitHub Actions schedule to run weekly
a8c2dbe
@snowdream
chore: comment out Quay.io description update step in GitHub Actions …
326b721 
…workflow
@snowdream
chore: update badge links in README for Docker image metrics
bc1176b
@snowdream
fix: correct argument passing in entrypoint scripts
3381887
@github-actions
Update GitHub Action Versions
aa87d49
@snowdream
Merge pull request #194 from snowdreamtech/gh-actions-update-1763432729
4c5bf03 
Update GitHub Action Versions
@snowdream
fix: update package repositories and add apk update command
3d9b56c
@github-actions
Update GitHub Action Versions
0937e4f
@snowdream
fix: enhance user creation logic by adding PUID and PGID checks
b1a4189
@snowdream
fix: update tag patterns in GitHub Actions workflow for better versio…
490a09d 
…n matching
@github-actions
Update GitHub Action Versions
9dd611c
@snowdream
fix: update tag patterns in GitHub Actions workflow for better versio…
ad25e90 
…n matching
@github-actions
Update GitHub Action Versions
2f533e0
@snowdream
fix: add essential packages to Dockerfile for enhanced functionality
82e6558
@github-actions
Update GitHub Action Versions
d425236
@github-actions
Update GitHub Action Versions
2db4e92
@github-actions
Update GitHub Action Versions
334bb86
@github-actions
Update GitHub Action Versions
81bff6a
github-advanced-security[bot]
github-advanced-security AI found potential problems Mar 22, 2026
View reviewed changes
Comment thread .github/workflows/main.yml
# https://github.com/docker/setup-qemu-action
name: Set up QEMU
uses: docker/setup-qemu-action@v3.7.0
uses: docker/setup-qemu-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/setup-qemu-action' with ref 'v4.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
# docker buildx create --driver-opt env.http_proxy=$http_proxy --driver-opt env.https_proxy=$https_proxy --driver-opt '"env.no_proxy='$no_proxy'"'
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.12.0
uses: docker/setup-buildx-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/setup-buildx-action' with ref 'v4.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
"env.no_proxy='${{ env.no_proxy}}'"
- name: Login to DockerHub
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to Quay.io
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
- name: Docker meta
id: meta
uses: docker/metadata-action@v5.10.0
uses: docker/metadata-action@v6.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step: meta
Loading
uses 'docker/metadata-action' with ref 'v6.0.0', not a pinned commit hash
Comment thread .github/workflows/main.yml
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
- name: Build and push
uses: docker/build-push-action@v6.19.2
uses: docker/build-push-action@v7.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/build-push-action' with ref 'v7.0.0', not a pinned commit hash
@snowdream snowdream closed this Apr 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snowdream @github-advanced-security