Skip to content

Bump docker/metadata-action from 3.3.0 to 4.0.1

Created by: dependabot[bot]

Bumps docker/metadata-action from 3.3.0 to 4.0.1.

Release notes

Sourced from docker/metadata-action's releases.

v4.0.1

Full Changelog: https://github.com/docker/metadata-action/compare/v4.0.0...v4.0.1

v4.0.0

  • Node 16 as default runtime by @​crazy-max (#176)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
  • Do not sanitize before pattern matching by @​crazy-max (#201)
    • Breaking change with type=match pattern matching

Full Changelog: https://github.com/docker/metadata-action/compare/v3.8.0...v4.0.0

v3.8.0

Full Changelog: https://github.com/docker/metadata-action/compare/v3.7.0...v3.8.0

v3.7.0

  • Handle comments for multi-line inputs (#172)
  • Missing json output in action.yml (#167)
  • Update dev dependencies and workflow (#175)
  • Bump minimist from 1.2.5 to 1.2.6 (#182)
  • Bump moment from 2.29.1 to 2.29.2 (#180)
  • Bump @​actions/github from 5.0.0 to 5.0.1 (#179)
  • Bump node-fetch from 2.6.1 to 2.6.7 (#173)

v3.6.2

  • Handle raw statement for pre-release (#155 #156)

v3.6.1

  • Preserve quotes inside unquoted field (#153)

v3.6.0

  • base_ref global expression (#142)
  • Trim tags and flavor inputs (#143)
  • Bump @​actions/core from 1.5.0 to 1.6.0 (#135)
  • Bump ansi-regex from 5.0.0 to 5.0.1 (#134)
  • Bump tmpl from 1.0.4 to 1.0.5 (#132)
  • Bump csv-parse from 4.16.0 to 4.16.3 (#131)

v3.5.0

  • Add global expression date (#121)
  • Bump @​actions/core from 1.4.0 to 1.5.0 (#122)

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v4
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
  type=edge
</tr></table> 

... (truncated)

Commits
  • 69f6fc9 Merge pull request #203 from crazy-max/san-fix
  • 2f5b5ae Sanitize tag earlier
  • f206c36 Merge pull request #202 from crazy-max/v4-prep
  • a20adfa readme: set metadata-action to v4
  • 26b9439 Merge pull request #201 from crazy-max/fix-sanitization
  • 467883f Merge pull request #176 from crazy-max/node-16
  • 5edf56f Node 16 as default runtime
  • 678218f Note about image name and tag sanitization
  • e44c1fb Do not sanitize before pattern matching
  • b2391d3 Merge pull request #193 from crazy-max/images-opts
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Merge request reports

Loading