chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #101 from crazy-max/yarn-update
2026-06-08 22:38:43 +02:00 · 2026-06-08 01:34:29 +00:00 · 2026-05-28 18:45:01 +02:00 · 2026-05-28 15:13:46 +02:00 · 2026-05-28 10:22:30 +02:00 · 2026-05-28 09:59:38 +02:00
6 changed files with 128 additions and 125 deletions
@@ -29,7 +29,7 @@ jobs:
          targets: test
      -
        name: Upload coverage
-        uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
+        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
        with:
          files: ./coverage/clover.xml
          token: ${{ secrets.CODECOV_TOKEN }}
@@ -1,10 +1,10 @@
 # https://yarnpkg.com/configuration/yarnrc

-compressionLevel: mixed
-enableGlobalCache: false
-enableHardenedMode: true
+nodeLinker: node-modules

 logFilters:
+  - code: YN0004
+    level: discard
  - code: YN0013
    level: discard
  - code: YN0019
@@ -14,4 +14,8 @@ logFilters:
  - code: YN0086
    level: discard

-nodeLinker: node-modules
+compressionLevel: mixed
+enableGlobalCache: false
+enableHardenedMode: true
+enableScripts: false
+npmMinimalAgeGate: 2d
@@ -21,9 +21,9 @@
  ],
  "author": "Docker Inc.",
  "license": "Apache-2.0",
-  "packageManager": "yarn@4.9.2",
+  "packageManager": "yarn@4.15.0",
  "dependencies": {
-    "@actions/core": "^3.0.0",
+    "@actions/core": "^3.0.1",
    "@docker/actions-toolkit": "^0.91.0"
  },
  "devDependencies": {
@@ -2,7 +2,7 @@
 # Manual changes might be lost - proceed with caution!

 __metadata:
-  version: 8
+  version: 10
  cacheKey: 10

 "@aashutoshrathi/word-wrap@npm:^1.2.3":
@@ -2814,7 +2814,7 @@ __metadata:
  version: 0.0.0-use.local
  resolution: "docker-setup-compose@workspace:."
  dependencies:
-    "@actions/core": "npm:^3.0.0"
+    "@actions/core": "npm:^3.0.1"
    "@docker/actions-toolkit": "npm:^0.91.0"
    "@eslint/js": "npm:^9.39.3"
    "@types/node": "npm:^24.11.0"
Author	SHA1	Message	Date
dependabot[bot]	c1ee995bf9	chore(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-06-08 01:34:29 +00:00
CrazyMax	dd8b913e80	Merge pull request #101 from crazy-max/yarn-update update yarn to 4.15.0	2026-05-28 18:45:01 +02:00
CrazyMax	168cd6c426	update yarn to 4.15.0 Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2026-05-28 15:13:46 +02:00
CrazyMax	410c00e878	Merge pull request #100 from docker/dependabot/npm_and_yarn/actions/core-3.0.1 chore(deps): bump @actions/core from 3.0.0 to 3.0.1	2026-05-28 10:22:30 +02:00
CrazyMax	5d29e18d06	Merge pull request #99 from docker/sec-cli/ignore-scripts-fix-20260527-193420 ci: add ignore-scripts to Node package manager config (20260527-193420)	2026-05-28 09:59:38 +02:00
github-actions[bot]	70b1359563	chore: update generated content	2026-05-28 01:58:55 +00:00
dependabot[bot]	f0bcefd12e	chore(deps): bump @actions/core from 3.0.0 to 3.0.1 Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 3.0.0 to 3.0.1. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) --- updated-dependencies: - dependency-name: "@actions/core" dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-28 01:58:09 +00:00
securityeng-bot[bot]	41e3c799a3	ci: enforce ignore-scripts policy for Node package managers	2026-05-27 20:05:06 +00:00