Skip to content

chore(deps): update docker/build-push-action action to v6.19.2#337

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/docker-build-push-action-6.x
Open

chore(deps): update docker/build-push-action action to v6.19.2#337
renovate[bot] wants to merge 1 commit intomainfrom
renovate/docker-build-push-action-6.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 11, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change
docker/build-push-action action minor v6.18.0v6.19.2

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

docker/build-push-action (docker/build-push-action)

v6.19.2

Compare Source

v6.19.1

Compare Source

v6.19.0

Compare Source

  • Scope default git auth token to github.com by @​crazy-max in #​1451
  • Bump brace-expansion from 1.1.11 to 1.1.12 in #​1396
  • Bump form-data from 2.5.1 to 2.5.5 in #​1391
  • Bump js-yaml from 3.14.1 to 3.14.2 in #​1429
  • Bump lodash from 4.17.21 to 4.17.23 in #​1446
  • Bump tmp from 0.2.3 to 0.2.4 in #​1398
  • Bump undici from 5.28.4 to 5.29.0 in #​1397

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@claude
Copy link

claude bot commented Feb 11, 2026

Review Summary

Type: Dependency update (Renovate bot)
Scope: GitHub Actions workflow files

✅ Code Quality

  • Clean update with proper commit hash pinning maintained
  • All 5 workflow files updated consistently
  • No code logic changes, purely infrastructure

🔒 Security

  • Positive: This update includes multiple security patches in dependencies (lodash, undici, js-yaml, etc.)
  • Commit hashes properly pinned for supply chain security
  • The main feature scopes default git auth token to github.com only, reducing token exposure risk

⚡ Performance

  • No performance impact (workflow-level change)

🐛 Issues

  • None detected - straightforward version bump

💡 Recommendation

LGTM - This is a safe dependency update that includes security improvements. The changes are limited to GitHub Actions workflow configuration with no risk of regressions.

✨ Safe to merge after CI passes.

@renovate renovate bot force-pushed the renovate/docker-build-push-action-6.x branch from 96ce93d to 21a7c6a Compare February 11, 2026 18:15
@renovate renovate bot changed the title chore(deps): update docker/build-push-action action to v6.19.0 chore(deps): update docker/build-push-action action to v6.19.1 Feb 11, 2026
@renovate renovate bot changed the title chore(deps): update docker/build-push-action action to v6.19.1 chore(deps): update docker/build-push-action action to v6.19.2 Feb 12, 2026
@renovate renovate bot force-pushed the renovate/docker-build-push-action-6.x branch from 21a7c6a to 5078584 Compare February 12, 2026 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants