diff --git a/.github/workflows/ci-pipeline.yml b/.github/workflows/ci-pipeline.yml index 32bcc7a..12a2147 100644 --- a/.github/workflows/ci-pipeline.yml +++ b/.github/workflows/ci-pipeline.yml @@ -42,7 +42,7 @@ jobs: # Login against a Docker registry # https://github.com/docker/login-action - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3.4.0 + uses: docker/login-action@v3.5.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -127,7 +127,7 @@ jobs: # Install the cosign tool # https://github.com/sigstore/cosign-installer - name: Install cosign - uses: sigstore/cosign-installer@v3.9.2 + uses: sigstore/cosign-installer@v3.10.0 - name: Setup Docker buildx uses: docker/setup-buildx-action@v3.11.1 @@ -135,7 +135,7 @@ jobs: # Login against a Docker registry # https://github.com/docker/login-action - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3.4.0 + uses: docker/login-action@v3.5.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -229,7 +229,7 @@ jobs: # Install the cosign tool # https://github.com/sigstore/cosign-installer - name: Install cosign - uses: sigstore/cosign-installer@v3.9.2 + uses: sigstore/cosign-installer@v3.10.0 - name: Setup Docker buildx uses: docker/setup-buildx-action@v3.11.1 @@ -237,7 +237,7 @@ jobs: # Login against a Docker registry # https://github.com/docker/login-action - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3.4.0 + uses: docker/login-action@v3.5.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/Dockerfile b/Dockerfile index 71f7f0c..ecfa8c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,7 +34,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ && apt-get install -y --no-install-recommends \ build-essential gcc git -COPY --from=ghcr.io/astral-sh/uv:0.8.4 /uv /uvx /bin/ +COPY --from=ghcr.io/astral-sh/uv:0.8.22 /uv /uvx /bin/ # From here we shouldn't need anymore a root user # Switch to nonroot and config uv