From 9afd84727d888ba1701f4b3d53ac95cbad6f8005 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 Mar 2024 11:01:59 +0800
Subject: [PATCH] Bump docker/build-push-action from 2.5.0 to 5.3.0 (#205)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 2.5.0 to 5.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0</a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia"><code>@​favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren"><code>@​elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980">docker/build-push-action#980</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991">docker/build-push-action#991</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0</a></p>
<h2>v5.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/954">docker/build-push-action#954</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/959">docker/build-push-action#959</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0">https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0</a></p>
<h2>v4.2.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>warn if docker config can't be parsed by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/957">docker/build-push-action#957</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1">https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>display proxy configuration by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/872">docker/build-push-action#872</a></li>
<li>chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.6.0
to 0.8.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/930">docker/build-push-action#930</a></li>
<li>chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/build-push-action/pull/925">docker/build-push-action#925</a></li>
<li>chore(deps): Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/902">docker/build-push-action#902</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0">https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0</a></p>
<h2>v4.1.1</h2>
<blockquote>
<p><strong>Note</strong></p>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/2cdde995de11925a030ce8070c3d77a52ffcf1c0"><code>2cdde99</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1080">#1080</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/008747aa03417139ec2995efe44e7f080b8323c3"><code>008747a</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/15807531260fa0e39af66835230d13071751862e"><code>1580753</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.18.0 to
0.19.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/2a7db1d68aab1a514ba647f39bcde60888a1753f"><code>2a7db1d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1075">#1075</a>
from crazy-max/ci-multi-output</li>
<li><a
href="https://github.com/docker/build-push-action/commit/35e7dd592106dcd929ef8706706f6d54678d1f67"><code>35e7dd5</code></a>
ci: test multi output</li>
<li><a
href="https://github.com/docker/build-push-action/commit/af5a7ed5ba88268d5278f7203fb52cd833f66d6e"><code>af5a7ed</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1074">#1074</a>
from crazy-max/build-cmd-debug</li>
<li><a
href="https://github.com/docker/build-push-action/commit/2a85189a6c719593171342d3d43d4034e8c81513"><code>2a85189</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/6c2079483ed8cd675d71b5a395b81fa9a19eddc8"><code>6c20794</code></a>
disable quotes detection for &quot;outputs&quot; input</li>
<li><a
href="https://github.com/docker/build-push-action/commit/afdf0c0a6772ea0bc8c6af61d5dc2df8823c85de"><code>afdf0c0</code></a>
chore: debug build cmd and args</li>
<li><a
href="https://github.com/docker/build-push-action/commit/00ae31ab6ef216583e63647d8865f52da6b99a13"><code>00ae31a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1070">#1070</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/ad44023a93711e3deb337508980b4b5e9bcdc5dc...2cdde995de11925a030ce8070c3d77a52ffcf1c0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=2.5.0&new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/pub-docker.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pub-docker.yml b/.github/workflows/pub-docker.yml
index efd96e80..a8c2e0b2 100644
--- a/.github/workflows/pub-docker.yml
+++ b/.github/workflows/pub-docker.yml
@@ -46,7 +46,7 @@ jobs:
             ghcr.io/deepmodeling/dpgen2
 
       - name: Build and push Docker images
-        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0
         with:
           context: .
           push: true