From 19b2a5bb929463f5f40609fb37288301090d29c1 Mon Sep 17 00:00:00 2001 From: WarrenS Date: Wed, 28 Jan 2026 10:31:18 -0500 Subject: [PATCH 1/7] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index b2420a1..0ff696a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -139,6 +139,8 @@ jobs: release: needs: manifest runs-on: ubuntu-latest + permissions: + contents: write steps: - uses: actions/checkout@v6 From d100850ca88286b9780041fbff71ad1f97a0c9a5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Apr 2026 01:33:54 +0000 Subject: [PATCH 2/7] Bump debian from trixie-20260112 to trixie-20260421 Bumps debian from trixie-20260112 to trixie-20260421. --- updated-dependencies: - dependency-name: debian dependency-version: trixie-20260421 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Dockerfile.python-base | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.python-base b/Dockerfile.python-base index 005a4de..3ecdfb2 100644 --- a/Dockerfile.python-base +++ b/Dockerfile.python-base @@ -2,7 +2,7 @@ # Build and push once per Python version: # docker build -f Dockerfile.python-base -t ghcr.io/yourorg/python-optimized:3.11.2-trixie . # docker push ghcr.io/yourorg/python-optimized:3.11.2-trixie -FROM debian:trixie-20260112 +FROM debian:trixie-20260421 ARG PYTHON_VERSION=3.11.2 ENV DEBIAN_FRONTEND=noninteractive From 4b6f3cd806dce9fcefdb46c00f9841f3d5d6ece5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 01:34:33 +0000 Subject: [PATCH 3/7] Bump docker/setup-buildx-action from 3 to 4 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-validate.yaml | 2 +- .github/workflows/build-python-base.yaml | 2 +- .github/workflows/release.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-validate.yaml b/.github/workflows/build-and-validate.yaml index 68bed4e..369acbb 100644 --- a/.github/workflows/build-and-validate.yaml +++ b/.github/workflows/build-and-validate.yaml @@ -29,7 +29,7 @@ jobs: uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} uses: docker/login-action@v3 diff --git a/.github/workflows/build-python-base.yaml b/.github/workflows/build-python-base.yaml index cbfb0c6..046ec75 100644 --- a/.github/workflows/build-python-base.yaml +++ b/.github/workflows/build-python-base.yaml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} uses: docker/login-action@v3 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0ff696a..9a501a4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -38,7 +38,7 @@ jobs: # Set up Docker Buildx - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} uses: docker/login-action@v3 From cf962a91bb87bb6c0b8c3554238873e7d2d2a0c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 01:34:20 +0000 Subject: [PATCH 4/7] Bump docker/login-action from 3 to 4 Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-validate.yaml | 2 +- .github/workflows/build-python-base.yaml | 4 ++-- .github/workflows/release.yaml | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-and-validate.yaml b/.github/workflows/build-and-validate.yaml index 369acbb..6e7d85f 100644 --- a/.github/workflows/build-and-validate.yaml +++ b/.github/workflows/build-and-validate.yaml @@ -32,7 +32,7 @@ jobs: uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/build-python-base.yaml b/.github/workflows/build-python-base.yaml index 046ec75..b09f868 100644 --- a/.github/workflows/build-python-base.yaml +++ b/.github/workflows/build-python-base.yaml @@ -35,7 +35,7 @@ jobs: uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -84,7 +84,7 @@ jobs: uses: actions/checkout@v6 - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9a501a4..0797d7a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: docker/setup-buildx-action@v4 - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -92,7 +92,7 @@ jobs: uses: actions/checkout@v6 - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -114,7 +114,7 @@ jobs: packages: write steps: - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From 8352c901f7e224e6fe424263750e1e3d9dcba352 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 01:34:28 +0000 Subject: [PATCH 5/7] Bump docker/metadata-action from 5 to 6 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-python-base.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-python-base.yaml b/.github/workflows/build-python-base.yaml index b09f868..71a989f 100644 --- a/.github/workflows/build-python-base.yaml +++ b/.github/workflows/build-python-base.yaml @@ -54,7 +54,7 @@ jobs: - name: Extract Docker metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0797d7a..b501dc4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -58,7 +58,7 @@ jobs: # Use docker/metadata-action to generate tags with an architecture suffix - name: Extract Docker metadata id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | From 06e2e3b7a3078cc342bae9c5a8cc406d9cb6c2e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 01:34:24 +0000 Subject: [PATCH 6/7] Bump docker/build-push-action from 6 to 7 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6...v7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-python-base.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-python-base.yaml b/.github/workflows/build-python-base.yaml index 71a989f..4379693 100644 --- a/.github/workflows/build-python-base.yaml +++ b/.github/workflows/build-python-base.yaml @@ -61,7 +61,7 @@ jobs: type=raw,value=${{ steps.python.outputs.version }}-trixie-${{ matrix.platform == 'linux/amd64' && 'amd64' || 'arm64' }} - name: Build and push Python base image for ${{ matrix.platform }} - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . file: Dockerfile.python-base diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index b501dc4..f6c9c55 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -66,7 +66,7 @@ jobs: type=raw,value=${{ inputs.version }}-${{ matrix.arch }} - name: Build and push Docker image for ${{ matrix.platform }} - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . push: true From 047f3d5a6cf3fcc3140833564fc6ba0ff70649a1 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Fri, 12 Jun 2026 19:01:58 +0000 Subject: [PATCH 7/7] Prepare release 3.0.1 --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index de16ddd..710d762 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,8 @@ Types of Changes: ## [Unreleased] +## [3.0.1] - 2026-06-12 + ## [3.0.0] - 2026-01-28 ## [1.11.1] - 2026-01-27 @@ -43,7 +45,8 @@ Types of Changes: ## [1.0.2] - 2023-09-14 -[unreleased]: https://github.com/LockedThread/gtsam_docker/compare/3.0.0...HEAD +[unreleased]: https://github.com/LockedThread/gtsam_docker/compare/3.0.1...HEAD +[3.0.1]: https://github.com/LockedThread/gtsam_docker/compare/3.0.0...3.0.1 [3.0.0]: https://github.com/LockedThread/gtsam_docker/compare/1.11.1...3.0.0 [1.11.1]: https://github.com/LockedThread/gtsam_docker/compare/1.11.0...1.11.1 [1.11.0]: https://github.com/LockedThread/gtsam_docker/compare/1.10.0...1.11.0