chore(deps): Bump the crazy-max-dot-github group across 1 directory with 2 updates

Bumps the crazy-max-dot-github group with 2 updates in the / directory: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github). Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.8.0 to 1.10.0 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...716fd1c51a46c5d93a41d44a94b439c9ee802536) Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.8.0 to 1.10.0 - [Release notes](https://github.com/crazy-max/.github/releases) - [Commits](https://github.com/crazy-max/.github/compare/9ba6e6f9450baf3b1237f8035c1fdc45932510bd...716fd1c51a46c5d93a41d44a94b439c9ee802536) --- updated-dependencies: - dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crazy-max-dot-github - dependency-name: crazy-max/.github/.github/workflows/zizmor.yml dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crazy-max-dot-github ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #682 from docker/sec-cli/npm-ci-20260612-184903
2026-06-23 21:15:36 -04:00 · 2026-06-12 19:22:25 +00:00 · 2026-06-12 14:10:33 -05:00 · 2026-06-12 18:49:05 +00:00
4 changed files with 5 additions and 5 deletions
@@ -35,12 +35,12 @@ jobs:
          node-version: ${{ env.NODE_VERSION }}
      -
        name: Initialize CodeQL
-        uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
        with:
          languages: javascript-typescript
          build-mode: none
      -
        name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
        with:
          category: "/language:javascript-typescript"
@@ -11,7 +11,7 @@ on:

 jobs:
  run:
-    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
+    uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@716fd1c51a46c5d93a41d44a94b439c9ee802536 # v1.10.0
    permissions:
      contents: read
      pull-requests: write
@@ -19,7 +19,7 @@ on:

 jobs:
  zizmor:
-    uses: crazy-max/.github/.github/workflows/zizmor.yml@9ba6e6f9450baf3b1237f8035c1fdc45932510bd # v1.8.0
+    uses: crazy-max/.github/.github/workflows/zizmor.yml@716fd1c51a46c5d93a41d44a94b439c9ee802536 # v1.10.0
    permissions:
      contents: read
      security-events: write
@@ -17,7 +17,7 @@ FROM base AS deps
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
-  yarn install && mkdir /vendor && cp yarn.lock /vendor
+  yarn install --immutable && mkdir /vendor && cp yarn.lock /vendor

 FROM scratch AS vendor-update
 COPY --from=deps /vendor /