From 3ece3eeddcca1841cef5034cae160feece0c1169 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 11 Jan 2024 20:31:37 -0500
Subject: [PATCH 1/6] chore(deps): bump EyeCantCU/cosign-action from 0.2.1 to
 0.2.2 (#799)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build-bluefin-toolbox.yml | 2 +-
 .github/workflows/build-fedora-toolbox.yml  | 2 +-
 .github/workflows/build-ubuntu-toolbox.yml  | 2 +-
 .github/workflows/build-wolfi-toolbox.yml   | 2 +-
 .github/workflows/build.yml                 | 4 ++--
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build-bluefin-toolbox.yml b/.github/workflows/build-bluefin-toolbox.yml
index 1fb22a0d0bb..ac236b4cc3c 100644
--- a/.github/workflows/build-bluefin-toolbox.yml
+++ b/.github/workflows/build-bluefin-toolbox.yml
@@ -30,7 +30,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Verify base container
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: wolfi-base
           cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main
diff --git a/.github/workflows/build-fedora-toolbox.yml b/.github/workflows/build-fedora-toolbox.yml
index 47e9c3ad7c8..7e5b7028663 100644
--- a/.github/workflows/build-fedora-toolbox.yml
+++ b/.github/workflows/build-fedora-toolbox.yml
@@ -30,7 +30,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Verify Fedora distrobox
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: fedora-distrobox:latest
 
diff --git a/.github/workflows/build-ubuntu-toolbox.yml b/.github/workflows/build-ubuntu-toolbox.yml
index 03169fe5117..85c0c79f356 100644
--- a/.github/workflows/build-ubuntu-toolbox.yml
+++ b/.github/workflows/build-ubuntu-toolbox.yml
@@ -30,7 +30,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Verify Ubuntu toolbox
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: ubuntu-toolbox:22.04
           pubkey: https://raw.githubusercontent.com/toolbx-images/images/main/quay.io-toolbx-images.pub
diff --git a/.github/workflows/build-wolfi-toolbox.yml b/.github/workflows/build-wolfi-toolbox.yml
index 017145a681c..57ae447c8be 100644
--- a/.github/workflows/build-wolfi-toolbox.yml
+++ b/.github/workflows/build-wolfi-toolbox.yml
@@ -30,7 +30,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Verify base container
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: wolfi-base
           cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f70705fc452..02efc74bdea 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -45,13 +45,13 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Verify base image
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: silverblue-${{ matrix.image_flavor }}:${{ matrix.major_version }}
 
       - name: Verify Chainguard images
         if: matrix.base_name != 'bluefin'
-        uses: EyeCantCU/cosign-action/verify@v0.2.1
+        uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: dive, flux, helm, ko, minio, kubectl
           cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main

From 1768b71e22b56de6d837da4b2311cb93dc730624 Mon Sep 17 00:00:00 2001
From: "Jorge O. Castro" <jorge.castro@gmail.com>
Date: Fri, 12 Jan 2024 08:33:12 -0500
Subject: [PATCH 2/6] feat: add contributors action (#802)

---
 .github/workflows/build.yml | 4 ++++
 README.md                   | 5 +++++
 2 files changed, 9 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 02efc74bdea..1f182308688 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -216,6 +216,10 @@ jobs:
         run: |
           echo "${{ toJSON(steps.push.outputs) }}"
 
+      - uses: akhilmhdh/contributors-readme-action@v2.3.6
+          env:
+              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    
+
   check:
     name: Check all builds successful
     if: ${{ !cancelled() }}
diff --git a/README.md b/README.md
index 438b3466f9e..490c0f20df2 100644
--- a/README.md
+++ b/README.md
@@ -22,3 +22,8 @@ A familiar(ish) Ubuntu desktop for Fedora Silverblue. It strives to cover these
 3. [Developer Experience Edition](https://universal-blue.discourse.group/t/bluefin-dx-the-bluefin-developer-experience/39)
 4. [Administrator's Guide](https://universal-blue.discourse.group/t/bluefin-administrators-guide/40)
 5. [Framework Images](https://universal-blue.org/images/framework/)
+
+# Contributors
+
+<!-- readme: collaborators,contributors -start -->
+<!-- readme: collaborators,contributors -end -->
\ No newline at end of file

From 9f94c3e9724fea7d05307d50e7fbd630ee2e9538 Mon Sep 17 00:00:00 2001
From: "Jorge O. Castro" <jorge.castro@gmail.com>
Date: Fri, 12 Jan 2024 08:36:40 -0500
Subject: [PATCH 3/6] chore(ci): fix syntax error (#803)

---
 .github/workflows/build.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 1f182308688..fb9804d91a7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -217,8 +217,8 @@ jobs:
           echo "${{ toJSON(steps.push.outputs) }}"
 
       - uses: akhilmhdh/contributors-readme-action@v2.3.6
-          env:
-              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    
 
   check:
     name: Check all builds successful

From 0d92fad67f8227925646b4e01e33541703c6cccd Mon Sep 17 00:00:00 2001
From: Robert Sturla <robertsturla@outlook.com>
Date: Fri, 12 Jan 2024 13:48:31 +0000
Subject: [PATCH 4/6] fix: provide build workflow with write permissions to the
 repo contents (#805)

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fb9804d91a7..b74e5b86394 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -21,7 +21,7 @@ jobs:
     name: Make
     runs-on: ubuntu-22.04
     permissions:
-      contents: read
+      contents: write
       packages: write
       id-token: write
     strategy:

From a4ac751efe5b713be2d5b26554c9bccd3456aa52 Mon Sep 17 00:00:00 2001
From: Robert Sturla <robertsturla@outlook.com>
Date: Fri, 12 Jan 2024 14:39:55 +0000
Subject: [PATCH 5/6] chore(ci): extract contributors readme action to separate
 workflow (#806)

---
 .github/workflows/build.yml        | 11 +++--------
 .github/workflows/contributors.yml | 22 ++++++++++++++++++++++
 2 files changed, 25 insertions(+), 8 deletions(-)
 create mode 100644 .github/workflows/contributors.yml

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b74e5b86394..3f32796adb7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -21,7 +21,7 @@ jobs:
     name: Make
     runs-on: ubuntu-22.04
     permissions:
-      contents: write
+      contents: read
       packages: write
       id-token: write
     strategy:
@@ -40,8 +40,7 @@ jobs:
             is_stable_version: true
             is_gts_version: false
     steps:
-      # Checkout push-to-registry action GitHub repository
-      - name: Checkout Push to Registry action
+      - name: Checkout
         uses: actions/checkout@v4
 
       - name: Verify base image
@@ -214,11 +213,7 @@ jobs:
       - name: Echo outputs
         if: github.event_name != 'pull_request'
         run: |
-          echo "${{ toJSON(steps.push.outputs) }}"
-
-      - uses: akhilmhdh/contributors-readme-action@v2.3.6
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    
+          echo "${{ toJSON(steps.push.outputs) }}"  
 
   check:
     name: Check all builds successful
diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml
new file mode 100644
index 00000000000..2ee8ffe3a2e
--- /dev/null
+++ b/.github/workflows/contributors.yml
@@ -0,0 +1,22 @@
+name: Update Contributors
+
+on:
+  schedule:
+    - cron: '0 0 * * *' # Every day at midnight
+  push:
+    branches: 
+      - main
+
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - uses: akhilmhdh/contributors-readme-action@v2.3.6
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}    

From 40f91a6805d9f6bc6b7918302702e6d96f23ce45 Mon Sep 17 00:00:00 2001
From: hirnidrin <hirnidrin@users.noreply.github.com>
Date: Sat, 13 Jan 2024 19:47:50 +0100
Subject: [PATCH 6/6] fix: Make Wolfi build again (#812)

---
 toolboxes/packages.wolfi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/toolboxes/packages.wolfi b/toolboxes/packages.wolfi
index f582ccd2a88..2061f1b7cce 100644
--- a/toolboxes/packages.wolfi
+++ b/toolboxes/packages.wolfi
@@ -10,7 +10,7 @@ gpg
 iproute2
 iputils
 keyutils
-libcap
+libcap=2.68-r0
 mount
 ncurses
 ncurses-terminfo