deps(actions): bump docker/login-action from 3.7.0 to 4.1.0

[dependabot]

Bumps docker/login-action from 3.7.0 to 4.1.0.

Release notes

Sourced from docker/login-action's releases.

v4.1.0

• Fix scoped Docker Hub cleanup path when registry is omitted by @​crazy-max in docker/login-action#945
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.1020.0 in docker/login-action#930
• Bump @​docker/actions-toolkit from 0.77.0 to 0.86.0 in docker/login-action#932 docker/login-action#936
• Bump brace-expansion from 1.1.12 to 1.1.13 in docker/login-action#952
• Bump fast-xml-parser from 5.3.4 to 5.3.6 in docker/login-action#942
• Bump flatted from 3.3.3 to 3.4.2 in docker/login-action#944
• Bump glob from 10.3.12 to 10.5.0 in docker/login-action#940
• Bump handlebars from 4.7.8 to 4.7.9 in docker/login-action#949
• Bump http-proxy-agent and https-proxy-agent to 8.0.0 in docker/login-action#937
• Bump lodash from 4.17.23 to 4.18.1 in docker/login-action#958
• Bump minimatch from 3.1.2 to 3.1.5 in docker/login-action#941
• Bump picomatch from 4.0.3 to 4.0.4 in docker/login-action#948
• Bump undici from 6.23.0 to 6.24.1 in docker/login-action#938

Full Changelog: docker/login-action@v4.0.0...v4.1.0

v4.0.0

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in docker/login-action#929
• Switch to ESM and update config/test wiring by @​crazy-max in docker/login-action#927
• Bump @​actions/core from 1.11.1 to 3.0.0 in docker/login-action#919
• Bump @​aws-sdk/client-ecr from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920
• Bump @​aws-sdk/client-ecr-public from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920
• Bump @​docker/actions-toolkit from 0.63.0 to 0.77.0 in docker/login-action#910 docker/login-action#928
• Bump @​isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/login-action#921
• Bump js-yaml from 4.1.0 to 4.1.1 in docker/login-action#901

Full Changelog: docker/login-action@v3.7.0...v4.0.0

Commits

• 4907a6d Merge pull request #930 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 1e233e6 chore: update generated content
• 6c24ead build(deps): bump the aws-sdk-dependencies group with 2 updates
• ee034d7 Merge pull request #958 from docker/dependabot/npm_and_yarn/lodash-4.18.1
• 1527209 Merge pull request #937 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
• d39362a build(deps): bump lodash from 4.17.23 to 4.18.1
• a6f092b chore: update generated content
• 60953f0 build(deps): bump the proxy-agent-dependencies group with 2 updates
• 62c6885 Merge pull request #936 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 102c0e6 chore: update generated content
• Additional commits viewable in compare view

[dependabot]

Labels

The following labels could not be found: dependencies, github-actions, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/docker/login-action	4907a6ddec9925e35a0a9e82d7399ccc52663121	🟢 8.3	Details Check Score Reason Code-Review ⚠️ -1 Found no human activity in the last 12 changesets Security-Policy 🟢 9 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 10 SAST tool is run on all commits

Scanned Files

• .github/workflows/docker.yml

[itcmsgr]

Closing — will re-evaluate dependencies in v1.92

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.