Merge pull request #504 from docker/dependabot/npm_and_yarn/semver-7.7.1

chore(deps): Bump semver from 7.6.3 to 7.7.1
chore: update generated content
2025-02-26 16:12:33 +01:00 · 2025-02-26 16:08:18 +01:00 · 2025-02-26 14:56:20 +00:00 · 2025-02-26 15:53:52 +01:00 · 2025-02-26 15:34:33 +01:00 · 2025-02-26 15:29:14 +01:00
47 changed files with 14022 additions and 5701 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,2 +1,12 @@
 /coverage
-/node_modules
+
 # Dependency directories
 node_modules/
 jspm_packages/
 # yarn v2
 .yarn/cache
 .yarn/unplugged
 .yarn/build-state.yml
 .yarn/install-state.gz
 .pnp.*
--- a/.eslintignore
+++ b/.eslintignore
@@ -0,0 +1,3 @@
 /dist/**
 /coverage/**
 /node_modules/**
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -1,18 +1,19 @@
 {
  "env": {
    "node": true,
-    "es2021": true,
+    "es6": true,
-    "jest/globals": true
+    "jest": true
  },
  "extends": [
    "eslint:recommended",
    "plugin:@typescript-eslint/eslint-recommended",
    "plugin:@typescript-eslint/recommended",
    "plugin:jest/recommended",
    "plugin:prettier/recommended"
  ],
  "parser": "@typescript-eslint/parser",
  "parserOptions": {
-    "ecmaVersion": "latest",
+    "ecmaVersion": 2023,
    "sourceType": "module"
  },
  "plugins": [
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,3 +1,5 @@
 /.yarn/releases/** binary
 /.yarn/plugins/** binary
 /__tests__/fixtures/** -linguist-detectable
 /dist/** linguist-generated=true
 /lib/** linguist-generated=true
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1 +0,0 @@
 *	@crazy-max
--- a/.github/CODE_OF_CONDUCT.md
+++ b/.github/CODE_OF_CONDUCT.md
@@ -0,0 +1,3 @@
 # Code of conduct
 - [Moby community guidelines](https://github.com/moby/moby/blob/master/CONTRIBUTING.md#moby-community-guidelines)
--- a/.github/ISSUE_TEMPLATE/bug.yml
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@@ -0,0 +1,101 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema
 name: Bug Report
 description: Report a bug
 labels:
  - status/triage
 body:
  - type: markdown
    attributes:
      value: |
        Thank you for taking the time to report a bug!
        If this is a security issue please report it to the [Docker Security team](mailto:security@docker.com).
  - type: checkboxes
    attributes:
      label: Contributing guidelines
      description: >
        Make sure you've read the contributing guidelines before proceeding.
      options:
        - label: I've read the [contributing guidelines](https://github.com/docker/metadata-action/blob/master/.github/CONTRIBUTING.md) and wholeheartedly agree
          required: true
  - type: checkboxes
    attributes:
      label: "I've found a bug, and:"
      description: |
        Make sure that your request fulfills all of the following requirements.
        If one requirement cannot be satisfied, explain in detail why.
      options:
        - label: The documentation does not mention anything about my problem
        - label: There are no open or closed issues that are related to my problem
  - type: textarea
    attributes:
      label: Description
      description: >
        Provide a brief description of the bug in 1-2 sentences.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Expected behaviour
      description: >
        Describe precisely what you'd expect to happen.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Actual behaviour
      description: >
        Describe precisely what is actually happening.
    validations:
      required: true
  - type: input
    attributes:
      label: Repository URL
      description: >
        Enter the URL of the repository where you are experiencing the
        issue. If your repository is private, provide a link to a minimal
        repository that reproduces the issue.
  - type: input
    attributes:
      label: Workflow run URL
      description: >
        Enter the URL of the GitHub Action workflow run if public (e.g.
        `https://github.com/<user>/<repo>/actions/runs/<id>`)
  - type: textarea
    attributes:
      label: YAML workflow
      description: |
        Provide the YAML of the workflow that's causing the issue.
        Make sure to remove any sensitive information.
      render: yaml
    validations:
      required: true
  - type: textarea
    attributes:
      label: Workflow logs
      description: >
        [Attach](https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting/attaching-files)
        the [log file of your workflow run](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs)
        and make sure to remove any sensitive information.
  - type: textarea
    attributes:
      label: BuildKit logs
      description: >
        If applicable, provide the [BuildKit container logs](https://docs.docker.com/build/ci/github-actions/configure-builder/#buildkit-container-logs)
      render: text
  - type: textarea
    attributes:
      label: Additional info
      description: |
        Provide any additional information that could be useful.
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,34 +0,0 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 ---
 ### Behaviour
 #### Steps to reproduce this issue
 1.
 2.
 3.
 #### Expected behaviour
 > Tell us what should happen
 #### Actual behaviour
 > Tell us what happens instead
 ### Configuration
 * Repository URL (if public): 
 * Build URL (if public): 
 ```yml
 # paste your YAML workflow file here and remove sensitive data
 ```
 ### Logs
 > Download the [log file of your build](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs)
 > and [attach it](https://docs.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue.
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,9 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: true
 contact_links:
  - name: Questions and Discussions
    url: https://github.com/docker/metadata-action/discussions/new
    about: Use Github Discussions to ask questions and/or open discussion topics.
  - name: Documentation
    url: https://docs.docker.com/build/ci/github-actions/
    about: Read the documentation.
--- a/.github/ISSUE_TEMPLATE/feature.yml
+++ b/.github/ISSUE_TEMPLATE/feature.yml
@@ -0,0 +1,15 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema
 name: Feature request
 description: Missing functionality? Come tell us about it!
 labels:
  - kind/enhancement
  - status/triage
 body:
  - type: textarea
    id: description
    attributes:
      label: Description
      description: What is the feature you want to see?
    validations:
      required: true
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -0,0 +1,12 @@
 # Reporting security issues
 The project maintainers take security seriously. If you discover a security
 issue, please bring it to their attention right away!
 **Please _DO NOT_ file a public issue**, instead send your report privately to
 [security@docker.com](mailto:security@docker.com).
 Security reports are greatly appreciated, and we will publicly thank you for it.
 We also like to send gifts&mdash;if you'd like Docker swag, make sure to let
 us know. We currently do not offer a paid security bounty program, but are not
 ruling it out in the future.
--- a/.github/SUPPORT.md
+++ b/.github/SUPPORT.md
@@ -1,32 +0,0 @@
 # Support [![](https://isitmaintained.com/badge/resolution/docker/metadata-action.svg)](https://isitmaintained.com/project/docker/metadata-action)
 ## Reporting an issue
 Please do a search in [open issues](https://github.com/docker/metadata-action/issues?utf8=%E2%9C%93&q=) to see if the
 issue or feature request has already been filed.
 If you find your issue already exists, make relevant comments and add your
 [reaction](https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comments). Use a reaction in place
 of a "+1" comment.
 :+1: - upvote
 :-1: - downvote
 If you cannot find an existing issue that describes your bug or feature, submit an issue using the guidelines below.
 ## Writing good bug reports and feature requests
 File a single issue per problem and feature request.
 * Do not enumerate multiple bugs or feature requests in the same issue.
 * Do not add your issue as a comment to an existing issue unless it's for the identical input. Many issues look similar, but have different causes.
 The more information you can provide, the more likely someone will be successful reproducing the issue and finding a fix.
 You are now ready to [create a new issue](https://github.com/docker/metadata-action/issues/new/choose)!
 ## Closure policy
 * Issues that don't have the information requested above (when applicable) will be closed immediately and the poster directed to the support guidelines.
 * Issues that go a week without a response from original poster are subject to closure at our discretion.
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -11,6 +11,7 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
    versioning-strategy: "increase"
    allow:
      - dependency-type: "production"
    labels:
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,8 +1,12 @@
 name: ci
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  schedule:
-    - cron: '0 */4 * * *' # every 4 hours
+    - cron: '0 10 * * *'
  push:
    branches:
      - 'master'
@@ -10,20 +14,42 @@ on:
    tags:
      - 'v*.*.*'
  pull_request:
    branches:
      - 'master'
      - 'releases/v*'
 env:
  DOCKER_IMAGE: localhost:5000/name/app
  BUILDX_VERSION: latest
 jobs:
  context:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        context:
          - workflow
          - git
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Docker meta
        uses: ./
        with:
          context: ${{ matrix.context }}
  multi-images:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -37,6 +63,9 @@ jobs:
            type=ref,event=tag
            type=ref,event=pr
            type=sha
      -
        name: Print envs
        run: env|sort
  tag-schedule:
    runs-on: ubuntu-latest
@@ -51,7 +80,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -81,7 +116,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -109,7 +150,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -134,7 +181,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -151,7 +204,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -161,12 +220,18 @@ jobs:
            name=ghcr.io/name/app,enable=${{ github.event_name == 'pull_request' }}
            name=ghcr.io/name/release,enable=${{ startsWith(github.ref, 'refs/tags/') }}
-  labels:
+  custom-labels-annotations:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -179,13 +244,24 @@ jobs:
            org.opencontainers.image.title=MyCustomTitle
            org.opencontainers.image.description=this is a "good" example
            org.opencontainers.image.vendor=MyCompany
          annotations: |
            maintainer=Foo
            org.opencontainers.image.title=MyFooTitle
            org.opencontainers.image.description=this is a "foo" example
            org.opencontainers.image.vendor=MyFooCompany
  global-exps:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
@@ -193,6 +269,8 @@ jobs:
          images: |
            ${{ env.DOCKER_IMAGE }}
            ghcr.io/name/app
          labels: |
            org.opencontainers.image.created={{commit_date 'YYYY-MM-DDTHH:mm:ss.SSS[Z]'}}
          tags: |
            type=sha
            type=raw,value=gexp-branch-{{branch}}
@@ -206,7 +284,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        id: meta
@@ -235,7 +319,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver-opts: network=host
      -
        name: Docker meta
        id: docker_meta
@@ -252,17 +342,9 @@ jobs:
            type=semver,pattern=v{{major}}.{{minor}}
            type=semver,pattern=v{{major}}
            type=sha
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
        with:
          driver-opts: network=host
      -
        name: Build and push to local registry
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
        with:
          context: ./test
          file: ./test/Dockerfile
@@ -279,17 +361,18 @@ jobs:
        name: Check manifest
        run: |
          docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.docker_meta.outputs.version }}
      -
        name: Dump context
        if: always()
        uses: crazy-max/ghaction-dump-context@v1
  bake:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
      -
        name: Docker meta
        id: docker_meta
@@ -307,19 +390,14 @@ jobs:
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=sha
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      -
        name: Build
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v6
        with:
          files: |
            ./test/docker-bake.hcl
-            ${{ steps.docker_meta.outputs.bake-file }}
+            cwd://${{ steps.docker_meta.outputs.bake-file-tags }}
            cwd://${{ steps.docker_meta.outputs.bake-file-labels }}
          targets: |
            release
@@ -334,7 +412,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        id: meta
@@ -346,7 +430,204 @@ jobs:
          sep-tags: ${{ matrix.sep }}
      -
        name: Tags
-        uses: actions/github-script@v6
+        uses: actions/github-script@v7
        with:
          script: |
            console.log(`${{ steps.meta.outputs.tags }}`);
  output-env:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        id: meta
        uses: ./
        with:
          images: |
            ${{ env.DOCKER_IMAGE }}
            ghcr.io/name/app
          labels: |
            maintainer=CrazyMax
          annotations: |
            maintainer=Foo
      -
        name: Build
        uses: docker/build-push-action@v6
        with:
          context: ./test
          file: ./test/output.Dockerfile
          build-args: |
            DOCKER_METADATA_OUTPUT_VERSION
            DOCKER_METADATA_OUTPUT_TAGS
            DOCKER_METADATA_OUTPUT_LABELS
            DOCKER_METADATA_OUTPUT_ANNOTATIONS
            DOCKER_METADATA_OUTPUT_JSON
  no-output-env:
    runs-on: ubuntu-latest
    env:
      DOCKER_METADATA_SET_OUTPUT_ENV: false
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Docker meta
        id: meta
        uses: ./
        with:
          images: |
            ${{ env.DOCKER_IMAGE }}
            ghcr.io/name/app
          labels: |
            maintainer=CrazyMax
          annotations: |
            maintainer=Foo
      -
        name: No output environment variables set
        shell: bash
        run: |
          [[ "$(printenv | grep "^DOCKER_METADATA_OUTPUT_" | wc -l)" -eq 0 ]] || exit 1
  bake-annotations:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
      -
        name: Docker meta
        id: docker_meta
        uses: ./
        with:
          images: |
            ${{ env.DOCKER_IMAGE }}
            ghcr.io/name/app
          tags: |
            type=schedule
            type=ref,event=branch
            type=ref,event=tag
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=sha
        env:
          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
      -
        name: Build
        uses: docker/bake-action@v6
        with:
          files: |
            ./test/docker-bake.hcl
            cwd://${{ steps.docker_meta.outputs.bake-file-tags }}
            cwd://${{ steps.docker_meta.outputs.bake-file-annotations }}
          targets: |
            release
  no-images:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
        with:
          tags: |
            type=schedule
            type=ref,event=branch
            type=ref,event=tag
            type=ref,event=pr
            type=sha
      -
        name: Print envs
        run: env|sort
  bake-path-context:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: latest
      -
        name: Docker meta
        id: docker_meta
        uses: ./
      -
        name: Build
        uses: docker/bake-action@v6
        with:
          source: .
          files: |
            ./test/docker-bake.hcl
            ${{ steps.docker_meta.outputs.bake-file-tags }}
            ${{ steps.docker_meta.outputs.bake-file-labels }}
          targets: |
            release
  sha-short:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        short-length:
          - ''
          - 16
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ env.BUILDX_VERSION }}
          driver: docker
      -
        name: Docker meta
        uses: ./
        with:
          images: |
            ${{ env.DOCKER_IMAGE }}
            ghcr.io/name/app
          tags: |
            type=sha
        env:
          DOCKER_METADATA_SHORT_SHA_LENGTH: ${{ matrix.short-length }}
  dump:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Dump context
        uses: crazy-max/ghaction-dump-context@v2
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,21 @@
 name: publish
 on:
  release:
    types:
      - published
 jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      packages: write
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Publish
        uses: actions/publish-immutable-action@v0.0.4
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,34 +1,28 @@
 name: test
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  push:
    branches:
      - 'master'
      - 'releases/v*'
  pull_request:
    branches:
      - 'master'
      - 'releases/v*'
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Validate
        uses: docker/bake-action@v2
        with:
          targets: validate
      -
        name: Test
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v6
        with:
          targets: test
      -
        name: Upload coverage
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v5
        with:
          file: ./coverage/clover.xml
          token: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -0,0 +1,43 @@
 name: validate
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  push:
    branches:
      - 'master'
      - 'releases/v*'
  pull_request:
 jobs:
  prepare:
    runs-on: ubuntu-latest
    outputs:
      targets: ${{ steps.generate.outputs.targets }}
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: List targets
        id: generate
        uses: docker/bake-action/subaction/list-targets@v6
        with:
          target: validate
  validate:
    runs-on: ubuntu-latest
    needs:
      - prepare
    strategy:
      fail-fast: false
      matrix:
        target: ${{ fromJson(needs.prepare.outputs.targets) }}
    steps:
      -
        name: Validate
        uses: docker/bake-action@v6
        with:
          targets: ${{ matrix.target }}
--- a/.gitignore
+++ b/.gitignore
@@ -1,12 +1,5 @@
-/.dev
+# https://raw.githubusercontent.com/github/gitignore/main/Node.gitignore
 node_modules/
 lib
 # Jetbrains
 /.idea
 /*.iml
 # Rest of the file pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
 # Logs
 logs
 *.log
@@ -14,6 +7,7 @@ npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 lerna-debug.log*
 .pnpm-debug.log*
 # Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
@@ -24,34 +18,14 @@ pids
 *.seed
 *.pid.lock
 # Directory for instrumented libs generated by jscoverage/JSCover
 lib-cov
 # Coverage directory used by tools like istanbul
 coverage
 *.lcov
 # nyc test coverage
 .nyc_output
 # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
 .grunt
 # Bower dependency directory (https://bower.io/)
 bower_components
 # node-waf configuration
 .lock-wscript
 # Compiled binary addons (https://nodejs.org/api/addons.html)
 build/Release
 # Dependency directories
 node_modules/
 jspm_packages/
 # TypeScript v1 declaration files
 typings/
 # TypeScript cache
 *.tsbuildinfo
@@ -61,36 +35,19 @@ typings/
 # Optional eslint cache
 .eslintcache
 # Optional REPL history
 .node_repl_history
 # Output of 'npm pack'
 *.tgz
 # Yarn Integrity file
 .yarn-integrity
-# dotenv environment variables file
+# dotenv environment variable files
 .env
-.env.test
+.env.development.local
 .env.test.local
 .env.production.local
 .env.local
-# parcel-bundler cache (https://parceljs.org/)
+# yarn v2
-.cache
+.yarn/cache
-
+.yarn/unplugged
-# next.js build output
+.yarn/build-state.yml
-.next
+.yarn/install-state.gz
-
+.pnp.*
 # nuxt.js build output
 .nuxt
 # vuepress build output
 .vuepress/dist
 # Serverless directories
 .serverless/
 # FuseBox cache
 .fusebox/
 # DynamoDB Local files
 .dynamodb/
--- a/.prettierignore
+++ b/.prettierignore
@@ -0,0 +1,6 @@
 # Dependency directories
 node_modules/
 jspm_packages/
 # yarn v2
 .yarn/
--- a/.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
+++ b/.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -0,0 +1,13 @@
 logFilters:
  - code: YN0013
    level: discard
  - code: YN0019
    level: discard
  - code: YN0076
    level: discard
 nodeLinker: node-modules
 plugins:
  - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
    spec: "@yarnpkg/plugin-interactive-tools"
--- a/README.md
+++ b/README.md
@@ -1,6 +1,7 @@
 [![GitHub release](https://img.shields.io/github/release/docker/metadata-action.svg?style=flat-square)](https://github.com/docker/metadata-action/releases/latest)
 [![GitHub marketplace](https://img.shields.io/badge/marketplace-docker--metadata--action-blue?logo=github&style=flat-square)](https://github.com/marketplace/actions/docker-metadata-action)
-[![Test workflow](https://img.shields.io/github/workflow/status/docker/metadata-action/test?label=test&logo=github&style=flat-square)](https://github.com/docker/metadata-action/actions?workflow=test)
+[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/metadata-action/ci.yml?branch=master&label=ci&logo=github&style=flat-square)](https://github.com/docker/metadata-action/actions?workflow=ci)
 [![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/metadata-action/test.yml?branch=master&label=test&logo=github&style=flat-square)](https://github.com/docker/metadata-action/actions?workflow=test)
 [![Codecov](https://img.shields.io/codecov/c/github/docker/metadata-action?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/metadata-action)
 ## About
@@ -21,6 +22,7 @@ ___
  * [inputs](#inputs)
  * [outputs](#outputs)
  * [environment variables](#environment-variables)
 * [`context` input](#context-input)
 * [`images` input](#images-input)
 * [`flavor` input](#flavor-input)
 * [`tags` input](#tags-input)
@@ -42,10 +44,12 @@ ___
    * [`{{sha}}`](#sha)
    * [`{{base_ref}}`](#base_ref)
    * [`{{is_default_branch}}`](#is_default_branch)
-    * [`{{date '<format>'}}`](#date-format)
+    * [`{{date '<format>' tz='<timezone>'}}`](#date-format-tztimezone)
    * [`{{commit_date '<format>' tz='<timezone>'}}`](#commit_date-format-tztimezone)
  * [Major version zero](#major-version-zero)
  * [JSON output object](#json-output-object)
-  * [Overwrite labels](#overwrite-labels)
+  * [Overwrite labels and annotations](#overwrite-labels-and-annotations)
  * [Annotations](#annotations)
 * [Contributing](#contributing)
 ## Usage
@@ -72,23 +76,23 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: name/app
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
@@ -126,11 +130,11 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: |
            name/app
@@ -142,13 +146,13 @@ jobs:
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
@@ -202,13 +206,10 @@ jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: |
            name/app
@@ -220,16 +221,16 @@ jobs:
            type=sha
      -
        name: Build
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v6
        with:
          files: |
            ./docker-bake.hcl
-            ${{ steps.meta.outputs.bake-file }}
+            cwd://${{ steps.meta.outputs.bake-file }}
          targets: build
 ```
-Content of `${{ steps.meta.outputs.bake-file }}` file will look like this with
+Content of `${{ steps.meta.outputs.bake-file }}` file, combining tags and
-`refs/tags/v1.2.3` ref:
+labels, will look like this with `refs/tags/v1.2.3` ref:
 ```json
 {
@@ -260,11 +261,27 @@ Content of `${{ steps.meta.outputs.bake-file }}` file will look like this with
 }
 ```
 You can also use the `bake-file-tags` and `bake-file-labels` outputs if you
 just want to use tags and/or labels respectively. The following example is
 similar to the previous one:
 ```yaml
      -
        name: Build
        uses: docker/bake-action@v6
        with:
          files: |
            ./docker-bake.hcl
            cwd://${{ steps.meta.outputs.bake-file-tags }}
            cwd://${{ steps.meta.outputs.bake-file-labels }}
          targets: build
 ```
 ## Customizing
 ### inputs
-Following inputs can be used as `step.with` keys
+The following inputs can be used as `step.with` keys:
 > `List` type is a newline-delimited string
 > ```yaml
@@ -274,33 +291,76 @@ Following inputs can be used as `step.with` keys
 >   org.opencontainers.image.vendor=MyCompany
 > ```
-| Name                | Type   | Description                                              |
+| Name              | Type   | Description                                                                  |
-|---------------------|--------|----------------------------------------------------------|
+|-------------------|--------|------------------------------------------------------------------------------|
-| `images`            | List   | List of Docker images to use as base name for tags       |
+| `context`         | String | Where to get context data. Allowed options are: `workflow` (default), `git`. |
-| `tags`              | List   | List of [tags](#tags-input) as key-value pair attributes |
+| `images`          | List   | List of Docker images to use as base name for tags                           |
-| `flavor`            | List   | [Flavor](#flavor-input) to apply                         |
+| `tags`            | List   | List of [tags](#tags-input) as key-value pair attributes                     |
-| `labels`            | List   | List of custom labels                                    |
+| `flavor`          | List   | [Flavor](#flavor-input) to apply                                             |
-| `sep-tags`          | String | Separator to use for tags output (default `\n`)          |
+| `labels`          | List   | List of custom labels                                                        |
-| `sep-labels`        | String | Separator to use for labels output (default `\n`)        |
+| `annotations`     | List   | List of custom annotations                                                   |
-| `bake-target`       | String | Bake target name (default `docker-metadata-action`)      |
+| `sep-tags`        | String | Separator to use for tags output (default `\n`)                              |
 | `sep-labels`      | String | Separator to use for labels output (default `\n`)                            |
 | `sep-annotations` | String | Separator to use for annotations output (default `\n`)                       |
 | `bake-target`     | String | Bake target name (default `docker-metadata-action`)                          |
 ### outputs
-Following outputs are available
+The following outputs are available:
-| Name          | Type    | Description                                                                                |
+| Name                    | Type   | Description                                                                                                                                                     |
-|---------------|---------|--------------------------------------------------------------------------------------------|
+|-------------------------|--------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `version`     | String  | Docker image version                                                                       |
+| `version`               | String | Docker image version                                                                                                                                            |
-| `tags`        | String  | Docker tags                                                                                |
+| `tags`                  | String | Docker tags                                                                                                                                                     |
-| `labels`      | String  | Docker labels                                                                              |
+| `labels`                | String | Docker labels                                                                                                                                                   |
-| `json`        | String  | JSON output of tags and labels                                                             |
+| `annotations`           | String | [Annotations](https://github.com/moby/buildkit/blob/master/docs/annotations.md)                                                                                 |
-| `bake-file`   | File    | [Bake file definition](https://docs.docker.com/build/customize/bake/file-definition/) path |
+| `json`                  | String | JSON output of tags and labels                                                                                                                                  |
 | `bake-file-tags`        | File   | [Bake file definition](https://docs.docker.com/build/bake/reference/) path with tags                                                                            |
 | `bake-file-labels`      | File   | [Bake file definition](https://docs.docker.com/build/bake/reference/) path with labels                                                                          |
 | `bake-file-annotations` | File   | [Bake file definition](https://docs.docker.com/build/bake/reference/) path with [annotations](https://github.com/moby/buildkit/blob/master/docs/annotations.md) |
 Alternatively, each output is also exported as an environment variable when `DOCKER_METADATA_SET_OUTPUT_ENV` is `true`:
 * `DOCKER_METADATA_OUTPUT_VERSION`
 * `DOCKER_METADATA_OUTPUT_TAGS`
 * `DOCKER_METADATA_OUTPUT_LABELS`
 * `DOCKER_METADATA_OUTPUT_ANNOTATIONS`
 * `DOCKER_METADATA_OUTPUT_JSON`
 * `DOCKER_METADATA_OUTPUT_BAKE_FILE_TAGS`
 * `DOCKER_METADATA_OUTPUT_BAKE_FILE_LABELS`
 * `DOCKER_METADATA_OUTPUT_BAKE_FILE_ANNOTATIONS`
 So it can be used with our [Docker Build Push action](https://github.com/docker/build-push-action/):
 ```yaml
 - uses: docker/build-push-action@v6
  with:
    build-args: |
      DOCKER_METADATA_OUTPUT_JSON
 ```
 ### environment variables
-| Name                          | Type | Description                                                                                                |
+| Name                                 | Type   | Description                                                                                                                                  |
-|-------------------------------|------|------------------------------------------------------------------------------------------------------------|
+|--------------------------------------|--------|----------------------------------------------------------------------------------------------------------------------------------------------|
-| `DOCKER_METADATA_PR_HEAD_SHA` | Bool | If `true`, set associated head SHA instead of commit SHA that triggered the workflow on pull request event |
+| `DOCKER_METADATA_PR_HEAD_SHA`        | Bool   | If `true`, set associated head SHA instead of commit SHA that triggered the workflow on pull request event                                   |
 | `DOCKER_METADATA_SHORT_SHA_LENGTH`   | Number | Specifies the length of the [short commit SHA](#typesha) to ensure uniqueness. Default is `7`, but can be increased for larger repositories. |
 | `DOCKER_METADATA_ANNOTATIONS_LEVELS` | String | Comma separated list of annotations levels to set for annotations output separated (default `manifest`)                                      |
 | `DOCKER_METADATA_SET_OUTPUT_ENV`     | Bool   | If `true`, sets each output as an environment variable (default `true`)                                                                      |
 ## `context` input
 `context` defines where to get context metadata:
 ```yaml
 # default
 context: workflow
 # or
 context: git
 ```
 * `workflow`: Get context metadata from the workflow (GitHub context). See https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
 * `git`: Get context metadata from the workflow and overrides some of them with current Git context, such as `ref` and `sha`.
 ## `images` input
@@ -325,6 +385,8 @@ images: |
 * `name=<string>` image base name
 * `enable=<true|false>` enable this entry (default `true`)
 If `images` is empty, tags will be generated without base name.
 ## `flavor` input
 `flavor` defines a global behavior for [`tags`](#tags-input):
@@ -398,6 +460,8 @@ tags: |
  type=schedule,pattern=nightly
  # handlebars
  type=schedule,pattern={{date 'YYYYMMDD'}}
  # handlebars with timezone
  type=schedule,pattern={{date 'YYYYMMDD-hhmmss' tz='Asia/Tokyo'}}
 ```
 Will be used on [schedule event](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule).
@@ -405,12 +469,14 @@ Will be used on [schedule event](https://docs.github.com/en/actions/using-workfl
 `pattern` is a specially crafted attribute to support [Handlebars' template](https://handlebarsjs.com/guide/)
 with the following expressions:
-* `date 'format'` ; render date by its [moment format](https://momentjs.com/docs/#/displaying/format/)
+* `date 'format' tz='Timezone'` ; render date by its [moment format](https://momentjs.com/docs/#/displaying/format/).
  Default `tz` is UTC.
-| Pattern                  | Output               |
+| Pattern                                      | Output            |
-|--------------------------|----------------------|
+|----------------------------------------------|-------------------|
-| `nightly`                | `nightly`            |
+| `nightly`                                    | `nightly`         |
-| `{{date 'YYYYMMDD'}}`    | `20210326`           |
+| `{{date 'YYYYMMDD'}}`                        | `20200110`        |
 | `{{date 'YYYYMMDD-HHmmss' tz='Asia/Tokyo'}}` | `20200110-093000` |
 Extended attributes and default values:
@@ -639,7 +705,26 @@ tags: |
  type=sha,format=long
 ```
-Output Git short commit (or long if specified) as Docker tag like `sha-ad132f5`.
+Output Git short commit (or long if specified) as Docker tag like
 `sha-860c190`.
 By default, the length of the short commit SHA is `7` characters. You can
 increase this length for larger repositories by setting the
 [`DOCKER_METADATA_SHORT_SHA_LENGTH` environment variable](#environment-variables):
 ```yaml
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            name/app
          tags: |
            type=sha
        env:
          DOCKER_METADATA_SHORT_SHA_LENGTH: 12
 ```
 Extended attributes and default values:
@@ -673,6 +758,7 @@ generated by default (`auto` mode) for:
 * [`type=ref,event=tag`](#typeref)
 * [`type=semver,pattern=...`](#typesemver)
 * [`type=pep440,pattern=...`](#typepep440)
 * [`type=match,pattern=...`](#typematch)
 For conditionally tagging with latest for a specific branch name, e.g. if your
@@ -714,7 +800,8 @@ Each tags `type` attribute has a default priority:
 ### Global expressions
 The following [Handlebars' template](https://handlebarsjs.com/guide/) expressions
-for `prefix`, `suffix`, `value` and `enable` attributes are available:
+for `prefix`, `suffix`, `value` and `enable` attributes of `tags` input are
 available:
 ```yaml
 tags: |
@@ -724,6 +811,13 @@ tags: |
  type=raw,value=mytag-{{branch}}-{{sha}}
 ```
 They can also be applied to `labels` and `annotations` inputs:
 ```yaml
 labels: |
  org.opencontainers.image.created={{commit_date 'YYYY-MM-DDTHH:mm:ss.SSS[Z]'}}
 ```
 #### `{{branch}}`
 Returns the branch name that triggered the workflow run. Will be empty if not 
@@ -775,14 +869,30 @@ workflow run. Will be empty for a branch reference:
 Returns `true` if the branch that triggered the workflow run is the default
 one, otherwise `false`.
-#### `{{date '<format>'}}`
+#### `{{date '<format>' tz='<timezone>'}}`
 Returns the current date rendered by its [moment format](https://momentjs.com/docs/#/displaying/format/).
 Default `tz` is UTC.
-| Expression                                 | Output example                          |
+| Expression                                   | Output example                          |
-|--------------------------------------------|-----------------------------------------|
+|----------------------------------------------|-----------------------------------------|
-| `{{date 'YYYYMMDD'}}`                      | `20200110`                              |
+| `{{date 'YYYYMMDD'}}`                        | `20200110`                              |
-| `{{date 'dddd, MMMM Do YYYY, h:mm:ss a'}}` | `Friday, January 10th 2020, 3:25:50 pm` |
+| `{{date 'dddd, MMMM Do YYYY, h:mm:ss a'}}`   | `Friday, January 10th 2020, 3:25:50 pm` |
 | `{{date 'YYYYMMDD-HHmmss' tz='Asia/Tokyo'}}` | `20200110-093000`                       |
 #### `{{commit_date '<format>' tz='<timezone>'}}`
 Returns the date when the current git commit is committed, rendered by its
 [moment format](https://momentjs.com/docs/#/displaying/format/). It falls back
 to the current date if the commit date is not available.
 Default `tz` is UTC.
 | Expression                                          | Output example                          |
 |-----------------------------------------------------|-----------------------------------------|
 | `{{commit_date 'YYYYMMDD'}}`                        | `20200110`                              |
 | `{{commit_date 'dddd, MMMM Do YYYY, h:mm:ss a'}}`   | `Friday, January 10th 2020, 3:25:50 pm` |
 | `{{commit_date 'YYYYMMDD-HHmmss' tz='Asia/Tokyo'}}` | `20200110-093000`                       |
 ### Major version zero
@@ -811,13 +921,13 @@ that you can reuse them further in your workflow using the [`fromJSON` function]
 ```yaml
      -
        name: Docker meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        id: meta
        with:
          images: name/app
      -
        name: Build and push
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
        with:
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
@@ -827,16 +937,17 @@ that you can reuse them further in your workflow using the [`fromJSON` function]
            REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
 ```
-### Overwrite labels
+### Overwrite labels and annotations
 If some [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
-labels generated are not suitable, you can overwrite them like this:
+generated are not suitable as labels/annotations, you can overwrite them like
 this:
 ```yaml
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: name/app
          labels: |
@@ -846,6 +957,78 @@ labels generated are not suitable, you can overwrite them like this:
            org.opencontainers.image.vendor=MyCompany
 ```
 ### Annotations
 Since Buildx 0.12, it is possible to set annotations to your image through the
 `--annotation` flag.
 With the [`build-push-action`](https://github.com/docker/build-push-action/),
 you can set the `annotations` input with the value of the `annotations` output
 of the `metadata-action`:
 ```yaml
      -
        name: Docker meta
        uses: docker/metadata-action@v5
        with:
          images: name/app
      -
        name: Build and push
        uses: docker/build-push-action@v6
        with:
          tags: ${{ steps.meta.outputs.tags }}
          annotations: ${{ steps.meta.outputs.annotations }}
 ```
 The same can be done with the [`bake-action`](https://github.com/docker/bake-action/):
 ```yaml
      -
        name: Docker meta
        uses: docker/metadata-action@v5
        with:
          images: name/app
      -
        name: Build
        uses: docker/bake-action@v6
        with:
          files: |
            ./docker-bake.hcl
            cwd://${{ steps.meta.outputs.bake-file-tags }}
            cwd://${{ steps.meta.outputs.bake-file-annotations }}
          targets: build
 ```
 Note that annotations can be attached at many different levels within a manifest.
 By default, the generated annotations will be attached to image manifests,
 but different registries may expect annotations at different places;
 a common practice is to read annotations at _image indexes_ if present,
 which are often used by multi-arch builds to index platform-specific images.
 If you want to specify level(s) for your annotations, you can use the
 [`DOCKER_METADATA_ANNOTATIONS_LEVELS` environment variable](#environment-variables)
 with a comma separated list of all levels the annotations should be attached to (defaults to `manifest`).
 The following configuration demonstrates the ability to attach annotations to both image manifests and image indexes,
 though your registry may only need annotations at the index level. (That is, `index` alone may be enough.)
 Please consult the documentation of your registry.
 ```yaml
      -
        name: Docker meta
        uses: docker/metadata-action@v5
        with:
          images: name/app
        env:
          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
      -
        name: Build and push
        uses: docker/build-push-action@v6
        with:
          tags: ${{ steps.meta.outputs.tags }}
          annotations: ${{ steps.meta.outputs.annotations }}
 ```
 More information about annotations in the [BuildKit documentation](https://github.com/moby/buildkit/blob/master/docs/annotations.md).
 ## Contributing
 Want to contribute? Awesome! You can find information about contributing to
--- a/UPGRADE.md
+++ b/UPGRADE.md
@@ -1,300 +0,0 @@
 # Upgrade notes
 ## v2 to v3
 * Repository has been moved to docker org. Replace `crazy-max/ghaction-docker-meta@v2`
  with `docker/metadata-action@v4`
 * The default bake target has been changed: `ghaction-docker-meta` > `docker-metadata-action`
 ## v1 to v2
 * [inputs](#inputs)
  * [`tag-sha`](#tag-sha)
  * [`tag-edge` / `tag-edge-branch`](#tag-edge--tag-edge-branch)
  * [`tag-semver`](#tag-semver)
  * [`tag-match` / `tag-match-group`](#tag-match--tag-match-group)
  * [`tag-latest`](#tag-latest)
  * [`tag-schedule`](#tag-schedule)
  * [`tag-custom` / `tag-custom-only`](#tag-custom--tag-custom-only)
  * [`label-custom`](#label-custom)
 * [Basic workflow](#basic-workflow)
 * [Semver workflow](#semver-workflow)
 ### inputs
 | New        | Unchanged       | Removed            |
 |------------|-----------------|--------------------|
 | `tags`     | `images`        | `tag-sha`          |
 | `flavor`   | `sep-tags`      | `tag-edge`         |
 | `labels`   | `sep-labels`    | `tag-edge-branch`  |
 |            |                 | `tag-semver`       |
 |            |                 | `tag-match`        |
 |            |                 | `tag-match-group`  |
 |            |                 | `tag-latest`       |
 |            |                 | `tag-schedule`     |
 |            |                 | `tag-custom`       |
 |            |                 | `tag-custom-only`  |
 |            |                 | `label-custom`     |
 #### `tag-sha`
 ```yaml
 tags: |
  type=sha
 ```
 #### `tag-edge` / `tag-edge-branch`
 ```yaml
 tags: |
  # default branch
  type=edge
  # specify branch
  type=edge,branch=main
 ```
 #### `tag-semver`
 ```yaml
 tags: |
  type=semver,pattern={{version}}
 ```
 #### `tag-match` / `tag-match-group`
 ```yaml
 tags: |
  type=match,pattern=v(.*),group=1
 ```
 #### `tag-latest`
 `tag-latest` is now handled through the [`flavor` input](README.md#flavor-input):
 ```yaml
 flavor: |
  latest=auto
 ```
 See also the notes about ["latest tag" behavior](README.md#latest-tag)
 #### `tag-schedule`
 ```yaml
 tags: |
  # default tag (nightly)
  type=schedule
  # specific pattern
  type=schedule,pattern={{date 'YYYYMMDD'}}
 ```
 #### `tag-custom` / `tag-custom-only`
 ```yaml
 tags: |
  type=raw,value=foo
  type=raw,value=bar
  # or
  type=raw,foo
  type=raw,bar
  # or
  foo
  bar
 ```
 #### `label-custom`
 Same behavior for `labels`:
 ```yaml
 labels: |
  maintainer=CrazyMax
 ```
 ### Basic workflow
 ```yaml
 # v1
 name: ci
 on:
  push:
    branches:
      - 'master'
    tags:
      - 'v*'
  pull_request:
    branches:
      - 'master'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v1
        with:
          images: name/app
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
 ```
 ```yaml
 # v2
 name: ci
 on:
  push:
    branches:
      - 'master'
    tags:
      - 'v*'
  pull_request:
    branches:
      - 'master'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: name/app
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
 ```
 ### Semver workflow
 ```yaml
 # v1
 name: ci
 on:
  push:
    branches:
      - 'master'
    tags:
      - 'v*'
  pull_request:
    branches:
      - 'master'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v1
        with:
          images: name/app
          tag-semver: |
            {{version}}
            {{major}}.{{minor}}
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
 ```
 ```yaml
 # v2
 name: ci
 on:
  push:
    branches:
      - 'master'
    tags:
      - 'v*'
  pull_request:
    branches:
      - 'master'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: name/app
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
 ```
--- a/mocks/@actions/github.ts
+++ b/mocks/@actions/github.ts
@@ -0,0 +1,223 @@
 import {jest} from '@jest/globals';
 export const context = {
  repo: {
    owner: 'docker',
    repo: 'actions-toolkit'
  },
  ref: 'refs/heads/master',
  runId: 123,
  payload: {
    after: '860c1904a1ce19322e91ac35af1ab07466440c37',
    base_ref: null,
    before: '5f3331d7f7044c18ca9f12c77d961c4d7cf3276a',
    commits: [
      {
        author: {
          email: 'crazy-max@users.noreply.github.com',
          name: 'CrazyMax',
          username: 'crazy-max'
        },
        committer: {
          email: 'crazy-max@users.noreply.github.com',
          name: 'CrazyMax',
          username: 'crazy-max'
        },
        distinct: true,
        id: '860c1904a1ce19322e91ac35af1ab07466440c37',
        message: 'hello dev',
        timestamp: '2022-04-19T11:27:24+02:00',
        tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
        url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
      }
    ],
    compare: 'https://github.com/docker/test-docker-action/compare/5f3331d7f704...860c1904a1ce',
    created: false,
    deleted: false,
    forced: false,
    head_commit: {
      author: {
        email: 'crazy-max@users.noreply.github.com',
        name: 'CrazyMax',
        username: 'crazy-max'
      },
      committer: {
        email: 'crazy-max@users.noreply.github.com',
        name: 'CrazyMax',
        username: 'crazy-max'
      },
      distinct: true,
      id: '860c1904a1ce19322e91ac35af1ab07466440c37',
      message: 'hello dev',
      timestamp: '2022-04-19T11:27:24+02:00',
      tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
      url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
    },
    organization: {
      avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
      description: 'Docker helps developers bring their ideas to life by conquering the complexity of app development.',
      events_url: 'https://api.github.com/orgs/docker/events',
      hooks_url: 'https://api.github.com/orgs/docker/hooks',
      id: 5429470,
      issues_url: 'https://api.github.com/orgs/docker/issues',
      login: 'docker',
      members_url: 'https://api.github.com/orgs/docker/members{/member}',
      node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
      public_members_url: 'https://api.github.com/orgs/docker/public_members{/member}',
      repos_url: 'https://api.github.com/orgs/docker/repos',
      url: 'https://api.github.com/orgs/docker'
    },
    pusher: {
      email: 'github@crazymax.dev',
      name: 'crazy-max'
    },
    ref: 'refs/heads/dev',
    repository: {
      allow_forking: true,
      archive_url: 'https://api.github.com/repos/docker/test-docker-action/{archive_format}{/ref}',
      archived: false,
      assignees_url: 'https://api.github.com/repos/docker/test-docker-action/assignees{/user}',
      blobs_url: 'https://api.github.com/repos/docker/test-docker-action/git/blobs{/sha}',
      branches_url: 'https://api.github.com/repos/docker/test-docker-action/branches{/branch}',
      clone_url: 'https://github.com/docker/test-docker-action.git',
      collaborators_url: 'https://api.github.com/repos/docker/test-docker-action/collaborators{/collaborator}',
      comments_url: 'https://api.github.com/repos/docker/test-docker-action/comments{/number}',
      commits_url: 'https://api.github.com/repos/docker/test-docker-action/commits{/sha}',
      compare_url: 'https://api.github.com/repos/docker/test-docker-action/compare/{base}...{head}',
      contents_url: 'https://api.github.com/repos/docker/test-docker-action/contents/{+path}',
      contributors_url: 'https://api.github.com/repos/docker/test-docker-action/contributors',
      created_at: 1596792180,
      default_branch: 'master',
      deployments_url: 'https://api.github.com/repos/docker/test-docker-action/deployments',
      description: 'Test "Docker" Actions',
      disabled: false,
      downloads_url: 'https://api.github.com/repos/docker/test-docker-action/downloads',
      events_url: 'https://api.github.com/repos/docker/test-docker-action/events',
      fork: false,
      forks: 1,
      forks_count: 1,
      forks_url: 'https://api.github.com/repos/docker/test-docker-action/forks',
      full_name: 'docker/test-docker-action',
      git_commits_url: 'https://api.github.com/repos/docker/test-docker-action/git/commits{/sha}',
      git_refs_url: 'https://api.github.com/repos/docker/test-docker-action/git/refs{/sha}',
      git_tags_url: 'https://api.github.com/repos/docker/test-docker-action/git/tags{/sha}',
      git_url: 'git://github.com/docker/test-docker-action.git',
      has_downloads: true,
      has_issues: true,
      has_pages: false,
      has_projects: true,
      has_wiki: true,
      homepage: '',
      hooks_url: 'https://api.github.com/repos/docker/test-docker-action/hooks',
      html_url: 'https://github.com/docker/test-docker-action',
      id: 285789493,
      is_template: false,
      issue_comment_url: 'https://api.github.com/repos/docker/test-docker-action/issues/comments{/number}',
      issue_events_url: 'https://api.github.com/repos/docker/test-docker-action/issues/events{/number}',
      issues_url: 'https://api.github.com/repos/docker/test-docker-action/issues{/number}',
      keys_url: 'https://api.github.com/repos/docker/test-docker-action/keys{/key_id}',
      labels_url: 'https://api.github.com/repos/docker/test-docker-action/labels{/name}',
      language: 'JavaScript',
      languages_url: 'https://api.github.com/repos/docker/test-docker-action/languages',
      license: {
        key: 'mit',
        name: 'MIT License',
        node_id: 'MDc6TGljZW5zZTEz',
        spdx_id: 'MIT',
        url: 'https://api.github.com/licenses/mit'
      },
      master_branch: 'master',
      merges_url: 'https://api.github.com/repos/docker/test-docker-action/merges',
      milestones_url: 'https://api.github.com/repos/docker/test-docker-action/milestones{/number}',
      mirror_url: null,
      name: 'test-docker-action',
      node_id: 'MDEwOlJlcG9zaXRvcnkyODU3ODk0OTM=',
      notifications_url: 'https://api.github.com/repos/docker/test-docker-action/notifications{?since,all,participating}',
      open_issues: 6,
      open_issues_count: 6,
      organization: 'docker',
      owner: {
        avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
        email: 'info@docker.com',
        events_url: 'https://api.github.com/users/docker/events{/privacy}',
        followers_url: 'https://api.github.com/users/docker/followers',
        following_url: 'https://api.github.com/users/docker/following{/other_user}',
        gists_url: 'https://api.github.com/users/docker/gists{/gist_id}',
        gravatar_id: '',
        html_url: 'https://github.com/docker',
        id: 5429470,
        login: 'docker',
        name: 'docker',
        node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
        organizations_url: 'https://api.github.com/users/docker/orgs',
        received_events_url: 'https://api.github.com/users/docker/received_events',
        repos_url: 'https://api.github.com/users/docker/repos',
        site_admin: false,
        starred_url: 'https://api.github.com/users/docker/starred{/owner}{/repo}',
        subscriptions_url: 'https://api.github.com/users/docker/subscriptions',
        type: 'Organization',
        url: 'https://api.github.com/users/docker'
      },
      private: true,
      pulls_url: 'https://api.github.com/repos/docker/test-docker-action/pulls{/number}',
      pushed_at: 1650360446,
      releases_url: 'https://api.github.com/repos/docker/test-docker-action/releases{/id}',
      size: 796,
      ssh_url: 'git@github.com:docker/test-docker-action.git',
      stargazers: 0,
      stargazers_count: 0,
      stargazers_url: 'https://api.github.com/repos/docker/test-docker-action/stargazers',
      statuses_url: 'https://api.github.com/repos/docker/test-docker-action/statuses/{sha}',
      subscribers_url: 'https://api.github.com/repos/docker/test-docker-action/subscribers',
      subscription_url: 'https://api.github.com/repos/docker/test-docker-action/subscription',
      svn_url: 'https://github.com/docker/test-docker-action',
      tags_url: 'https://api.github.com/repos/docker/test-docker-action/tags',
      teams_url: 'https://api.github.com/repos/docker/test-docker-action/teams',
      topics: [],
      trees_url: 'https://api.github.com/repos/docker/test-docker-action/git/trees{/sha}',
      updated_at: '2022-04-19T09:05:09Z',
      url: 'https://github.com/docker/test-docker-action',
      visibility: 'private',
      watchers: 0,
      watchers_count: 0
    },
    sender: {
      avatar_url: 'https://avatars.githubusercontent.com/u/1951866?v=4',
      events_url: 'https://api.github.com/users/crazy-max/events{/privacy}',
      followers_url: 'https://api.github.com/users/crazy-max/followers',
      following_url: 'https://api.github.com/users/crazy-max/following{/other_user}',
      gists_url: 'https://api.github.com/users/crazy-max/gists{/gist_id}',
      gravatar_id: '',
      html_url: 'https://github.com/crazy-max',
      id: 1951866,
      login: 'crazy-max',
      node_id: 'MDQ6VXNlcjE5NTE4NjY=',
      organizations_url: 'https://api.github.com/users/crazy-max/orgs',
      received_events_url: 'https://api.github.com/users/crazy-max/received_events',
      repos_url: 'https://api.github.com/users/crazy-max/repos',
      site_admin: false,
      starred_url: 'https://api.github.com/users/crazy-max/starred{/owner}{/repo}',
      subscriptions_url: 'https://api.github.com/users/crazy-max/subscriptions',
      type: 'User',
      url: 'https://api.github.com/users/crazy-max'
    }
  }
 };
 export const getOctokit = jest.fn(() => ({
  rest: {
    repos: {
      getCommit: jest.fn(() =>
        Promise.resolve({
          data: {
            commit: {
              committer: {
                date: '2024-11-13T13:42:28Z'
              }
            }
          }
        })
      )
    }
  }
 }));
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@@ -1,167 +1,141 @@
-import {describe, expect, it, jest} from '@jest/globals';
+import {afterEach, beforeEach, describe, expect, test, it, jest} from '@jest/globals';
 import * as dotenv from 'dotenv';
 import * as fs from 'fs';
 import * as path from 'path';
 import {Context} from '@actions/github/lib/context';
 import {Git} from '@docker/actions-toolkit/lib/git';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
-import * as context from '../src/context';
+import {ContextSource, getContext, getInputs, Inputs} from '../src/context';
-jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
+const toolkit = new Toolkit({githubToken: 'fake-github-token'});
  const tmpDir = path.join('/tmp/.docker-metadata-action-jest').split(path.sep).join(path.posix.sep);
  if (!fs.existsSync(tmpDir)) {
    fs.mkdirSync(tmpDir, {recursive: true});
  }
  return tmpDir;
 });
-describe('getInputList', () => {
+beforeEach(() => {
-  it('single line correctly', async () => {
+  jest.clearAllMocks();
-    await setInput('foo', 'bar');
+  jest.spyOn(GitHub, 'context', 'get').mockImplementation((): Context => {
-    const res = context.getInputList('foo');
+    return new Context();
    expect(res).toEqual(['bar']);
  });
  it('multiline correctly', async () => {
    setInput('foo', 'bar\nbaz');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('empty lines correctly', async () => {
    setInput('foo', 'bar\n\nbaz');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('comment correctly', async () => {
    setInput('foo', 'bar\n#com\n"#taken"\nhello#comment\nbaz');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', '#taken', 'hello', 'baz']);
  });
  it('comma correctly', async () => {
    setInput('foo', 'bar,baz');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('empty result correctly', async () => {
    setInput('foo', 'bar,baz,');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('different new lines correctly', async () => {
    setInput('foo', 'bar\r\nbaz');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('different new lines and comma correctly', async () => {
    setInput('foo', 'bar\r\nbaz,bat');
    const res = context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz', 'bat']);
  });
  it('multiline and ignoring comma correctly', async () => {
    setInput('cache-from', 'user/app:cache\ntype=local,src=path/to/dir');
    const res = context.getInputList('cache-from', true);
    expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
  });
  it('different new lines and ignoring comma correctly', async () => {
    setInput('cache-from', 'user/app:cache\r\ntype=local,src=path/to/dir');
    const res = context.getInputList('cache-from', true);
    expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
  });
  it('multiline values', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc"
 FOO=bar`
    );
    const res = context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc`,
      'FOO=bar'
    ]);
  });
  it('multiline values with empty lines', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc"
 FOO=bar
 "EMPTYLINE=aaaa
 bbbb
 ccc"`
    );
    const res = context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc`,
      'FOO=bar',
      `EMPTYLINE=aaaa
 bbbb
 ccc`
    ]);
  });
  it('multiline values without quotes', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc
 FOO=bar`
    );
    const res = context.getInputList('secrets', true);
    expect(res).toEqual(['GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'MYSECRET=aaaaaaaa', 'bbbbbbb', 'ccccccccc', 'FOO=bar']);
  });
  it('multiline values escape quotes', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbb""bbb
 ccccccccc"
 FOO=bar`
    );
    const res = context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbb"bbb
 ccccccccc`,
      'FOO=bar'
    ]);
  });
 });
-describe('asyncForEach', () => {
+describe('getInputs', () => {
-  it('executes async tasks sequentially', async () => {
+  beforeEach(() => {
-    const testValues = [1, 2, 3, 4, 5];
+    process.env = Object.keys(process.env).reduce((object, key) => {
-    const results: number[] = [];
+      if (!key.startsWith('INPUT_')) {
        object[key] = process.env[key];
      }
      return object;
    }, {});
  });
-    await context.asyncForEach(testValues, async value => {
+  // prettier-ignore
-      results.push(value);
+  test.each([
    [
      0,
      new Map<string, string>([
        ['images', 'moby/buildkit\nghcr.io/moby/mbuildkit'],
      ]),
      {
        context: ContextSource.workflow,
        bakeTarget: 'docker-metadata-action',
        flavor: [],
        githubToken: '',
        images: ['moby/buildkit', 'ghcr.io/moby/mbuildkit'],
        labels: [],
        annotations: [],
        sepLabels: '\n',
        sepTags: '\n',
        sepAnnotations: '\n',
        tags: [],
      } as Inputs
    ],
    [
      1,
      new Map<string, string>([
        ['bake-target', 'metadata'],
        ['images', 'moby/buildkit'],
        ['sep-labels', ','],
        ['sep-tags', ','],
        ['sep-annotations', ',']
      ]),
      {
        context: ContextSource.workflow,
        bakeTarget: 'metadata',
        flavor: [],
        githubToken: '',
        images: ['moby/buildkit'],
        labels: [],
        annotations: [],
        sepLabels: ',',
        sepTags: ',',
        sepAnnotations: ',',
        tags: [],
      } as Inputs
    ],
    [
      2,
      new Map<string, string>([
        ['images', 'moby/buildkit\n#comment\nghcr.io/moby/mbuildkit'],
      ]),
      {
        context: ContextSource.workflow,
        bakeTarget: 'docker-metadata-action',
        flavor: [],
        githubToken: '',
        images: ['moby/buildkit', 'ghcr.io/moby/mbuildkit'],
        labels: [],
        annotations: [],
        sepLabels: '\n',
        sepTags: '\n',
        sepAnnotations: '\n',
        tags: [],
      } as Inputs
    ],
  ])(
    '[%d] given %p as inputs, returns %p',
    async (num: number, inputs: Map<string, string>, expected: Inputs) => {
      inputs.forEach((value: string, name: string) => {
        setInput(name, value);
      });
      expect(await getInputs()).toEqual(expected);
    }
  );
 });
 describe('getContext', () => {
  const originalEnv = process.env;
  beforeEach(() => {
    jest.resetModules();
    process.env = {
      ...originalEnv,
      ...dotenv.parse(fs.readFileSync(path.join(__dirname, 'fixtures/event_create_branch.env')))
    };
  });
  afterEach(() => {
    process.env = originalEnv;
  });
  it('workflow', async () => {
    const context = await getContext(ContextSource.workflow, toolkit);
    expect(context.ref).toEqual('refs/heads/dev');
    expect(context.sha).toEqual('5f3331d7f7044c18ca9f12c77d961c4d7cf3276a');
    expect(context.commitDate).toEqual(new Date('2024-11-13T13:42:28.000Z'));
  });
  it('git', async () => {
    jest.spyOn(Git, 'context').mockImplementation((): Promise<Context> => {
      return Promise.resolve({
        ref: 'refs/heads/git-test',
        sha: 'git-test-sha'
      } as Context);
    });
-
+    jest.spyOn(Git, 'commitDate').mockImplementation(async (): Promise<Date> => {
-    expect(results).toEqual(testValues);
+      return new Date('2023-01-01T13:42:28.000Z');
    });
    const context = await getContext(ContextSource.git, toolkit);
    expect(context.ref).toEqual('refs/heads/git-test');
    expect(context.sha).toEqual('git-test-sha');
    expect(context.commitDate).toEqual(new Date('2023-01-01T13:42:28.000Z'));
  });
 });
--- a/tests/flavor.test.ts
+++ b/tests/flavor.test.ts
@@ -1,4 +1,5 @@
 import {describe, expect, test} from '@jest/globals';
 import {Flavor, Transform} from '../src/flavor';
 describe('transform', () => {
--- a/tests/github.test.ts
+++ b/tests/github.test.ts
@@ -1,14 +0,0 @@
 import {describe, expect, jest, it} from '@jest/globals';
 import * as github from '../src/github';
 import * as repoFixture from './fixtures/repo.json';
 jest.spyOn(github, 'repo').mockImplementation((): Promise<github.ReposGetResponseData> => {
  return <Promise<github.ReposGetResponseData>>(repoFixture as unknown);
 });
 describe('repo', () => {
  it('returns GitHub repository', async () => {
    const repo = await github.repo(process.env.GITHUB_TOKEN || '');
    expect(repo.name).not.toBeNull();
  });
 });
--- a/tests/image.test.ts
+++ b/tests/image.test.ts
@@ -1,4 +1,5 @@
 import {describe, expect, test} from '@jest/globals';
 import {Transform, Image} from '../src/image';
 describe('transform', () => {
@@ -86,7 +87,7 @@ describe('transform', () => {
    [
      [`name/foo,name=name/bar,enable=true`], undefined, true
    ]
-  ])('given %p', async (l: string[], expected: Image[], invalid: boolean) => {
+  ])('given %p', async (l: string[], expected: Image[] | undefined, invalid: boolean) => {
    try {
      const images = Transform(l);
      expect(images).toEqual(expected);
--- a/tests/meta.test.ts
+++ b/tests/meta.test.ts
--- a/tests/tag.test.ts
+++ b/tests/tag.test.ts
@@ -1,4 +1,5 @@
 import {describe, expect, test} from '@jest/globals';
 import {Transform, Parse, Tag, Type, RefEvent, ShaFormat, DefaultPriorities} from '../src/tag';
 describe('transform', () => {
@@ -126,6 +127,18 @@ describe('parse', () => {
      } as Tag,
      false
    ],
    [
      `type=schedule,enable=true,pattern={{date 'YYYYMMDD' tz='Asia/Tokyo'}}`,
      {
        type: Type.Schedule,
        attrs: {
          "priority": DefaultPriorities[Type.Schedule],
          "enable": "true",
          "pattern": `{{date 'YYYYMMDD' tz='Asia/Tokyo'}}`
        }
      } as Tag,
      false
    ],
    [
      `type=semver,enable=true,pattern={{version}}`,
      {
--- a/action.yml
+++ b/action.yml
@@ -7,9 +7,13 @@ branding:
  color: 'blue'
 inputs:
  context:
    description: 'Where to get context data. Allowed options are "workflow"  (default), "git".'
    default: "workflow"
    required: true
  images:
    description: 'List of Docker images to use as base name for tags'
-    required: true
+    required: false
  tags:
    description: 'List of tags as key-value pair attributes'
    required: false
@@ -19,12 +23,18 @@ inputs:
  labels:
    description: 'List of custom labels'
    required: false
  annotations:
    description: 'List of custom annotations'
    required: false
  sep-tags:
    description: 'Separator to use for tags output (default \n)'
    required: false
  sep-labels:
    description: 'Separator to use for labels output (default \n)'
    required: false
  sep-annotations:
    description: 'Separator to use for annotations output (default \n)'
    required: false
  bake-target:
    description: 'Bake target name (default docker-metadata-action)'
    required: false
@@ -40,11 +50,19 @@ outputs:
    description: 'Generated Docker tags'
  labels:
    description: 'Generated Docker labels'
-  bake-file:
+  annotations:
-    description: 'Bake definiton file'
+    description: 'Generated annotations'
  json:
    description: 'JSON output of tags and labels'
  bake-file-tags:
    description: 'Bake definition file with tags'
  bake-file-labels:
    description: 'Bake definition file with labels'
  bake-file-annotations:
    description: 'Bake definition file with annotations'
  bake-file:
    description: 'Bake definition file with tags and labels'
 runs:
-  using: 'node16'
+  using: 'node20'
  main: 'dist/index.js'
--- a/dev.Dockerfile
+++ b/dev.Dockerfile
@@ -1,13 +1,20 @@
 # syntax=docker/dockerfile:1
-ARG NODE_VERSION=16
+ARG NODE_VERSION=20
 FROM node:${NODE_VERSION}-alpine AS base
 RUN apk add --no-cache cpio findutils git
 WORKDIR /src
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache <<EOT
  corepack enable
  yarn --version
  yarn config set --home enableTelemetry 0
 EOT
 FROM base AS deps
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
  yarn install && mkdir /vendor && cp yarn.lock /vendor
@@ -16,18 +23,19 @@ COPY --from=deps /vendor /
 FROM deps AS vendor-validate
 RUN --mount=type=bind,target=.,rw <<EOT
-set -e
+  set -e
-git add -A
+  git add -A
-cp -rf /vendor/* .
+  cp -rf /vendor/* .
-if [ -n "$(git status --porcelain -- yarn.lock)" ]; then
+  if [ -n "$(git status --porcelain -- yarn.lock)" ]; then
-  echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'
+    echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor"'
-  git status --porcelain -- yarn.lock
+    git status --porcelain -- yarn.lock
-  exit 1
+    exit 1
-fi
+  fi
 EOT
 FROM deps AS build
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
  yarn run build && mkdir /out && cp -Rf dist /out/
@@ -36,36 +44,37 @@ COPY --from=build /out /
 FROM build AS build-validate
 RUN --mount=type=bind,target=.,rw <<EOT
-set -e
+  set -e
-git add -A
+  git add -A
-cp -rf /out/* .
+  cp -rf /out/* .
-if [ -n "$(git status --porcelain -- dist)" ]; then
+  if [ -n "$(git status --porcelain -- dist)" ]; then
-  echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'
+    echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'
-  git status --porcelain -- dist
+    git status --porcelain -- dist
-  exit 1
+    exit 1
-fi
+  fi
 EOT
 FROM deps AS format
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
  yarn run format \
-  && mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out
+  && mkdir /out && find . -name '*.ts' -not -path './node_modules/*' -not -path './.yarn/*' | cpio -pdm /out
 FROM scratch AS format-update
 COPY --from=format /out /
 FROM deps AS lint
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
  yarn run lint
 FROM deps AS test
 ENV RUNNER_TEMP=/tmp/github_runner
 ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/.yarn/cache \
  --mount=type=cache,target=/src/node_modules \
-  yarn run test --coverageDirectory=/tmp/coverage
+  yarn run test --coverage --coverageDirectory=/tmp/coverage
 FROM scratch AS test-coverage
 COPY --from=test /tmp/coverage /
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
--- a/dist/sourcemap-register.js
+++ b/dist/sourcemap-register.js
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -1,9 +1,15 @@
 target "_common" {
  args = {
    BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1
  }
 }
 group "default" {
  targets = ["build"]
 }
 group "pre-checkin" {
-  targets = ["vendor-update", "format", "build"]
+  targets = ["vendor", "format", "build"]
 }
 group "validate" {
@@ -11,42 +17,49 @@ group "validate" {
 }
 target "build" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "build-update"
  output = ["."]
 }
 target "build-validate" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "build-validate"
  output = ["type=cacheonly"]
 }
 target "format" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "format-update"
  output = ["."]
 }
 target "lint" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "lint"
  output = ["type=cacheonly"]
 }
-target "vendor-update" {
+target "vendor" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "vendor-update"
  output = ["."]
 }
 target "vendor-validate" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "vendor-validate"
  output = ["type=cacheonly"]
 }
 target "test" {
  inherits = ["_common"]
  dockerfile = "dev.Dockerfile"
  target = "test-coverage"
  output = ["./coverage"]
--- a/jest.config.ts
+++ b/jest.config.ts
@@ -1,5 +1,21 @@
 import fs from 'fs';
 import os from 'os';
 import path from 'path';
 const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-metadata-action-'));
 process.env = Object.assign({}, process.env, {
  TEMP: tmpDir,
  GITHUB_REPOSITORY: 'docker/metadata-action',
  RUNNER_TEMP: path.join(tmpDir, 'runner-temp'),
  RUNNER_TOOL_CACHE: path.join(tmpDir, 'runner-tool-cache')
 }) as {
  [key: string]: string;
 };
 module.exports = {
  clearMocks: true,
  testEnvironment: 'node',
  moduleFileExtensions: ['js', 'ts'],
  setupFiles: ['dotenv/config'],
  testMatch: ['**/*.test.ts'],
@@ -9,5 +25,7 @@ module.exports = {
  moduleNameMapper: {
    '^csv-parse/sync': '<rootDir>/node_modules/csv-parse/dist/cjs/sync.cjs'
  },
  collectCoverageFrom: ['src/**/{!(main.ts),}.ts'],
  coveragePathIgnorePatterns: ['lib/', 'node_modules/', '__mocks__/', '__tests__/'],
  verbose: true
 };
--- a/package.json
+++ b/package.json
@@ -1,13 +1,16 @@
 {
  "name": "docker-metadata-action",
  "description": "GitHub Action to extract metadata (tags, labels) for Docker",
-  "main": "lib/main.js",
+  "main": "src/main.ts",
  "scripts": {
-    "build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
+    "build": "ncc build --source-map --minify --license licenses.txt",
-    "lint": "eslint src/**/*.ts __tests__/**/*.ts",
+    "lint": "yarn run prettier && yarn run eslint",
-    "format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
+    "format": "yarn run prettier:fix && yarn run eslint:fix",
-    "test": "jest --coverage",
+    "eslint": "eslint --max-warnings=0 .",
-    "all": "yarn run build && yarn run format && yarn test"
+    "eslint:fix": "eslint --fix .",
    "prettier": "prettier --check \"./**/*.ts\"",
    "prettier:fix": "prettier --write \"./**/*.ts\"",
    "test": "jest"
  },
  "repository": {
    "type": "git",
@@ -20,39 +23,36 @@
    "tag",
    "label"
  ],
-  "author": "Docker",
+  "author": "Docker Inc.",
  "contributors": [
    {
      "name": "CrazyMax",
      "url": "https://crazymax.dev"
    }
  ],
  "license": "Apache-2.0",
  "packageManager": "yarn@3.6.3",
  "dependencies": {
-    "@actions/core": "^1.10.0",
+    "@actions/core": "^1.11.1",
-    "@actions/github": "^5.1.1",
+    "@actions/github": "^6.0.0",
    "@docker/actions-toolkit": "^0.56.0",
    "@renovate/pep440": "^1.0.0",
-    "csv-parse": "^5.3.1",
+    "csv-parse": "^5.6.0",
-    "handlebars": "^4.7.7",
+    "handlebars": "^4.7.8",
-    "moment": "^2.29.4",
+    "moment": "^2.30.1",
-    "semver": "^7.3.7"
+    "moment-timezone": "^0.5.47",
    "semver": "^7.7.1"
  },
  "devDependencies": {
    "@types/csv-parse": "^1.2.2",
-    "@types/node": "^16.11.26",
+    "@types/node": "^20.12.12",
-    "@types/semver": "^7.3.9",
+    "@types/semver": "^7.5.8",
-    "@typescript-eslint/eslint-plugin": "^5.14.0",
+    "@typescript-eslint/eslint-plugin": "^7.9.0",
-    "@typescript-eslint/parser": "^5.14.0",
+    "@typescript-eslint/parser": "^7.9.0",
-    "@vercel/ncc": "^0.33.3",
+    "@vercel/ncc": "^0.38.1",
-    "dotenv": "^16.0.0",
+    "dotenv": "^16.4.5",
-    "eslint": "^8.11.0",
+    "eslint": "^8.57.0",
-    "eslint-config-prettier": "^8.5.0",
+    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-jest": "^26.1.1",
+    "eslint-plugin-jest": "^28.5.0",
-    "eslint-plugin-prettier": "^4.0.0",
+    "eslint-plugin-prettier": "^5.1.3",
-    "jest": "^27.2.5",
+    "jest": "^29.7.0",
-    "prettier": "^2.3.1",
+    "prettier": "^3.2.5",
-    "ts-jest": "^27.1.2",
+    "ts-jest": "^29.1.2",
-    "ts-node": "^10.7.0",
+    "ts-node": "^10.9.2",
-    "typescript": "^4.4.4"
+    "typescript": "^5.4.5"
  }
 }
--- a/src/context.ts
+++ b/src/context.ts
@@ -1,74 +1,136 @@
 import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
 import * as core from '@actions/core';
-import {parse} from 'csv-parse/sync';
+import {Context as GithubContext} from '@actions/github/lib/context';
 import {Util} from '@docker/actions-toolkit/lib/util';
 import {Git} from '@docker/actions-toolkit/lib/git';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
-let _tmpDir: string;
+export interface Context extends GithubContext {
  commitDate: Date;
 }
 export interface Inputs {
  context: ContextSource;
  images: string[];
  tags: string[];
  flavor: string[];
  labels: string[];
  annotations: string[];
  sepTags: string;
  sepLabels: string;
  sepAnnotations: string;
  bakeTarget: string;
  githubToken: string;
 }
 export function tmpDir(): string {
  if (!_tmpDir) {
    _tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-metadata-action-')).split(path.sep).join(path.posix.sep);
  }
  return _tmpDir;
 }
 export function getInputs(): Inputs {
  return {
-    images: getInputList('images', true),
+    context: (core.getInput('context') || ContextSource.workflow) as ContextSource,
-    tags: getInputList('tags', true),
+    images: Util.getInputList('images', {ignoreComma: true, comment: '#'}),
-    flavor: getInputList('flavor', true),
+    tags: Util.getInputList('tags', {ignoreComma: true, comment: '#'}),
-    labels: getInputList('labels', true),
+    flavor: Util.getInputList('flavor', {ignoreComma: true, comment: '#'}),
    labels: Util.getInputList('labels', {ignoreComma: true, comment: '#'}),
    annotations: Util.getInputList('annotations', {ignoreComma: true, comment: '#'}),
    sepTags: core.getInput('sep-tags', {trimWhitespace: false}) || `\n`,
    sepLabels: core.getInput('sep-labels', {trimWhitespace: false}) || `\n`,
    sepAnnotations: core.getInput('sep-annotations', {trimWhitespace: false}) || `\n`,
    bakeTarget: core.getInput('bake-target') || `docker-metadata-action`,
    githubToken: core.getInput('github-token')
  };
 }
-export function getInputList(name: string, ignoreComma?: boolean): string[] {
+export enum ContextSource {
-  const res: Array<string> = [];
+  workflow = 'workflow',
-
+  git = 'git'
  const items = core.getInput(name);
  if (items == '') {
    return res;
  }
  const records = parse(items, {
    columns: false,
    relaxQuotes: true,
    comment: '#',
    relaxColumnCount: true,
    skipEmptyLines: true
  });
  for (const record of records as Array<string[]>) {
    if (record.length == 1) {
      res.push(record[0]);
      continue;
    } else if (!ignoreComma) {
      res.push(...record);
      continue;
    }
    res.push(record.join(','));
  }
  return res.filter(item => item).map(pat => pat.trim());
 }
-export const asyncForEach = async (array, callback) => {
+export async function getContext(source: ContextSource, toolkit: Toolkit): Promise<Context> {
-  for (let index = 0; index < array.length; index++) {
+  switch (source) {
-    await callback(array[index], index, array);
+    case ContextSource.workflow:
      return await getContextFromWorkflow(toolkit);
    case ContextSource.git:
      return await getContextFromGit();
    default:
      throw new Error(`Invalid context source: ${source}`);
  }
-};
+}
 async function getContextFromWorkflow(toolkit: Toolkit): Promise<Context> {
  const context = GitHub.context;
  // Needs to override Git reference with pr ref instead of upstream branch ref
  // for pull_request_target event
  // https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
  if (/pull_request_target/.test(context.eventName)) {
    context.ref = `refs/pull/${context.payload.number}/merge`;
  }
  // DOCKER_METADATA_PR_HEAD_SHA env var can be used to set associated head
  // SHA instead of commit SHA that triggered the workflow on pull request
  // event.
  if (/true/i.test(process.env.DOCKER_METADATA_PR_HEAD_SHA || '')) {
    if ((/pull_request/.test(context.eventName) || /pull_request_target/.test(context.eventName)) && context.payload?.pull_request?.head?.sha != undefined) {
      context.sha = context.payload.pull_request.head.sha;
    }
  }
  return {
    commitDate: await getCommitDateFromWorkflow(context.sha, toolkit),
    ...context
  } as Context;
 }
 async function getContextFromGit(): Promise<Context> {
  const ctx = await Git.context();
  return {
    commitDate: await Git.commitDate(ctx.sha),
    ...ctx
  } as Context;
 }
 async function getCommitDateFromWorkflow(sha: string, toolkit: Toolkit): Promise<Date> {
  const event = GitHub.context.payload as unknown as {
    // branch push
    commits?: Array<{
      timestamp: string;
      // commit sha
      id: string;
    }>;
    // tags
    head_commit?: {
      timestamp: string;
      // commit sha
      id: string;
    };
  };
  if (event.commits) {
    const commitDate = event.commits.find(x => x.id === sha)?.timestamp;
    if (commitDate) {
      return new Date(commitDate);
    }
  }
  if (event.head_commit) {
    if (event.head_commit.id === sha) {
      return new Date(event.head_commit.timestamp);
    }
  }
  // fallback to github api for commit date
  try {
    const commit = await toolkit.github.octokit.rest.repos.getCommit({
      owner: GitHub.context.repo.owner,
      repo: GitHub.context.repo.repo,
      ref: sha
    });
    if (commit.data.commit.committer?.date) {
      return new Date(commit.data.commit.committer.date);
    }
    throw new Error('Committer date not found');
  } catch (error) {
    core.debug(`Failed to get commit date from GitHub API: ${error.message}`);
    return new Date();
  }
 }
--- a/src/github.ts
+++ b/src/github.ts
@@ -1,16 +0,0 @@
 import * as github from '@actions/github';
 import {Context} from '@actions/github/lib/context';
 import {components as OctoOpenApiTypes} from '@octokit/openapi-types';
 export type ReposGetResponseData = OctoOpenApiTypes['schemas']['repository'];
 export function context(): Context {
  return github.context;
 }
 export async function repo(token: string): Promise<ReposGetResponseData> {
  return github
    .getOctokit(token)
    .rest.repos.get({...github.context.repo})
    .then(response => response.data as ReposGetResponseData);
 }
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,34 +1,37 @@
 import * as fs from 'fs';
 import {getInputs, Inputs} from './context';
 import * as github from './github';
 import {Meta, Version} from './meta';
 import * as core from '@actions/core';
-import {Context} from '@actions/github/lib/context';
+import * as actionsToolkit from '@docker/actions-toolkit';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {Util} from '@docker/actions-toolkit/lib/util';
-async function run() {
+import {getContext, getInputs, Inputs} from './context';
-  try {
+import {Meta, Version} from './meta';
    const inputs: Inputs = await getInputs();
    if (inputs.images.length == 0) {
      throw new Error(`images input required`);
    }
-    const context: Context = github.context();
+actionsToolkit.run(
-    const repo: github.ReposGetResponseData = await github.repo(inputs.githubToken);
+  // main
-    core.startGroup(`Context info`);
+  async () => {
-    core.info(`eventName: ${context.eventName}`);
+    const inputs: Inputs = getInputs();
-    core.info(`sha: ${context.sha}`);
+    const toolkit = new Toolkit({githubToken: inputs.githubToken});
-    core.info(`ref: ${context.ref}`);
+    const context = await getContext(inputs.context, toolkit);
-    core.info(`workflow: ${context.workflow}`);
+    const repo = await toolkit.github.repoData();
-    core.info(`action: ${context.action}`);
+    const setOutput = outputEnvEnabled() ? setOutputAndEnv : core.setOutput;
-    core.info(`actor: ${context.actor}`);
+
-    core.info(`runNumber: ${context.runNumber}`);
+    await core.group(`Context info`, async () => {
-    core.info(`runId: ${context.runId}`);
+      core.info(`eventName: ${context.eventName}`);
-    core.endGroup();
+      core.info(`sha: ${context.sha}`);
      core.info(`ref: ${context.ref}`);
      core.info(`workflow: ${context.workflow}`);
      core.info(`action: ${context.action}`);
      core.info(`actor: ${context.actor}`);
      core.info(`runNumber: ${context.runNumber}`);
      core.info(`runId: ${context.runId}`);
      core.info(`commitDate: ${context.commitDate}`);
    });
    if (core.isDebug()) {
-      core.startGroup(`Webhook payload`);
+      await core.group(`Webhook payload`, async () => {
-      core.info(JSON.stringify(context.payload, null, 2));
+        core.info(JSON.stringify(context.payload, null, 2));
-      core.endGroup();
+      });
    }
    const meta: Meta = new Meta(inputs, context, repo);
@@ -37,50 +40,81 @@ async function run() {
    if (meta.version.main == undefined || meta.version.main.length == 0) {
      core.warning(`No Docker image version has been generated. Check tags input.`);
    } else {
-      core.startGroup(`Docker image version`);
+      await core.group(`Docker image version`, async () => {
-      core.info(version.main || '');
+        core.info(version.main || '');
-      core.endGroup();
+      });
    }
-    core.setOutput('version', version.main || '');
+    setOutput('version', version.main || '');
    // Docker tags
    const tags: Array<string> = meta.getTags();
    if (tags.length == 0) {
      core.warning('No Docker tag has been generated. Check tags input.');
    } else {
-      core.startGroup(`Docker tags`);
+      await core.group(`Docker tags`, async () => {
-      for (const tag of tags) {
+        for (const tag of tags) {
-        core.info(tag);
+          core.info(tag);
-      }
+        }
-      core.endGroup();
+      });
    }
-    core.setOutput('tags', tags.join(inputs.sepTags));
+    setOutput('tags', tags.join(inputs.sepTags));
    // Docker labels
    const labels: Array<string> = meta.getLabels();
-    core.startGroup(`Docker labels`);
+    await core.group(`Docker labels`, async () => {
-    for (const label of labels) {
+      for (const label of labels) {
-      core.info(label);
+        core.info(label);
-    }
+      }
-    core.endGroup();
+      setOutput('labels', labels.join(inputs.sepLabels));
-    core.setOutput('labels', labels.join(inputs.sepLabels));
+    });
    // Annotations
    const annotationsRaw: Array<string> = meta.getAnnotations();
    const annotationsLevels = process.env.DOCKER_METADATA_ANNOTATIONS_LEVELS || 'manifest';
    await core.group(`Annotations`, async () => {
      const annotations: Array<string> = [];
      for (const level of annotationsLevels.split(',')) {
        annotations.push(
          ...annotationsRaw.map(label => {
            const v = `${level}:${label}`;
            core.info(v);
            return v;
          })
        );
      }
      setOutput(`annotations`, annotations.join(inputs.sepAnnotations));
    });
    // JSON
-    const jsonOutput = meta.getJSON();
+    const jsonOutput = meta.getJSON(annotationsLevels.split(','));
-    core.startGroup(`JSON output`);
+    await core.group(`JSON output`, async () => {
-    core.info(JSON.stringify(jsonOutput, null, 2));
+      core.info(JSON.stringify(jsonOutput, null, 2));
-    core.endGroup();
+      setOutput('json', JSON.stringify(jsonOutput));
-    core.setOutput('json', jsonOutput);
+    });
-    // Bake file definition
+    // Bake files
-    const bakeFile: string = meta.getBakeFile();
+    for (const kind of ['tags', 'labels', 'annotations:' + annotationsLevels]) {
-    core.startGroup(`Bake file definition`);
+      const outputName = kind.split(':')[0];
-    core.info(fs.readFileSync(bakeFile, 'utf8'));
+      const bakeFile: string = meta.getBakeFile(kind);
-    core.endGroup();
+      await core.group(`Bake file definition (${outputName})`, async () => {
-    core.setOutput('bake-file', bakeFile);
+        core.info(fs.readFileSync(bakeFile, 'utf8'));
-  } catch (error) {
+        setOutput(`bake-file-${outputName}`, bakeFile);
-    core.setFailed(error.message);
+      });
    }
    // Bake file with tags and labels
    setOutput(`bake-file`, `${meta.getBakeFileTagsLabels()}`);
  }
 );
 function setOutputAndEnv(name: string, value: string) {
  core.setOutput(name, value);
  core.exportVariable(`DOCKER_METADATA_OUTPUT_${name.replace(/\W/g, '_').toUpperCase()}`, value);
 }
-run();
+function outputEnvEnabled(): boolean {
  if (process.env.DOCKER_METADATA_SET_OUTPUT_ENV) {
    return Util.parseBool(process.env.DOCKER_METADATA_SET_OUTPUT_ENV);
  }
  return true;
 }
--- a/src/meta.ts
+++ b/src/meta.ts
@@ -1,16 +1,19 @@
 import * as handlebars from 'handlebars';
 import * as fs from 'fs';
 import * as path from 'path';
-import moment from 'moment';
+import moment from 'moment-timezone';
 import * as pep440 from '@renovate/pep440';
 import * as semver from 'semver';
-import {Inputs, tmpDir} from './context';
+import * as core from '@actions/core';
-import {ReposGetResponseData} from './github';
+import {Context as ToolkitContext} from '@docker/actions-toolkit/lib/context';
 import {GitHubRepo} from '@docker/actions-toolkit/lib/types/github';
 import {Inputs, Context} from './context';
 import * as icl from './image';
 import * as tcl from './tag';
 import * as fcl from './flavor';
-import * as core from '@actions/core';
+
-import {Context} from '@actions/github/lib/context';
+const defaultShortShaLength = 7;
 export interface Version {
  main: string | undefined;
@@ -23,29 +26,13 @@ export class Meta {
  private readonly inputs: Inputs;
  private readonly context: Context;
-  private readonly repo: ReposGetResponseData;
+  private readonly repo: GitHubRepo;
  private readonly images: icl.Image[];
  private readonly tags: tcl.Tag[];
  private readonly flavor: fcl.Flavor;
  private readonly date: Date;
-  constructor(inputs: Inputs, context: Context, repo: ReposGetResponseData) {
+  constructor(inputs: Inputs, context: Context, repo: GitHubRepo) {
    // Needs to override Git reference with pr ref instead of upstream branch ref
    // for pull_request_target event
    // https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
    if (/pull_request_target/.test(context.eventName)) {
      context.ref = `refs/pull/${context.payload.number}/merge`;
    }
    // DOCKER_METADATA_PR_HEAD_SHA env var can be used to set associated head
    // SHA instead of commit SHA that triggered the workflow on pull request
    // event.
    if (/true/i.test(process.env.DOCKER_METADATA_PR_HEAD_SHA || '')) {
      if ((/pull_request/.test(context.eventName) || /pull_request_target/.test(context.eventName)) && context.payload?.pull_request?.head?.sha != undefined) {
        context.sha = context.payload.pull_request.head.sha;
      }
    }
    this.inputs = inputs;
    this.context = context;
    this.repo = repo;
@@ -127,10 +114,36 @@ export class Meta {
    }
    const currentDate = this.date;
    const commitDate = this.context.commitDate;
    const vraw = this.setValue(
      handlebars.compile(tag.attrs['pattern'])({
-        date: function (format) {
+        date: function (format, options) {
-          return moment(currentDate).utc().format(format);
+          const m = moment(currentDate);
          let tz = 'UTC';
          Object.keys(options.hash).forEach(key => {
            switch (key) {
              case 'tz':
                tz = options.hash[key];
                break;
              default:
                throw new Error(`Unknown ${key} attribute`);
            }
          });
          return m.tz(tz).format(format);
        },
        commit_date: function (format, options) {
          const m = moment(commitDate);
          let tz = 'UTC';
          Object.keys(options.hash).forEach(key => {
            switch (key) {
              case 'tz':
                tz = options.hash[key];
                break;
              default:
                throw new Error(`Unknown ${key} attribute`);
            }
          });
          return m.tz(tz).format(format);
        }
      }),
      tag
@@ -157,7 +170,7 @@ export class Meta {
    let latest = false;
    const sver = semver.parse(vraw, {
-      includePrerelease: true
+      loose: true
    });
    if (semver.prerelease(vraw)) {
      if (Meta.isRawStatement(tag.attrs['pattern'])) {
@@ -310,7 +323,7 @@ export class Meta {
    let val = this.context.sha;
    if (tag.attrs['format'] === tcl.ShaFormat.Short) {
-      val = this.context.sha.substring(0, 7);
+      val = Meta.shortSha(this.context.sha);
    }
    const vraw = this.setValue(val, tag);
@@ -359,60 +372,86 @@ export class Meta {
    return val;
  }
-  private setGlobalExp(val): string {
+  private setGlobalExp(val: string): string {
-    const ctx = this.context;
+    const context = this.context;
    const currentDate = this.date;
    const commitDate = this.context.commitDate;
    return handlebars.compile(val)({
      branch: function () {
-        if (!/^refs\/heads\//.test(ctx.ref)) {
+        if (!/^refs\/heads\//.test(context.ref)) {
          return '';
        }
-        return ctx.ref.replace(/^refs\/heads\//g, '');
+        return context.ref.replace(/^refs\/heads\//g, '');
      },
      tag: function () {
-        if (!/^refs\/tags\//.test(ctx.ref)) {
+        if (!/^refs\/tags\//.test(context.ref)) {
          return '';
        }
-        return ctx.ref.replace(/^refs\/tags\//g, '');
+        return context.ref.replace(/^refs\/tags\//g, '');
      },
      sha: function () {
-        return ctx.sha.substring(0, 7);
+        return Meta.shortSha(context.sha);
      },
      base_ref: function () {
-        if (/^refs\/tags\//.test(ctx.ref) && ctx.payload?.base_ref != undefined) {
+        if (/^refs\/tags\//.test(context.ref) && context.payload?.base_ref != undefined) {
-          return ctx.payload.base_ref.replace(/^refs\/heads\//g, '');
+          return context.payload.base_ref.replace(/^refs\/heads\//g, '');
        }
        // FIXME: keep this for backward compatibility even if doesn't always seem
        //  to return the expected branch. See the comment below.
-        if (/^refs\/pull\//.test(ctx.ref) && ctx.payload?.pull_request?.base?.ref != undefined) {
+        if (/^refs\/pull\//.test(context.ref) && context.payload?.pull_request?.base?.ref != undefined) {
-          return ctx.payload.pull_request.base.ref;
+          return context.payload.pull_request.base.ref;
        }
        return '';
      },
      commit_date: function (format, options) {
        const m = moment(commitDate);
        let tz = 'UTC';
        Object.keys(options.hash).forEach(key => {
          switch (key) {
            case 'tz':
              tz = options.hash[key];
              break;
            default:
              throw new Error(`Unknown ${key} attribute`);
          }
        });
        return m.tz(tz).format(format);
      },
      is_default_branch: function () {
-        const branch = ctx.ref.replace(/^refs\/heads\//g, '');
+        const branch = context.ref.replace(/^refs\/heads\//g, '');
        // TODO: "base_ref" is available in the push payload but doesn't always seem to
        //  return the expected branch when the push tag event occurs. It's also not
        //  documented in GitHub docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push
        //  more context: https://github.com/docker/metadata-action/pull/192#discussion_r854673012
-        // if (/^refs\/tags\//.test(ctx.ref) && ctx.payload?.base_ref != undefined) {
+        // if (/^refs\/tags\//.test(context.ref) && context.payload?.base_ref != undefined) {
-        //   branch = ctx.payload.base_ref.replace(/^refs\/heads\//g, '');
+        //   branch = context.payload.base_ref.replace(/^refs\/heads\//g, '');
        // }
        if (branch == undefined || branch.length == 0) {
          return 'false';
        }
-        if (ctx.payload?.repository?.default_branch == branch) {
+        if (context.payload?.repository?.default_branch == branch) {
          return 'true';
        }
        // following events always trigger for last commit on default branch
        // https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
-        if (/create/.test(ctx.eventName) || /discussion/.test(ctx.eventName) || /issues/.test(ctx.eventName) || /schedule/.test(ctx.eventName)) {
+        if (/create/.test(context.eventName) || /discussion/.test(context.eventName) || /issues/.test(context.eventName) || /schedule/.test(context.eventName)) {
          return 'true';
        }
        return 'false';
      },
-      date: function (format) {
+      date: function (format, options) {
-        return moment(currentDate).utc().format(format);
+        const m = moment(currentDate);
        let tz = 'UTC';
        Object.keys(options.hash).forEach(key => {
          switch (key) {
            case 'tz':
              tz = options.hash[key];
              break;
            default:
              throw new Error(`Unknown ${key} attribute`);
          }
        });
        return m.tz(tz).format(format);
      }
    });
  }
@@ -432,22 +471,43 @@ export class Meta {
    if (!this.version.main) {
      return [];
    }
-    const tags: Array<string> = [];
+
-    for (const imageName of this.getImageNames()) {
+    const generateTags = (imageName: string, version: string): Array<string> => {
-      tags.push(`${imageName}:${this.version.main}`);
+      const tags: Array<string> = [];
      const prefix = imageName !== '' ? `${imageName}:` : '';
      tags.push(`${prefix}${version}`);
      for (const partial of this.version.partial) {
-        tags.push(`${imageName}:${partial}`);
+        tags.push(`${prefix}${partial}`);
      }
      if (this.version.latest) {
        const latestTag = `${this.flavor.prefixLatest ? this.flavor.prefix : ''}latest${this.flavor.suffixLatest ? this.flavor.suffix : ''}`;
-        tags.push(`${imageName}:${Meta.sanitizeTag(latestTag)}`);
+        tags.push(`${prefix}${Meta.sanitizeTag(latestTag)}`);
      }
      return tags;
    };
    const tags: Array<string> = [];
    const images = this.getImageNames();
    if (images.length > 0) {
      for (const imageName of images) {
        tags.push(...generateTags(imageName, this.version.main));
      }
    } else {
      tags.push(...generateTags('', this.version.main));
    }
    return tags;
  }
  public getLabels(): Array<string> {
-    const labels: Array<string> = [
+    return this.getOCIAnnotationsWithCustoms(this.inputs.labels);
  }
  public getAnnotations(): Array<string> {
    return this.getOCIAnnotationsWithCustoms(this.inputs.annotations);
  }
  private getOCIAnnotationsWithCustoms(extra: string[]): Array<string> {
    const res: Array<string> = [
      `org.opencontainers.image.title=${this.repo.name || ''}`,
      `org.opencontainers.image.description=${this.repo.description || ''}`,
      `org.opencontainers.image.url=${this.repo.html_url || ''}`,
@@ -457,11 +517,28 @@ export class Meta {
      `org.opencontainers.image.revision=${this.context.sha || ''}`,
      `org.opencontainers.image.licenses=${this.repo.license?.spdx_id || ''}`
    ];
-    labels.push(...this.inputs.labels);
+    extra.forEach(label => {
-    return labels;
+      res.push(this.setGlobalExp(label));
    });
    return Array.from(
      new Map<string, string>(
        res
          .map(label => label.split('='))
          // eslint-disable-next-line @typescript-eslint/no-unused-vars
          .filter(([_key, ...values]) => values.length > 0)
          .map(([key, ...values]) => [key, values.join('=')] as [string, string])
      )
    )
      .sort((a, b) => a[0].localeCompare(b[0]))
      .map(([key, value]) => `${key}=${value}`);
  }
-  public getJSON(): unknown {
+  public getJSON(alevels: string[]): unknown {
    const annotations: Array<string> = [];
    for (const level of alevels) {
      annotations.push(...this.getAnnotations().map(label => `${level}:${label}`));
    }
    return {
      tags: this.getTags(),
      labels: this.getLabels().reduce((res, label) => {
@@ -471,39 +548,74 @@ export class Meta {
        }
        res[matches[1]] = matches[2];
        return res;
-      }, {})
+      }, {}),
      annotations: annotations
    };
  }
-  public getBakeFile(): string {
+  public getBakeFile(kind: string): string {
-    const bakeFile = path.join(tmpDir(), 'docker-metadata-action-bake.json').split(path.sep).join(path.posix.sep);
+    if (kind == 'tags') {
-    fs.writeFileSync(
+      return this.generateBakeFile(
      bakeFile,
      JSON.stringify(
        {
-          target: {
+          tags: this.getTags(),
-            [this.inputs.bakeTarget]: {
+          args: {
-              tags: this.getTags(),
+            DOCKER_META_IMAGES: this.getImageNames().join(','),
-              labels: this.getLabels().reduce((res, label) => {
+            DOCKER_META_VERSION: this.version.main
                const matches = label.match(/([^=]*)=(.*)/);
                if (!matches) {
                  return res;
                }
                res[matches[1]] = matches[2];
                return res;
              }, {}),
              args: {
                DOCKER_META_IMAGES: this.getImageNames().join(','),
                DOCKER_META_VERSION: this.version.main
              }
            }
          }
        },
-        null,
+        kind
-        2
+      );
-      )
+    } else if (kind == 'labels') {
-    );
+      return this.generateBakeFile(
        {
          labels: this.getLabels().reduce((res, label) => {
            const matches = label.match(/([^=]*)=(.*)/);
            if (!matches) {
              return res;
            }
            res[matches[1]] = matches[2];
            return res;
          }, {})
        },
        kind
      );
    } else if (kind.startsWith('annotations:')) {
      const name = kind.split(':')[0];
      const annotations: Array<string> = [];
      for (const level of kind.split(':')[1].split(',')) {
        annotations.push(...this.getAnnotations().map(label => `${level}:${label}`));
      }
      return this.generateBakeFile(
        {
          annotations: annotations
        },
        name
      );
    }
    throw new Error(`Unknown bake file type: ${kind}`);
  }
  public getBakeFileTagsLabels(): string {
    return this.generateBakeFile({
      tags: this.getTags(),
      labels: this.getLabels().reduce((res, label) => {
        const matches = label.match(/([^=]*)=(.*)/);
        if (!matches) {
          return res;
        }
        res[matches[1]] = matches[2];
        return res;
      }, {}),
      args: {
        DOCKER_META_IMAGES: this.getImageNames().join(','),
        DOCKER_META_VERSION: this.version.main
      }
    });
  }
  private generateBakeFile(dt, suffix?: string): string {
    const bakeFile = path.join(ToolkitContext.tmpDir(), `docker-metadata-action-bake${suffix ? `-${suffix}` : ''}.json`);
    fs.writeFileSync(bakeFile, JSON.stringify({target: {[this.inputs.bakeTarget]: dt}}, null, 2));
    return bakeFile;
  }
@@ -514,4 +626,18 @@ export class Meta {
  private static sanitizeTag(tag: string): string {
    return tag.replace(/[^a-zA-Z0-9._-]+/g, '-');
  }
  private static shortSha(sha: string): string {
    let shortShaLength = defaultShortShaLength;
    if (process.env.DOCKER_METADATA_SHORT_SHA_LENGTH) {
      if (isNaN(Number(process.env.DOCKER_METADATA_SHORT_SHA_LENGTH))) {
        throw new Error(`DOCKER_METADATA_SHORT_SHA_LENGTH is not a valid number: ${process.env.DOCKER_METADATA_SHORT_SHA_LENGTH}`);
      }
      shortShaLength = Number(process.env.DOCKER_METADATA_SHORT_SHA_LENGTH);
    }
    if (shortShaLength >= sha.length) {
      return sha;
    }
    return sha.substring(0, shortShaLength);
  }
 }
--- a/src/tag.ts
+++ b/src/tag.ts
@@ -95,7 +95,7 @@ export function Parse(s: string): Tag {
  for (const field of fields) {
    const parts = field
      .toString()
-      .split('=')
+      .split(/(?<=^[^=]+?)=/)
      .map(item => item.trim());
    if (parts.length == 1) {
      tag.attrs['value'] = parts[0];
--- a/test/output.Dockerfile
+++ b/test/output.Dockerfile
@@ -0,0 +1,14 @@
 # syntax=docker/dockerfile:1
 FROM alpine
 RUN apk add --no-cache coreutils jq
 ARG DOCKER_METADATA_OUTPUT_VERSION
 ARG DOCKER_METADATA_OUTPUT_TAGS
 ARG DOCKER_METADATA_OUTPUT_LABELS
 ARG DOCKER_METADATA_OUTPUT_ANNOTATIONS
 ARG DOCKER_METADATA_OUTPUT_JSON
 RUN printenv DOCKER_METADATA_OUTPUT_VERSION
 RUN printenv DOCKER_METADATA_OUTPUT_TAGS
 RUN printenv DOCKER_METADATA_OUTPUT_LABELS
 RUN printenv DOCKER_METADATA_OUTPUT_ANNOTATIONS
 RUN printenv DOCKER_METADATA_OUTPUT_JSON
 RUN echo $DOCKER_METADATA_OUTPUT_JSON | jq
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -1,20 +1,22 @@
 {
  "compilerOptions": {
    "esModuleInterop": true,
    "target": "es6",
    "module": "commonjs",
    "strict": true,
    "newLine": "lf",
    "outDir": "./lib",
    "rootDir": "./src",
    "esModuleInterop": true,
    "forceConsistentCasingInFileNames": true,
    "strict": true,
    "noImplicitAny": false,
    "resolveJsonModule": true,
    "useUnknownInCatchVariables": false,
  },
  "exclude": [
    "./__mocks__/**/*",
    "./__tests__/**/*",
    "./lib/**/*",
    "node_modules",
    "**/*.test.ts",
    "jest.config.ts"
  ]
 }
--- a/yarn.lock
+++ b/yarn.lock
		`@@ -0,0 +1,3 @@`
							`# Code of conduct`

							`- [Moby community guidelines](https://github.com/moby/moby/blob/master/CONTRIBUTING.md#moby-community-guidelines)`