feat: Improve dependabot config and docker workflow

.github/dependabot.yml

@@ -1,7 +1,7 @@
 version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
+
+multi-ecosystem-groups:
+  dependencies:
     schedule:
       interval: "weekly"
       time: "06:00"
@@ -12,41 +12,19 @@ updates:
     open-pull-requests-limit: 5
     cooldown:
       default-days: 2
-    groups:
-      dependencies:
-        patterns:
-          - "*"
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    multi-ecosystem-group: "dependencies"
+    patterns: ["*"]
 
   - package-ecosystem: "docker"
     directory: "/"
-    schedule:
-      interval: "weekly"
-      time: "06:00"
-    commit-message:
-      prefix: "chore"
-    labels:
-      - "dependencies"
-    open-pull-requests-limit: 5
-    cooldown:
-      default-days: 2
-    groups:
-      dependencies:
-        patterns:
-          - "*"
+    multi-ecosystem-group: "dependencies"
+    patterns: ["*"]
 
   - package-ecosystem: "npm"
     directory: "/"
-    schedule:
-      interval: "weekly"
-      time: "06:00"
-    commit-message:
-      prefix: "chore"
-    labels:
-      - "dependencies"
-    open-pull-requests-limit: 5
-    cooldown:
-      default-days: 2
-    groups:
-      dependencies:
-        patterns:
-          - "*"
+    multi-ecosystem-group: "dependencies"
+    patterns: ["*"]

.github/workflows/docker.yml

@@ -7,7 +7,7 @@ on:
 
 env:
   REGISTRY: ghcr.io
-  IMAGE_PREFIX: ghcr.io/${{ github.repository_owner }}
+  IMAGE: ghcr.io/${{ github.repository }}
 
 jobs:
   build:
@@ -18,6 +18,7 @@ jobs:
       packages: write
       attestations: write
       id-token: write
+      artifact-metadata: write
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -39,11 +40,12 @@ jobs:
         id: meta
         uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
         with:
-          images: ${{ env.IMAGE_PREFIX }}/docs
+          images: ${{ env.IMAGE }}
           tags: |
             type=raw,value=latest
 
       - name: Build and push Docs image
+        id: build
         uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
         with:
           context: .
@@ -52,7 +54,15 @@ jobs:
           platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          annotations: ${{ steps.meta.outputs.annotations }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
-          provenance: true
+          provenance: mode=max
           sbom: true
+
+      - name: Attest image
+        uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
+        with:
+          subject-name: ${{ env.IMAGE }}
+          subject-digest: ${{ steps.build.outputs.digest }}
+          push-to-registry: true

.github/workflows/quality.yml

@@ -14,10 +14,10 @@ jobs:
       - name: Checkout repository ⬇️
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
-      - name: Use Node.js 24.x ⚙️
+      - name: Use Node.js 25.x ⚙️
         uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
-          node-version: 24.x
+          node-version: 25.x
           cache: "npm"
 
       - name: Setup Aikido Safe Chain