Commit 33f323e
authored
chore(deps): update workflows (#238)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[astral-sh/ruff-action](https://redirect.github.com/astral-sh/ruff-action)
| action | minor | `v4.0.0` → `v4.1.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | minor | `v4.36.2` → `v4.37.0` |
---
### Release Notes
<details>
<summary>astral-sh/ruff-action (astral-sh/ruff-action)</summary>
###
[`v4.1.0`](https://redirect.github.com/astral-sh/ruff-action/releases/tag/v4.1.0):
🌈 Skip Astral mirror and support uv.lock
[Compare
Source](https://redirect.github.com/astral-sh/ruff-action/compare/v4.0.0...v4.1.0)
##### Changes
Among some minor bugfixes this release adds the option to skip the
astral-sh mirror and download directly from GitHub releases. Useful if
the Astral mirror can't or shouldn't be used.
Also big thanks to
[@​somaz94](https://redirect.github.com/somaz94) for adding
support for reading the desired ruff version from `uv.lock`.
This works automatically if you haven't overridden the version discovery
by using the inputs `version` or `version-file`
##### 🐛 Bug fixes
- Fix wildcard src input
[@​eifinger](https://redirect.github.com/eifinger)
([#​368](https://redirect.github.com/astral-sh/ruff-action/issues/368))
##### 🚀 Enhancements
- Add option to skip Astral mirror downloads
[@​eifinger](https://redirect.github.com/eifinger)
([#​387](https://redirect.github.com/astral-sh/ruff-action/issues/387))
- feat: support uv.lock as version-file
[@​somaz94](https://redirect.github.com/somaz94)
([#​379](https://redirect.github.com/astral-sh/ruff-action/issues/379))
##### 🧰 Maintenance
- Add Dependabot rollup skill
[@​eifinger](https://redirect.github.com/eifinger)
([#​385](https://redirect.github.com/astral-sh/ruff-action/issues/385))
- chore: update known checksums for 0.15.20
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​383](https://redirect.github.com/astral-sh/ruff-action/issues/383))
- chore: update known checksums for 0.15.19
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​382](https://redirect.github.com/astral-sh/ruff-action/issues/382))
- chore: update known checksums for 0.15.18
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​381](https://redirect.github.com/astral-sh/ruff-action/issues/381))
- chore: update known checksums for 0.15.17
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​380](https://redirect.github.com/astral-sh/ruff-action/issues/380))
- chore: update known checksums for 0.15.16
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​378](https://redirect.github.com/astral-sh/ruff-action/issues/378))
- chore: update known checksums for 0.15.15
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​377](https://redirect.github.com/astral-sh/ruff-action/issues/377))
- chore: update known checksums for 0.15.14
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​376](https://redirect.github.com/astral-sh/ruff-action/issues/376))
- chore: update known checksums for 0.15.13
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​372](https://redirect.github.com/astral-sh/ruff-action/issues/372))
- Update the release process to match setup-uv
[@​zanieb](https://redirect.github.com/zanieb)
([#​364](https://redirect.github.com/astral-sh/ruff-action/issues/364))
- chore: update known checksums for 0.15.12
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​365](https://redirect.github.com/astral-sh/ruff-action/issues/365))
- chore: update known checksums for 0.15.11
@​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#​360](https://redirect.github.com/astral-sh/ruff-action/issues/360))
- Draft commitish releases
[@​eifinger](https://redirect.github.com/eifinger)
([#​359](https://redirect.github.com/astral-sh/ruff-action/issues/359))
##### 📚 Documentation
- Use v4.0.0 in README.md
[@​doctaphred](https://redirect.github.com/doctaphred)
([#​371](https://redirect.github.com/astral-sh/ruff-action/issues/371))
##### ⬆️ Dependency updates
- chore: roll up Dependabot updates
[@​eifinger](https://redirect.github.com/eifinger)
([#​386](https://redirect.github.com/astral-sh/ruff-action/issues/386))
- Bump zizmorcore/zizmor-action from 0.5.2 to 0.5.3
@​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot)
([#​356](https://redirect.github.com/astral-sh/ruff-action/issues/356))
</details>
<details>
<summary>github/codeql-action (github/codeql-action)</summary>
###
[`v4.37.0`](https://redirect.github.com/github/codeql-action/releases/tag/v4.37.0)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.36.3...v4.37.0)
- Update default CodeQL bundle version to
[2.26.0](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.26.0).
[#​3995](https://redirect.github.com/github/codeql-action/pull/3995)
- In addition to the existing input format, the `config-file` input for
the `codeql-action/init` step will soon support a new
`[owner/]repo[@​ref][:path]` format. All components except the
repository name are optional. If omitted, `owner` defaults to the same
owner as the repository the analysis is running for, `ref` to `main`,
and `path` to `.github/codeql-action.yaml`. Support for this format
ships in this version of the CodeQL Action, but will only be enabled
over the coming weeks.
[#​3973](https://redirect.github.com/github/codeql-action/pull/3973)
###
[`v4.36.3`](https://redirect.github.com/github/codeql-action/releases/tag/v4.36.3)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.36.2...v4.36.3)
No user facing changes.
</details>
---
### Configuration
📅 **Schedule**: (UTC)
- Branch creation
- At any time (no schedule defined)
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/DrupalSecurityTeam/drupal-advisory-database).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNDIuMiIsInVwZGF0ZWRJblZlciI6IjQzLjI0Mi4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>1 parent afaa204 commit 33f323e
2 files changed
Lines changed: 3 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
45 | 45 | | |
46 | 46 | | |
47 | 47 | | |
48 | | - | |
| 48 | + | |
49 | 49 | | |
50 | 50 | | |
51 | 51 | | |
52 | | - | |
| 52 | + | |
53 | 53 | | |
54 | 54 | | |
55 | 55 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
75 | 75 | | |
76 | 76 | | |
77 | 77 | | |
78 | | - | |
| 78 | + | |
79 | 79 | | |
80 | 80 | | |
0 commit comments