Skip to content

Commit 63b53bb

Browse files
authored
chore(deps): Update dependencies for github (#546)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | patch | `v6.0.2` → `v6.0.3` | | [astral-sh/setup-uv](https://redirect.github.com/astral-sh/setup-uv) | action | minor | `v8.1.0` → `v8.2.0` | | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | minor | `v4.35.4` → `v4.36.2` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.3`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v603) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.2...v6.0.3) - Fix checkout init for SHA-256 repositories by [@&#8203;yaananth](https://redirect.github.com/yaananth) in [#&#8203;2439](https://redirect.github.com/actions/checkout/pull/2439) - fix: expand merge commit SHA regex and add SHA-256 test cases by [@&#8203;yaananth](https://redirect.github.com/yaananth) in [#&#8203;2414](https://redirect.github.com/actions/checkout/pull/2414) </details> <details> <summary>astral-sh/setup-uv (astral-sh/setup-uv)</summary> ### [`v8.2.0`](https://redirect.github.com/astral-sh/setup-uv/compare/v8.1.0...v8.2.0) [Compare Source](https://redirect.github.com/astral-sh/setup-uv/compare/v8.1.0...v8.2.0) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.36.2`](https://redirect.github.com/github/codeql-action/compare/v4.36.1...v4.36.2) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.36.1...v4.36.2) ### [`v4.36.1`](https://redirect.github.com/github/codeql-action/compare/v4.36.0...v4.36.1) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.36.0...v4.36.1) ### [`v4.36.0`](https://redirect.github.com/github/codeql-action/releases/tag/v4.36.0) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.35.5...v4.36.0) - *Breaking change*: Bump the minimum required CodeQL bundle version to 2.19.4. [#&#8203;3894](https://redirect.github.com/github/codeql-action/pull/3894) - Add support for SHA-256 Git object IDs. [#&#8203;3893](https://redirect.github.com/github/codeql-action/pull/3893) - Update default CodeQL bundle version to [2.25.5](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5). [#&#8203;3926](https://redirect.github.com/github/codeql-action/pull/3926) ### [`v4.35.5`](https://redirect.github.com/github/codeql-action/releases/tag/v4.35.5) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.35.4...v4.35.5) - We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. [#&#8203;3899](https://redirect.github.com/github/codeql-action/pull/3899) - For performance and accuracy reasons, [improved incremental analysis](https://redirect.github.com/github/roadmap/issues/1158) will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. [#&#8203;3791](https://redirect.github.com/github/codeql-action/pull/3791) - If multiple inputs are provided for the GitHub-internal `analysis-kinds` input, only `code-scanning` will be enabled. The `analysis-kinds` input is experimental, for GitHub-internal use only, and may change without notice at any time. [#&#8203;3892](https://redirect.github.com/github/codeql-action/pull/3892) - Added an experimental change which, when running a Code Scanning analysis for a PR with [improved incremental analysis](https://redirect.github.com/github/roadmap/issues/1158) enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. [#&#8203;3880](https://redirect.github.com/github/codeql-action/pull/3880) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/GoogleCloudPlatform/alloydb-python-connector). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzkuMyIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
1 parent c7d3990 commit 63b53bb

6 files changed

Lines changed: 15 additions & 15 deletions

File tree

.github/workflows/codeql.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,23 +42,23 @@ jobs:
4242

4343
steps:
4444
- name: Checkout repository
45-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
45+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
4646
with:
4747
ref: ${{ github.event.pull_request.head.sha }}
4848
repository: ${{ github.event.pull_request.head.repo.full_name }}
4949

5050
# Initializes the CodeQL tools for scanning.
5151
- name: Initialize CodeQL
52-
uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
52+
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
5353
with:
5454
languages: ${{ matrix.language }}
5555

5656
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
5757
# If this step fails, then you should remove it and run the build manually
5858
- name: Autobuild
59-
uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
59+
uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
6060

6161
- name: Perform CodeQL Analysis
62-
uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
62+
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
6363
with:
6464
category: "/language:${{matrix.language}}"

.github/workflows/coverage.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,10 +34,10 @@ jobs:
3434
python-version: "3.14"
3535

3636
- name: Install uv
37-
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
37+
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
3838

3939
- name: Checkout PR branch
40-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
40+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
4141
with:
4242
ref: ${{ github.event.pull_request.head.sha }}
4343
repository: ${{ github.event.pull_request.head.repo.full_name }}

.github/workflows/labels.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ jobs:
2828
issues: write
2929
pull-requests: write
3030
steps:
31-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
31+
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
3232
- uses: micnncim/action-label-syncer@3abd5ab72fda571e69fffd97bd4e0033dd5f495c # v1.3.0
3333
env:
3434
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/lint.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,10 @@ jobs:
3535
python-version: "3.14"
3636

3737
- name: Install uv
38-
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
38+
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
3939

4040
- name: Checkout code
41-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
41+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
4242
with:
4343
ref: ${{ github.event.pull_request.head.sha }}
4444
repository: ${{ github.event.pull_request.head.repo.full_name }}

.github/workflows/scorecard.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535

3636
steps:
3737
- name: "Checkout code"
38-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
38+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
3939
with:
4040
persist-credentials: false
4141

@@ -65,6 +65,6 @@ jobs:
6565

6666
# Upload the results to GitHub's code scanning dashboard.
6767
- name: "Upload to code-scanning"
68-
uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
68+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
6969
with:
7070
sarif_file: resultsFiltered.sarif

.github/workflows/tests.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
fail-fast: false
4343
steps:
4444
- name: Checkout code
45-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
45+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
4646
with:
4747
ref: ${{ github.event.pull_request.head.sha }}
4848
repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -53,7 +53,7 @@ jobs:
5353
python-version: ${{ matrix.python-version }}
5454

5555
- name: Install uv
56-
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
56+
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
5757

5858
- id: 'auth'
5959
name: Authenticate to Google Cloud
@@ -109,7 +109,7 @@ jobs:
109109
pull-requests: write
110110
steps:
111111
- name: Checkout code
112-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
112+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
113113
with:
114114
ref: ${{ github.event.pull_request.head.sha }}
115115
repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -120,7 +120,7 @@ jobs:
120120
python-version: ${{ matrix.python-version }}
121121

122122
- name: Install uv
123-
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
123+
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
124124

125125
- id: 'auth'
126126
name: 'Authenticate to Google Cloud'

0 commit comments

Comments
 (0)