Skip to content

Commit 0c372be

Browse files
ci: bump the github-actions group across 1 directory with 9 updates
Bumps the github-actions group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.11` | `3.29.2` | | [python-semantic-release/python-semantic-release](https://github.com/python-semantic-release/python-semantic-release) | `9.21.0` | `10.2.0` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `5.3.1` | `6.3.1` | | [hynek/build-and-inspect-python-package](https://github.com/hynek/build-and-inspect-python-package) | `2.12.0` | `2.13.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.9` | `4.3.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.1` | `2.3.2` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.10.0` | `3.11.1` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.15.0` | `6.18.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.1` | `2.4.2` | Updates `github/codeql-action` from 3.28.11 to 3.29.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@6bb031a...181d5ee) Updates `python-semantic-release/python-semantic-release` from 9.21.0 to 10.2.0 - [Release notes](https://github.com/python-semantic-release/python-semantic-release/releases) - [Changelog](https://github.com/python-semantic-release/python-semantic-release/blob/master/CHANGELOG.rst) - [Commits](python-semantic-release/python-semantic-release@26bb37c...2896129) Updates `astral-sh/setup-uv` from 5.3.1 to 6.3.1 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@f94ec6b...bd01e18) Updates `hynek/build-and-inspect-python-package` from 2.12.0 to 2.13.0 - [Release notes](https://github.com/hynek/build-and-inspect-python-package/releases) - [Changelog](https://github.com/hynek/build-and-inspect-python-package/blob/main/CHANGELOG.md) - [Commits](hynek/build-and-inspect-python-package@b5076c3...c52c3a4) Updates `actions/download-artifact` from 4.1.9 to 4.3.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@cc20338...d3f86a1) Updates `softprops/action-gh-release` from 2.2.1 to 2.3.2 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@c95fe14...72f2c25) Updates `docker/setup-buildx-action` from 3.10.0 to 3.11.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@b5ca514...e468171) Updates `docker/build-push-action` from 6.15.0 to 6.18.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@471d1dc...2634353) Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...05b42c6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.29.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: python-semantic-release/python-semantic-release dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 6.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: hynek/build-and-inspect-python-package dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 2.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 3.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 6.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 9e456a0 commit 0c372be

6 files changed

Lines changed: 19 additions & 19 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@ jobs:
2121
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2222
# Ref: https://github.com/github/codeql-action
2323
- name: Initialize CodeQL
24-
uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
24+
uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
2525
with:
2626
languages: python
2727
- name: Perform CodeQL Analysis
28-
uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
28+
uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2

.github/workflows/main.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
fetch-depth: 0 # get all commits and tags
3434
token: ${{ secrets.SEMANTIC_RELEASE_TOKEN }}
3535
- name: Create semantic release
36-
uses: python-semantic-release/python-semantic-release@26bb37cfab71a5a372e3db0f48a6eac57519a4a6 # v9.21.0
36+
uses: python-semantic-release/python-semantic-release@2896129e02bb7809d2cf0c1b8e9e795ee27acbcf # v10.2.0
3737
with:
3838
# allows for python-semantic-release to push to protected main branch
3939
github_token: ${{ secrets.SEMANTIC_RELEASE_TOKEN }}

.github/workflows/pr.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3
3434
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3535
- name: Set up uv
36-
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1
36+
uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1
3737
with:
3838
python-version: '3.13'
3939
enable-cache: true

.github/workflows/publish.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
runs-on: ubuntu-24.04
2020
steps:
2121
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
22-
- uses: hynek/build-and-inspect-python-package@b5076c307dc91924a82ad150cdd1533b444d3310 # v2.12.0
22+
- uses: hynek/build-and-inspect-python-package@c52c3a4710070b50470d903818a7b25115dcd076 # v2.13.0
2323

2424
upload:
2525
name: Upload package distributions to GitHub Releases
@@ -31,12 +31,12 @@ jobs:
3131
contents: write
3232
steps:
3333
- name: Download package built by build job
34-
uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
34+
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
3535
with:
3636
name: Packages
3737
path: dist
3838
- name: Publish package distributions to GitHub Releases
39-
uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1
39+
uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
4040
with:
4141
files: dist/*
4242

@@ -50,7 +50,7 @@ jobs:
5050
id-token: write
5151
steps:
5252
- name: Download package built by build job
53-
uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
53+
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
5454
with:
5555
name: Packages
5656
path: dist
@@ -71,7 +71,7 @@ jobs:
7171
env:
7272
IMAGE_NAME: ${{ github.repository }}
7373
steps:
74-
- uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
74+
- uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
7575
- name: Login to GitHub Container Registry
7676
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
7777
with:
@@ -90,7 +90,7 @@ jobs:
9090
type=pep440,pattern={{major}}.{{minor}}
9191
- name: Build and push image to registry
9292
# Ref: https://github.com/docker/build-push-action?tab=readme-ov-file#customizing
93-
uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
93+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
9494
with:
9595
push: true
9696
build-args: VERSION=${{ github.event.release.name }}
@@ -114,7 +114,7 @@ jobs:
114114
with:
115115
fetch-depth: 0 # fetch all commits and branches
116116
- name: Set up uv
117-
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1
117+
uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1
118118
with:
119119
python-version: '3.13'
120120
enable-cache: true

.github/workflows/scorecards.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
persist-credentials: false
3131
# Ref: https://github.com/ossf/scorecard-action
3232
- name: Run scorecard analysis
33-
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
33+
uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
3434
with:
3535
results_file: results.sarif
3636
results_format: sarif
@@ -39,6 +39,6 @@ jobs:
3939

4040
# required for Code scanning alerts
4141
- name: Upload SARIF results to code scanning
42-
uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
42+
uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
4343
with:
4444
sarif_file: results.sarif

.github/workflows/test.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ jobs:
2727
uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3
2828
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2929
- name: Set up uv
30-
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1
30+
uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1
3131
with:
3232
python-version: ${{ matrix.python-version }}
3333
enable-cache: true
@@ -81,7 +81,7 @@ jobs:
8181
uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3
8282
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
8383
- name: Set up uv
84-
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1
84+
uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1
8585
with:
8686
python-version: '3.13'
8787
enable-cache: true
@@ -111,7 +111,7 @@ jobs:
111111
runs-on: ubuntu-24.04
112112
steps:
113113
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
114-
- uses: hynek/build-and-inspect-python-package@b5076c307dc91924a82ad150cdd1533b444d3310 # v2.12.0
114+
- uses: hynek/build-and-inspect-python-package@c52c3a4710070b50470d903818a7b25115dcd076 # v2.13.0
115115

116116
docker:
117117
name: Build and run the docker image
@@ -123,13 +123,13 @@ jobs:
123123
uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3
124124
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
125125
- name: Set up uv
126-
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1
126+
uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba # v6.3.1
127127
- name: Get package version
128128
id: package-version
129129
run: echo "version=$(just project-version)" >> $GITHUB_OUTPUT
130-
- uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
130+
- uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
131131
- name: Build and push
132-
uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
132+
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
133133
with:
134134
load: true
135135
tags: afuetterer/python-re3data:test

0 commit comments

Comments
 (0)