Bump the github-actions group with 7 updates#3598
Conversation
Bumps the github-actions group with 7 updates: | Package | From | To | | --- | --- | --- | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `8.2.0` | `8.3.2` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.36.3` | `4.37.0` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.36.3` | `4.37.0` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.36.3` | `4.37.0` | | [CodSpeedHQ/action](https://github.com/codspeedhq/action) | `4.18.1` | `4.18.4` | | [docker/login-action](https://github.com/docker/login-action) | `4.3.0` | `4.4.0` | | [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.163` | `1.0.169` | Updates `astral-sh/setup-uv` from 8.2.0 to 8.3.2 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@fac544c...11f9893) Updates `github/codeql-action/init` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) Updates `github/codeql-action/autobuild` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) Updates `github/codeql-action/analyze` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) Updates `CodSpeedHQ/action` from 4.18.1 to 4.18.4 - [Release notes](https://github.com/codspeedhq/action/releases) - [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md) - [Commits](CodSpeedHQ/action@a4a36bb...9f3a37e) Updates `docker/login-action` from 4.3.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c99871d...af1e73f) Updates `anthropics/claude-code-action` from 1.0.163 to 1.0.169 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](anthropics/claude-code-action@769e3bd...37b464c) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 8.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/autobuild dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: CodSpeedHQ/action dependency-version: 4.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: anthropics/claude-code-action dependency-version: 1.0.169 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
Merging this PR will degrade performance by 14.19%
|
| Mode | Benchmark | BASE |
HEAD |
Efficiency | |
|---|---|---|---|---|---|
| ❌ | WallTime | test_perf_large_models_pydantic_v2 |
2.6 s | 3.1 s | -17.35% |
| ❌ | WallTime | test_perf_duplicate_names |
757.7 ms | 901.5 ms | -15.95% |
| ❌ | WallTime | test_perf_graphql_style_pydantic_v2 |
576.8 ms | 678.1 ms | -14.94% |
| ❌ | WallTime | test_perf_large_models_pydantic_v2_builtin |
661.1 ms | 776 ms | -14.81% |
| ❌ | WallTime | test_perf_all_options_enabled |
3.9 s | 4.5 s | -14.54% |
| ❌ | WallTime | test_perf_complex_refs |
1.4 s | 1.7 s | -14.49% |
| ❌ | WallTime | test_perf_deep_nested |
3.7 s | 4.4 s | -14.36% |
| ❌ | WallTime | test_perf_multiple_files_input |
2.5 s | 2.9 s | -13.53% |
| ❌ | WallTime | test_perf_stripe_style_pydantic_v2 |
1.5 s | 1.7 s | -13.35% |
| ❌ | WallTime | test_perf_openapi_large |
2.2 s | 2.6 s | -13.35% |
| ❌ | WallTime | test_perf_aws_style_openapi_pydantic_v2 |
1.4 s | 1.7 s | -13.03% |
| ❌ | WallTime | test_perf_kubernetes_style_pydantic_v2 |
1.9 s | 2.2 s | -13.03% |
| ❌ | WallTime | test_perf_large_models_pydantic_v2_noformat |
634.9 ms | 717.9 ms | -11.55% |
Tip
Investigate this regression by commenting @codspeedbot fix this regression on this PR, or directly use the CodSpeed MCP with your agent.
Comparing dependabot/github_actions/github-actions-80b80042a5 (43c50fa) with main (01303c3)
Footnotes
-
98 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3598 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 164 164
Lines 35325 35325
Branches 4078 4078
=========================================
Hits 35325 35325
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Bumps the github-actions group with 7 updates:
8.2.08.3.24.36.34.37.04.36.34.37.04.36.34.37.04.18.14.18.44.3.04.4.01.0.1631.0.169Updates
astral-sh/setup-uvfrom 8.2.0 to 8.3.2Commits
11f9893chore: roll up Dependabot updates (#948)f798556docs: update version references to v8.3.1 (#946)e80544dchore: update known checksums for 0.11.28 (#947)f98e069Change update-docs PR labels from 'update-docs' to 'documentation' (#945)cd46263chore: update known checksums for 0.11.27 (#944)11245c7docs: update version references to v8.3.0 (#939)d31148dStrip environment markers from detected uv dependency pins (#938)17c3989Fix cache keys for Python version ranges (#937)3cc3c11chore(deps): roll up Dependabot updates (#936)9225f84chore(deps): bump release-drafter/release-drafter from 7.3.1 to 7.4.0 (#924)Updates
github/codeql-action/initfrom 4.36.3 to 4.37.0Release notes
Sourced from github/codeql-action/init's releases.
Changelog
Sourced from github/codeql-action/init's changelog.
... (truncated)
Commits
99df26dMerge pull request #3996 from github/update-v4.37.0-c7c896d7131c2707Add changenote for #397372df218Update changelog for v4.37.0c7c896dMerge pull request #3995 from github/update-bundle/codeql-bundle-v2.26.03f34ff0Add changelog note43bec09Update default bundle to codeql-bundle-v2.26.0f58f0d1Merge pull request #3973 from github/mbg/repo-props/config-file-shorthands7dc37cbMerge remote-tracking branch 'origin/main' into mbg/repo-props/config-file-sh...8e22350ThreadActionStatetoinitConfig69c9e8cMark somestatus-reportimports astype-only to avoid circular dependenciesUpdates
github/codeql-action/autobuildfrom 4.36.3 to 4.37.0Release notes
Sourced from github/codeql-action/autobuild's releases.
Changelog
Sourced from github/codeql-action/autobuild's changelog.
... (truncated)
Commits
99df26dMerge pull request #3996 from github/update-v4.37.0-c7c896d7131c2707Add changenote for #397372df218Update changelog for v4.37.0c7c896dMerge pull request #3995 from github/update-bundle/codeql-bundle-v2.26.03f34ff0Add changelog note43bec09Update default bundle to codeql-bundle-v2.26.0f58f0d1Merge pull request #3973 from github/mbg/repo-props/config-file-shorthands7dc37cbMerge remote-tracking branch 'origin/main' into mbg/repo-props/config-file-sh...8e22350ThreadActionStatetoinitConfig69c9e8cMark somestatus-reportimports astype-only to avoid circular dependenciesUpdates
github/codeql-action/analyzefrom 4.36.3 to 4.37.0Release notes
Sourced from github/codeql-action/analyze's releases.
Changelog
Sourced from github/codeql-action/analyze's changelog.
... (truncated)
Commits
99df26dMerge pull request #3996 from github/update-v4.37.0-c7c896d7131c2707Add changenote for #397372df218Update changelog for v4.37.0c7c896dMerge pull request #3995 from github/update-bundle/codeql-bundle-v2.26.03f34ff0Add changelog note43bec09Update default bundle to codeql-bundle-v2.26.0f58f0d1Merge pull request #3973 from github/mbg/repo-props/config-file-shorthands7dc37cbMerge remote-tracking branch 'origin/main' into mbg/repo-props/config-file-sh...8e22350ThreadActionStatetoinitConfig69c9e8cMark somestatus-reportimports astype-only to avoid circular dependenciesUpdates
CodSpeedHQ/actionfrom 4.18.1 to 4.18.4Release notes
Sourced from CodSpeedHQ/action's releases.
Commits
9f3a37eRelease v4.18.4 🚀bf19f56fix: use correct 4.18.3 runner hasheea1367Release v4.18.3 🚀183fe0fchore: bump runner version to 4.18.3 (#220)4e96933Release v4.18.2 🚀9de6ea2chore: bump runner version to 4.18.2 (#219)Updates
docker/login-actionfrom 4.3.0 to 4.4.0Release notes
Sourced from docker/login-action's releases.
Commits
af1e73fMerge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...da722bd[dependabot skip] chore: update generated content2916ad6build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...ca0a662Merge pull request #1035 from crazy-max/fix-registry-auth-empty-maskc455755chore: update generated content4835190skip empty registry-auth secret mask992421cMerge pull request #1033 from docker/dependabot/github_actions/docker/bake-ac...b249b43Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-ac...1b67977build(deps): bump docker/bake-action from 7.2.0 to 7.3.09d49d6abuild(deps): bump docker/bake-action/subaction/matrixUpdates
anthropics/claude-code-actionfrom 1.0.163 to 1.0.169Release notes
Sourced from anthropics/claude-code-action's releases.
Commits
37b464cchore: bump Claude Code to 2.1.205 and Agent SDK to 0.3.205ba0aafdchore: bump Claude Code to 2.1.204 and Agent SDK to 0.3.2040fe28cdchore: bump Claude Code to 2.1.203 and Agent SDK to 0.3.203f87768cchore: bump Claude Code to 2.1.202 and Agent SDK to 0.3.20258a2944chore: fix prettier formatting (#1463)beb753efix: propagate curl failures in install pipeline (#1241)235b39bfix: preserve repeated add-dir flags in claude args (#1256)d060ddcfix(restore): handle symlinked CLAUDE.md paths during config snapshot (#1441)0f07aeeUse modern noreply email for co-author trailers (#1369)a221ad2Drop buffered inline comment when it is posted live (#1405) (#1412)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions