From f7f43f6bb73905f15305f4ca34f8c3cf3ffa336e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jul 2026 13:12:55 +0000 Subject: [PATCH] chore(actions): bump the github-actions-updates group across 1 directory with 12 updates Bumps the github-actions-updates group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.1` | `7.0.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.10.0` | `4.2.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.3.0` | `4.4.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.3.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `8` | | [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) | `2.8.0` | `2.9.0` | | [actions/github-script](https://github.com/actions/github-script) | `7.1.0` | `9.0.0` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3` | `8feb77b20aeb64366d106b08f2941287755c173b` | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `3.0.3` | `4.0.2` | | [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `2.2.3` | `4.1.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.8` | `3.0.1` | Updates `actions/checkout` from 4.3.1 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/34e114876b0b11c390a56381ad16ebd13914f8d5...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `docker/setup-buildx-action` from 3.10.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2...bb05f3f5519dd87d3ba754cc423b652a5edd6d2c) Updates `docker/login-action` from 3.3.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...af1e73f918a031802d376d3c8bbc3fe56130a9b0) Updates `actions/upload-artifact` from 4.6.2 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `actions/setup-python` from 5.6.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...ece7cb06caefa5fff74198d8649806c4678c61a1) Updates `actions/download-artifact` from 4 to 8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v8) Updates `lycheeverse/lychee-action` from 2.8.0 to 2.9.0 - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/8646ba30535128ac92d33dfc9133794bfdd9b411...e7477775783ea5526144ba13e8db5eec57747ce8) Updates `actions/github-script` from 7.1.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/f28e40c7f34bde8b3046d885e986cb6290c5673b...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `trufflesecurity/trufflehog` from 8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3 to 8feb77b20aeb64366d106b08f2941287755c173b - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3...8feb77b20aeb64366d106b08f2941287755c173b) Updates `dorny/paths-filter` from 3.0.3 to 4.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/d1c1ffe0248fe513906c8e24db8ea791d46f8590...7b450fff21473bca461d4b92ce414b9d0420d706) Updates `actions/attest-build-provenance` from 2.2.3 to 4.1.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/c074443f1aee8d4aeeae555aebba3282517141b2...0f67c3f4856b2e3261c31976d6725780e5e4c373) Updates `softprops/action-gh-release` from 2.0.8 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/c062e08bd532815e2082a85e87e3ef29c3e6d191...718ea10b132b3b2eba29c1007bb80653f286566b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: docker/setup-buildx-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: docker/login-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: lycheeverse/lychee-action dependency-version: 2.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: trufflesecurity/trufflehog dependency-version: 8feb77b20aeb64366d106b08f2941287755c173b dependency-type: direct:production dependency-group: github-actions-updates - dependency-name: dorny/paths-filter dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/attest-build-provenance dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/_build_container.yml | 6 +++--- .github/workflows/_build_package.yml | 4 ++-- .github/workflows/_docs.yml | 10 +++++----- .github/workflows/_link-check.yml | 4 ++-- .github/workflows/_pr_comment.yml | 2 +- .github/workflows/_quality.yml | 8 ++++---- .github/workflows/_security.yml | 8 ++++---- .github/workflows/_tests.yml | 8 ++++---- .github/workflows/development.yml | 4 ++-- .github/workflows/development_cleanup.yml | 4 ++-- .github/workflows/nightly.yml | 8 ++++---- .github/workflows/release.yml | 8 ++++---- 12 files changed, 37 insertions(+), 37 deletions(-) diff --git a/.github/workflows/_build_container.yml b/.github/workflows/_build_container.yml index f19770a..6551af2 100644 --- a/.github/workflows/_build_container.yml +++ b/.github/workflows/_build_container.yml @@ -48,12 +48,12 @@ jobs: image_tag: ${{ steps.build.outputs.image_tag }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3 + uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v3 - name: Log in to GitHub Container Registry if: ${{ inputs.push }} - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v3 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/_build_package.yml b/.github/workflows/_build_package.yml index 95c0944..d1177b1 100644 --- a/.github/workflows/_build_package.yml +++ b/.github/workflows/_build_package.yml @@ -41,7 +41,7 @@ jobs: metadata: ${{ steps.build.outputs.metadata }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: "Set up build toolchain" @@ -58,7 +58,7 @@ jobs: SHA=$(find dist/ -type f | sort | xargs sha256sum | sha256sum | awk '{print $1}') echo "metadata=${SHA}" >> "$GITHUB_OUTPUT" - name: Upload build artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: build-artifact-${{ inputs.build_type }}-${{ github.run_id }} path: dist/ diff --git a/.github/workflows/_docs.yml b/.github/workflows/_docs.yml index 7fa1cfa..82d0ff1 100644 --- a/.github/workflows/_docs.yml +++ b/.github/workflows/_docs.yml @@ -45,11 +45,11 @@ jobs: deployed_url: ${{ steps.dest.outputs.path }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.x" - name: Configure Git Credentials @@ -62,21 +62,21 @@ jobs: hatch run docs:mkdocs --version - name: Download unit test coverage if: ${{ inputs.include_coverage }} - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: pattern: coverage-report-unit-* path: docs/coverage/unit merge-multiple: true - name: Download integration test coverage if: ${{ inputs.include_coverage }} - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: pattern: coverage-report-integration-* path: docs/coverage/integration merge-multiple: true - name: Download e2e test coverage if: ${{ inputs.include_coverage }} - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: pattern: coverage-report-e2e-* path: docs/coverage/e2e diff --git a/.github/workflows/_link-check.yml b/.github/workflows/_link-check.yml index 2ea4ea3..ce1db07 100644 --- a/.github/workflows/_link-check.yml +++ b/.github/workflows/_link-check.yml @@ -36,9 +36,9 @@ jobs: report_content: ${{ steps.read-report.outputs.content }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run lychee link checker - uses: lycheeverse/lychee-action@8646ba30535128ac92d33dfc9133794bfdd9b411 # v2 + uses: lycheeverse/lychee-action@e7477775783ea5526144ba13e8db5eec57747ce8 # v2 id: lychee with: args: --verbose --no-progress --accept 200,206,301,302,429 --exclude-loopback --exclude diff --git a/.github/workflows/_pr_comment.yml b/.github/workflows/_pr_comment.yml index aa813ba..1d10476 100644 --- a/.github/workflows/_pr_comment.yml +++ b/.github/workflows/_pr_comment.yml @@ -29,7 +29,7 @@ jobs: - name: "Download PR Number Artifact" # Wait, how does it know the PR number? The `development.yml` needs to upload the PR number as an artifact # so this workflow can read it. Let's write the script to find the PR associated with the commit. - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: |- const workflowRun = context.payload.workflow_run; diff --git a/.github/workflows/_quality.yml b/.github/workflows/_quality.yml index 4fa5411..cd2454a 100644 --- a/.github/workflows/_quality.yml +++ b/.github/workflows/_quality.yml @@ -28,9 +28,9 @@ jobs: python-version: ${{ fromJson(inputs.python_versions) }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: "Set up Python ${{ matrix.python-version }}" - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} - name: "Install uv" @@ -49,9 +49,9 @@ jobs: python-version: ${{ fromJson(inputs.python_versions) }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: "Set up Python ${{ matrix.python-version }}" - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} - name: "Install uv" diff --git a/.github/workflows/_security.yml b/.github/workflows/_security.yml index e4c5404..f464f1a 100644 --- a/.github/workflows/_security.yml +++ b/.github/workflows/_security.yml @@ -18,11 +18,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Run TruffleHog - uses: trufflesecurity/trufflehog@8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3 # main + uses: trufflesecurity/trufflehog@8feb77b20aeb64366d106b08f2941287755c173b # main with: path: ./ dependency-audit: @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up toolchain run: pip install pip-audit hatch - name: Run dependency vulnerability scan @@ -40,7 +40,7 @@ jobs: pip-audit -r requirements.txt --output json -o audit.json - name: Upload SCA results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: sca-results-${{ github.run_id }} path: audit.json diff --git a/.github/workflows/_tests.yml b/.github/workflows/_tests.yml index 7e1592f..bdb204f 100644 --- a/.github/workflows/_tests.yml +++ b/.github/workflows/_tests.yml @@ -68,9 +68,9 @@ jobs: coverage_location: "coverage/" steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: "Set up Python ${{ matrix.python-version }}" - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} - name: "Install uv" @@ -105,7 +105,7 @@ jobs: fi - name: Upload test results if: ${{ inputs.publish_results }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: test-results-${{ matrix.test-config.level }}-py${{ matrix.python-version }}-${{ github.run_id }} @@ -114,7 +114,7 @@ jobs: if-no-files-found: warn - name: Upload coverage report if: ${{ inputs.publish_results && (inputs.generate_coverage == true || matrix.test-config.coverage == true) }} - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: coverage-report-${{ matrix.test-config.level }}-py${{ matrix.python-version }}-${{ github.run_id }} diff --git a/.github/workflows/development.yml b/.github/workflows/development.yml index f2c0680..dae5096 100644 --- a/.github/workflows/development.yml +++ b/.github/workflows/development.yml @@ -31,9 +31,9 @@ jobs: docs: ${{ steps.filter.outputs.docs }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Check for docs changes - uses: dorny/paths-filter@d1c1ffe0248fe513906c8e24db8ea791d46f8590 # v3 + uses: dorny/paths-filter@7b450fff21473bca461d4b92ce414b9d0420d706 # v4.0.2 id: filter with: filters: | diff --git a/.github/workflows/development_cleanup.yml b/.github/workflows/development_cleanup.yml index f28a465..069570c 100644 --- a/.github/workflows/development_cleanup.yml +++ b/.github/workflows/development_cleanup.yml @@ -22,11 +22,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.x" - name: Configure Git Credentials diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 5ae3f85..687d5d7 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -27,7 +27,7 @@ jobs: has_changes: ${{ steps.check.outputs.has_changes }} steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Check for recent commits @@ -113,14 +113,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Download build artifact - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v4 with: name: build-artifact-nightly-${{ github.run_id }} path: dist/ - name: Generate artifact attestations - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v1.5.1 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v1.5.1 with: subject-path: dist/* # - name: Publish to PyPI diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9fbb0e5..30f7405 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,14 +73,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Download build artifact - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v4 with: name: build-artifact-release-${{ github.run_id }} path: dist/ - name: Generate artifact attestations - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v1.5.1 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v1.5.1 with: subject-path: dist/* # - name: Publish to PyPI @@ -89,7 +89,7 @@ jobs: # packages-dir: dist/ - name: Create GitHub Release if: ${{ github.ref_type == 'tag' }} - uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1 with: files: dist/* generate_release_notes: true