From 900acc953360d5fa5b9b01263a7870815db70eea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Nov 2025 22:02:23 +0000 Subject: [PATCH] Bump the ci-dependencies group across 1 directory with 8 updates Bumps the ci-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `5.0.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.0.0` | | [CodSpeedHQ/action](https://github.com/codspeedhq/action) | `3.8.0` | `4.3.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.7.1` | `4.8.1` | | [darbiadev/.github](https://github.com/darbiadev/.github) | `15.0.0` | `15.1.0` | | [hynek/build-and-inspect-python-package](https://github.com/hynek/build-and-inspect-python-package) | `2.13.0` | `2.14.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `6.0.0` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.12.4` | `1.13.0` | Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) Updates `actions/setup-python` from 5.6.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...e797f83bcb11b83ae66e0230d6156d7c80228e7c) Updates `CodSpeedHQ/action` from 3.8.0 to 4.3.1 - [Release notes](https://github.com/codspeedhq/action/releases) - [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codspeedhq/action/compare/0b6e7a3d96c9d2a6057e7bcea6b45aaf2f7ce60b...4348f634fa7309fe23aac9502e88b999ec90a164) Updates `actions/dependency-review-action` from 4.7.1 to 4.8.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/da24556b548a50705dd671f47852072ea4c105d9...40c09b7dc99638e5ddb0bfd91c1673effc064d8a) Updates `darbiadev/.github` from 15.0.0 to 15.1.0 - [Release notes](https://github.com/darbiadev/.github/releases) - [Commits](https://github.com/darbiadev/.github/compare/91dda16028f109ac78016dd740206fd109740068...45471b560aceda922ebec22a20b72f0c29914cad) Updates `hynek/build-and-inspect-python-package` from 2.13.0 to 2.14.0 - [Release notes](https://github.com/hynek/build-and-inspect-python-package/releases) - [Changelog](https://github.com/hynek/build-and-inspect-python-package/blob/main/CHANGELOG.md) - [Commits](https://github.com/hynek/build-and-inspect-python-package/compare/c52c3a4710070b50470d903818a7b25115dcd076...efb823f52190ad02594531168b7a2d5790e66516) Updates `actions/download-artifact` from 4.3.0 to 6.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...018cc2cf5baa6db3ef3c5f8a56943fffe632ef53) Updates `pypa/gh-action-pypi-publish` from 1.12.4 to 1.13.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/76f52bc884231f62b9a034ebfe128415bbaabdfc...ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: CodSpeedHQ/action dependency-version: 4.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: darbiadev/.github dependency-version: 15.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: hynek/build-and-inspect-python-package dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: actions/download-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/codspeed.yaml | 6 +++--- .github/workflows/dependency-review.yaml | 4 ++-- .github/workflows/python-ci.yaml | 8 ++++---- .github/workflows/python-publish-pypi.yaml | 8 ++++---- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codspeed.yaml b/.github/workflows/codspeed.yaml index 9c6140f..2a339da 100644 --- a/.github/workflows/codspeed.yaml +++ b/.github/workflows/codspeed.yaml @@ -15,10 +15,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: 3.13 cache: pip @@ -30,7 +30,7 @@ jobs: - name: Install dependencies run: python -m pip install .[tests] - - uses: CodSpeedHQ/action@0b6e7a3d96c9d2a6057e7bcea6b45aaf2f7ce60b # v3.8.0 + - uses: CodSpeedHQ/action@4348f634fa7309fe23aac9502e88b999ec90a164 # v4.3.1 with: run: pytest tests/ --codspeed token: ${{ secrets.CODSPEED_TOKEN }} diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index f3382a8..6ce99ba 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -11,9 +11,9 @@ jobs: steps: - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 + uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 with: config-file: darbiadev/.github/.github/dependency-review-config.yaml@a5bf74504f1a843e026621c41517952fa3a09f81 diff --git a/.github/workflows/python-ci.yaml b/.github/workflows/python-ci.yaml index 9158b78..c5a8441 100644 --- a/.github/workflows/python-ci.yaml +++ b/.github/workflows/python-ci.yaml @@ -8,11 +8,11 @@ on: jobs: pre-commit: - uses: darbiadev/.github/.github/workflows/generic-precommit.yaml@91dda16028f109ac78016dd740206fd109740068 # v15.0.0 + uses: darbiadev/.github/.github/workflows/generic-precommit.yaml@45471b560aceda922ebec22a20b72f0c29914cad # v15.1.0 lint: needs: pre-commit - uses: darbiadev/.github/.github/workflows/python-lint.yaml@91dda16028f109ac78016dd740206fd109740068 # v15.0.0 + uses: darbiadev/.github/.github/workflows/python-lint.yaml@45471b560aceda922ebec22a20b72f0c29914cad # v15.1.0 test: needs: lint @@ -21,7 +21,7 @@ jobs: os: [ ubuntu-latest ] python-version: [ "3.9", "3.10", "3.11", "3.12", "3.13" ] - uses: darbiadev/.github/.github/workflows/python-test.yaml@91dda16028f109ac78016dd740206fd109740068 # v15.0.0 + uses: darbiadev/.github/.github/workflows/python-test.yaml@45471b560aceda922ebec22a20b72f0c29914cad # v15.1.0 with: os: ${{ matrix.os }} python-version: ${{ matrix.python-version }} @@ -33,4 +33,4 @@ jobs: pages: write id-token: write - uses: darbiadev/.github/.github/workflows/github-pages-python-sphinx.yaml@91dda16028f109ac78016dd740206fd109740068 # v15.0.0 + uses: darbiadev/.github/.github/workflows/github-pages-python-sphinx.yaml@45471b560aceda922ebec22a20b72f0c29914cad # v15.1.0 diff --git a/.github/workflows/python-publish-pypi.yaml b/.github/workflows/python-publish-pypi.yaml index b9f90b7..da78dc0 100644 --- a/.github/workflows/python-publish-pypi.yaml +++ b/.github/workflows/python-publish-pypi.yaml @@ -21,10 +21,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Build and inspect Python 🐍 package 📦 - uses: hynek/build-and-inspect-python-package@c52c3a4710070b50470d903818a7b25115dcd076 # v2.13.0 + uses: hynek/build-and-inspect-python-package@efb823f52190ad02594531168b7a2d5790e66516 # v2.14.0 with: attest-build-provenance-github: ${{ github.event.action == 'published' }} @@ -41,12 +41,12 @@ jobs: steps: - name: Download dists - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: Packages path: dist/ - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 with: print-hash: true