From 3e8c2476e0409a12d4832432e79229c4a6ba3e96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 15:33:33 +0000 Subject: [PATCH] Bump the gh-actions group with 5 updates Bumps the gh-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.0` | | [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) | `3.2.1` | `3.3.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.0.0` | `6.1.0` | | [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) | `0.9.2` | `0.9.3` | | [github/codeql-action](https://github.com/github/codeql-action) | `338146ca93283a2901a142d408241096146019b5` | `f0ac9bfbe331b3cc7be1482df79cca2865cb79b6` | Updates `actions/checkout` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3) Updates `pypa/cibuildwheel` from 3.2.1 to 3.3.0 - [Release notes](https://github.com/pypa/cibuildwheel/releases) - [Changelog](https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md) - [Commits](https://github.com/pypa/cibuildwheel/compare/9c00cb4f6b517705a3794b22395aedc36257242c...63fd63b352a9a8bdcc24791c9dbee952ee9a8abc) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548) Updates `prefix-dev/setup-pixi` from 0.9.2 to 0.9.3 - [Release notes](https://github.com/prefix-dev/setup-pixi/releases) - [Commits](https://github.com/prefix-dev/setup-pixi/compare/28eb668aafebd9dede9d97c4ba1cd9989a4d0004...82d477f15f3a381dbcc8adc1206ce643fe110fb7) Updates `github/codeql-action` from 338146ca93283a2901a142d408241096146019b5 to f0ac9bfbe331b3cc7be1482df79cca2865cb79b6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/338146ca93283a2901a142d408241096146019b5...f0ac9bfbe331b3cc7be1482df79cca2865cb79b6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: pypa/cibuildwheel dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions - dependency-name: prefix-dev/setup-pixi dependency-version: 0.9.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions - dependency-name: github/codeql-action dependency-version: f0ac9bfbe331b3cc7be1482df79cca2865cb79b6 dependency-type: direct:production dependency-group: gh-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build_wheels.yml | 8 ++++---- .github/workflows/ci.yml | 8 ++++---- .github/workflows/daily.yml | 4 ++-- .github/workflows/package.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build_wheels.yml b/.github/workflows/build_wheels.yml index 9c860973..aa6e4352 100644 --- a/.github/workflows/build_wheels.yml +++ b/.github/workflows/build_wheels.yml @@ -20,11 +20,11 @@ jobs: os: [ubuntu-22.04, ubuntu-22.04-arm, windows-2022, macos-13, macos-14] steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Set up micromamba uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 - name: Build wheels - uses: pypa/cibuildwheel@9c00cb4f6b517705a3794b22395aedc36257242c # v3.2.1 + uses: pypa/cibuildwheel@63fd63b352a9a8bdcc24791c9dbee952ee9a8abc # v3.3.0 - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: path: ./wheelhouse/*.whl @@ -34,8 +34,8 @@ jobs: name: Build source distribution runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 name: Install Python with: python-version: '3.11' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dc7ab7c9..9a145222 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,9 +20,9 @@ jobs: PRE_COMMIT_USE_MICROMAMBA: 1 steps: - name: Checkout branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Set up pixi - uses: prefix-dev/setup-pixi@28eb668aafebd9dede9d97c4ba1cd9989a4d0004 # v0.9.2 + uses: prefix-dev/setup-pixi@82d477f15f3a381dbcc8adc1206ce643fe110fb7 # v0.9.3 with: environments: lint default - name: pre-commit @@ -47,9 +47,9 @@ jobs: - { os: ubuntu-latest, environment: 'nightly' } steps: - name: Checkout branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Set up pixi - uses: prefix-dev/setup-pixi@28eb668aafebd9dede9d97c4ba1cd9989a4d0004 + uses: prefix-dev/setup-pixi@82d477f15f3a381dbcc8adc1206ce643fe110fb7 with: environments: ${{ matrix.environment }} - name: Update dependencies diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml index c3e5b753..fc4b15f2 100644 --- a/.github/workflows/daily.yml +++ b/.github/workflows/daily.yml @@ -23,9 +23,9 @@ jobs: NOTE: 'Python 3.13' # run once with normal dependencies steps: - name: Checkout branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Set up pixi - uses: prefix-dev/setup-pixi@28eb668aafebd9dede9d97c4ba1cd9989a4d0004 + uses: prefix-dev/setup-pixi@82d477f15f3a381dbcc8adc1206ce643fe110fb7 with: environments: ${{ matrix.environment }} - name: Update dependencies diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index d9515b05..8125d2e4 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -29,7 +29,7 @@ jobs: - { variant-file: win_64_numpy2python3.13.____cp313, target-platform: win-64, os: windows-latest, rattler-build-args: '' } steps: - name: Checkout branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 - name: Get git metadata diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0ed2eaeb..f8a81e39 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -35,7 +35,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false @@ -74,6 +74,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@338146ca93283a2901a142d408241096146019b5 # v3.28.15 + uses: github/codeql-action/upload-sarif@f0ac9bfbe331b3cc7be1482df79cca2865cb79b6 # v3.28.15 with: sarif_file: results.sarif