Bump actions/setup-python from 6 to 6.2.0

[dependabot]

Bumps actions/setup-python from 6 to 6.2.0.

Release notes

Sourced from actions/setup-python's releases.

v6.2.0

What's Changed

Dependency Upgrades

• Upgrade dependencies to Node 24 compatible versions by @​salmanmkc in actions/setup-python#1259
• Upgrade urllib3 from 2.5.0 to 2.6.3 in /__tests__/data by @​dependabot in actions/setup-python#1253 and actions/setup-python#1264

Full Changelog: actions/setup-python@v6...v6.2.0

v6.1.0

What's Changed

Enhancements:

• Add support for pip-install input by @​gowridurgad in actions/setup-python#1201
• Add graalpy early-access and windows builds by @​timfel in actions/setup-python#880

Dependency and Documentation updates:

• Enhanced wording and updated example usage for allow-prereleases by @​yarikoptic in actions/setup-python#979
• Upgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by @​dependabot in actions/setup-python#1139
• Upgrade typescript from 5.4.2 to 5.9.3 and Documentation update by @​dependabot in actions/setup-python#1094
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pip-install input by @​dependabot in actions/setup-python#1199
• Upgrade requests from 2.32.2 to 2.32.4 by @​dependabot in actions/setup-python#1130
• Upgrade prettier from 3.5.3 to 3.6.2 by @​dependabot in actions/setup-python#1234
• Upgrade @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by @​dependabot in actions/setup-python#1235

New Contributors

• @​yarikoptic made their first contribution in actions/setup-python#979

Full Changelog: actions/setup-python@v6...v6.1.0

Commits

• 03bb615 Bump idna from 2.9 to 3.7 in /tests/data (#843)
• 36da51d Add version parsing from Pipfile (#1067)
• 3c6f142 update documentation (#1156)
• 88ffd4d Include python version in PyPy python-version output (#1110)
• 532b046 Add Architecture-Specific PATH Management for Python with --user Flag on Wind...
• 1264885 Enhance cache-dependency-path handling to support files outside the workspace...
• e9c40fb Add support for pip-version (#1129)
• 5fa0ee6 Bump @​actions/tool-cache from 2.0.1 to 2.0.2 (#1095)
• 5db1cf9 Enhance reading from .python-version (#787)
• a26af69 Bump ts-jest from 29.1.2 to 29.3.2 (#1081)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

[github-actions]

🤖 Claude Code Review

Here is the complete code review for this PR:

---

Code Review: Bump actions/setup-python from v6 to v6.2.0

Code Quality

✅ Code follows style guide — These are CI workflow YAML files; the change is a single-line version pin in each file, consistent with the existing formatting style.

✅ No commented-out code — No commented code introduced.

✅ Meaningful variable names — N/A; no new variables.

✅ DRY principle followed — The same pin (@v6.2.0) is applied uniformly across all 7 affected workflows. All workflows in the repo that reference setup-python have been updated — no stragglers.

✅ No defects identified — Pinning to a specific minor version (v6.2.0) is more precise than v6 and reduces supply-chain risk by locking to a known-good release. No logic errors or edge cases apply here.

✅ Project CLAUDE.md considered — The build-resources/.claude/CLAUDE.md is a guidance file for the build-resources sub-repo, not the project root. No root-level .claude/CLAUDE.md exists, which is fine. The CLAUDE.md content is general and not environment-specific.

---

Testing

✅ No unit/integration tests required — This change is purely a CI dependency version bump with no logic changes. Test coverage requirements do not apply.

---

Documentation

✅ README updated — No README changes needed for a CI action version bump.

✅ API docs — N/A.

✅ Inline comments — N/A.

❌ CHANGELOG.md not updated — The diff does not include an update to CHANGELOG.md. Per project standards, all changes should be documented. A dependency bump entry should be added, e.g.:

### Changed
- Bump `actions/setup-python` from `v6` to `v6.2.0` in CI workflows.

✅ Markdown formatting — No Markdown files were modified.

---

Security

✅ No hardcoded credentials — None present.

✅ Input validation — N/A for CI config changes.

✅ Proper error handling — N/A.

✅ No sensitive data in logs — N/A.

✅ No .lic files or AQAAAD strings — None found in the diff or repo.

---

Summary

Category	Status
Code Quality	✅
Testing	✅
Documentation	❌ CHANGELOG.md not updated
Security	✅

One required change: Add an entry to CHANGELOG.md documenting the actions/setup-python version bump from v6 to v6.2.0.

Automated code review analyzing defects and coding standards