From 172947f9be8cabbd893a351f970d53d6c830411f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 07:35:17 +0000 Subject: [PATCH] Bump the github-action-dependencies group across 1 directory with 3 updates Bumps the github-action-dependencies group with 3 updates in the / directory: [actions/setup-python](https://github.com/actions/setup-python), [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [SonarSource/sonarcloud-github-action](https://github.com/sonarsource/sonarcloud-github-action). Updates `actions/setup-python` from 5.1.0 to 5.1.1 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.1.0...v5.1.1) Updates `pypa/gh-action-pypi-publish` from 1.8.14 to 1.9.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.14...v1.9.0) Updates `SonarSource/sonarcloud-github-action` from 2.1.1 to 2.3.0 - [Release notes](https://github.com/sonarsource/sonarcloud-github-action/releases) - [Commits](https://github.com/sonarsource/sonarcloud-github-action/compare/v2.1.1...v2.3.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: SonarSource/sonarcloud-github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/docs.yml | 2 +- .github/workflows/release.yml | 6 +++--- .github/workflows/tests.yml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 8db85e7..17ace22 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -34,7 +34,7 @@ jobs: poetry --version - name: Set up Python - uses: actions/setup-python@v5.1.0 + uses: actions/setup-python@v5.1.1 with: python-version: "3.11" cache: "poetry" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3bd5385..b157942 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: fetch-depth: 2 - name: Set up Python - uses: actions/setup-python@v5.1.0 + uses: actions/setup-python@v5.1.1 with: python-version: "3.11" @@ -61,11 +61,11 @@ jobs: - name: Publish package on PyPI if: steps.check-version.outputs.tag - uses: pypa/gh-action-pypi-publish@v1.8.14 + uses: pypa/gh-action-pypi-publish@v1.9.0 - name: Publish package on TestPyPI if: (!steps.check-version.outputs.tag) - uses: pypa/gh-action-pypi-publish@v1.8.14 + uses: pypa/gh-action-pypi-publish@v1.9.0 with: repository-url: https://test.pypi.org/legacy/ diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index cef69dc..519ef15 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -37,7 +37,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python }} - uses: actions/setup-python@v5.1.0 + uses: actions/setup-python@v5.1.1 with: python-version: ${{ matrix.python }} @@ -119,7 +119,7 @@ jobs: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up Python - uses: actions/setup-python@v5.1.0 + uses: actions/setup-python@v5.1.1 with: python-version: "3.11" @@ -166,4 +166,4 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # No need to run SonarCloud analysis if dependabot update or token not defined if: env.SONAR_TOKEN != '' && (github.actor != 'dependabot[bot]') - uses: SonarSource/sonarcloud-github-action@v2.1.1 + uses: SonarSource/sonarcloud-github-action@v2.3.0