From b52617cb79697c6243037dbf3c5a04a849ad3f86 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Oct 2024 08:50:46 +0000 Subject: [PATCH] Bump the github-actions group with 4 updates Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [hynek/build-and-inspect-python-package](https://github.com/hynek/build-and-inspect-python-package), [github/codeql-action](https://github.com/github/codeql-action) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request). Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.7...v4.2.0) Updates `hynek/build-and-inspect-python-package` from 2.8.0 to 2.9.0 - [Release notes](https://github.com/hynek/build-and-inspect-python-package/releases) - [Changelog](https://github.com/hynek/build-and-inspect-python-package/blob/main/CHANGELOG.md) - [Commits](https://github.com/hynek/build-and-inspect-python-package/compare/v2.8.0...v2.9.0) Updates `github/codeql-action` from 3.26.6 to 3.26.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3.26.6...v3.26.10) Updates `peter-evans/create-pull-request` from 6.1.0 to 7.0.5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v6.1.0...v7.0.5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: hynek/build-and-inspect-python-package dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/pre-commit-update.yml | 6 +++--- .github/workflows/test.yml | 2 +- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4db19ba77..76e345baf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,7 +50,7 @@ jobs: echo "qbittorrent-password=${{ env.QBITTORRENTAPI_PASSWORD }}" | tee -a ${GITHUB_OUTPUT} - name: Checkout Repo - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 - name: Set up Python ${{ env.LATEST_PYTHON_VER }} uses: actions/setup-python@v5.2.0 @@ -78,12 +78,12 @@ jobs: attestations: write steps: - name: Checkout Repo - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 with: fetch-depth: 0 # Fetch all refs so setuptools_scm can generate the correct version number - name: Build & Upload Package - uses: hynek/build-and-inspect-python-package@v2.8.0 + uses: hynek/build-and-inspect-python-package@v2.9.0 with: attest-build-provenance-github: ${{ inputs.attest }} @@ -146,7 +146,7 @@ jobs: runs-on: ubuntu-latest needs: [ Tests-qBittorrent, Tests-Python ] steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.0 with: fetch-depth: 0 @@ -201,7 +201,7 @@ jobs: os: [ ubuntu-latest, windows-latest, macos-latest ] steps: - name: Checkout Repo - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 - name: Set up Python ${{ env.LATEST_PYTHON_VER }} uses: actions/setup-python@v5.2.0 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 544010bb2..811a17778 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -21,17 +21,17 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 - name: Initialize CodeQL - uses: github/codeql-action/init@v3.26.6 + uses: github/codeql-action/init@v3.26.10 with: languages: python - name: Autobuild - uses: github/codeql-action/autobuild@v3.26.6 + uses: github/codeql-action/autobuild@v3.26.10 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.26.6 + uses: github/codeql-action/analyze@v3.26.10 with: category: /language:python diff --git a/.github/workflows/pre-commit-update.yml b/.github/workflows/pre-commit-update.yml index 3f23f6136..e2c38dca3 100644 --- a/.github/workflows/pre-commit-update.yml +++ b/.github/workflows/pre-commit-update.yml @@ -30,7 +30,7 @@ jobs: hook-repos: ${{ steps.hooks.outputs.repos }} steps: - name: Checkout Repo - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 - name: Get Pre-commit Hooks id: hooks @@ -50,7 +50,7 @@ jobs: hook-repo: ${{ fromJson(needs.pre-commit-hooks.outputs.hook-repos) }} steps: - name: Checkout - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 with: fetch-depth: 1 token: ${{ secrets.PAT }} @@ -94,7 +94,7 @@ jobs: - name: Create Pull Request id: created-pr if: steps.pr.outputs.needed == 'true' - uses: peter-evans/create-pull-request@v6.1.0 + uses: peter-evans/create-pull-request@v7.0.5 with: token: ${{ secrets.PAT }} title: "Bump pre-commit hook for ${{ steps.pr.outputs.hook-name }} from ${{ steps.update.outputs.vers-bump-str }}" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d5d8a13e9..ccffd40b9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout Repo - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.0 - name: Get packages uses: actions/download-artifact@v4.1.8