From 32d79521d4350b9eba753eb94c6f618fd9531a6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 15:25:02 +0000 Subject: [PATCH 1/2] :arrow_up: Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependabot.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/mypy.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6cd8d60..5ec435d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: # Checkout with full history for to allow compare with base branch - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 - uses: actions/setup-python@v5 @@ -51,7 +51,7 @@ jobs: # name: Build Documentation # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@v4 + # - uses: actions/checkout@v5 # - uses: actions/setup-python@v5 # with: # python-version: ${{ env.python_version}} @@ -93,7 +93,7 @@ jobs: name: Report licences in use (SPDX) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: ${{ env.python_version}} @@ -148,7 +148,7 @@ jobs: python -m pip install --upgrade pip python -m pip install detect-secrets==1.0.3 python -m pip list - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # FIXME gitleaks requires now a licence @@ -193,7 +193,7 @@ jobs: name: Build and test runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v5 with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2b6d5cc..5bf071c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fc835fc..ed0cedb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml index 3b1e2bb..0c58868 100644 --- a/.github/workflows/dependabot.yml +++ b/.github/workflows/dependabot.yml @@ -11,7 +11,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: # Checkout with full history for to allow compare with base branch - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 - uses: actions/setup-python@v5 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 0d4a013..046e9c8 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -15,6 +15,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: 'Dependency Review' uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/mypy.yml b/.github/workflows/mypy.yml index aaf8ac4..58a0774 100644 --- a/.github/workflows/mypy.yml +++ b/.github/workflows/mypy.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Setup Python uses: actions/setup-python@v5 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7e00517..8965459 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: name: Carry out a release runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: ${{ env.python_version }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 29ff72d..488ac19 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v3.1.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v3.1.0 with: persist-credentials: false From 8f7b62bea949ebb5cb565f6ecbd4eee741a8b895 Mon Sep 17 00:00:00 2001 From: Monty Bot Date: Tue, 12 Aug 2025 15:25:31 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=93=B0=20Automatic=20changes=20?= =?UTF-8?q?=E2=9A=99=20Adding=20news=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- news/20250812152531.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/20250812152531.bugfix diff --git a/news/20250812152531.bugfix b/news/20250812152531.bugfix new file mode 100644 index 0000000..53aae94 --- /dev/null +++ b/news/20250812152531.bugfix @@ -0,0 +1 @@ +Dependency upgrade: checkout-5