Skip to content

Commit f0ac004

Browse files
dependabot[bot]dependabot[bot]
authored
Bump the actions group in /.github/workflows with 6 updates
Bumps the actions group in /.github/workflows with 6 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.13.1` | `2.13.2` | | [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.0.0` | `6.1.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.0` | `4.8.2` | | [coverallsapp/github-action](https://github.com/coverallsapp/github-action) | `2.3.6` | `2.3.7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` | Updates `step-security/harden-runner` from 2.13.1 to 2.13.2 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@f4a75cf...95d9a5d) Updates `actions/checkout` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08c6903...1af3b93) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@e797f83...83679a8) Updates `actions/dependency-review-action` from 4.8.0 to 4.8.2 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@56339e5...3c4e3dc) Updates `coverallsapp/github-action` from 2.3.6 to 2.3.7 - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Commits](coverallsapp/github-action@648a8eb...5cbfd81) Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...330a01c) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/dependency-review-action dependency-version: 4.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: coverallsapp/github-action dependency-version: 2.3.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent bbce232 commit f0ac004

File tree

12 files changed

+38
-38
lines changed

12 files changed

+38
-38
lines changed

.github/workflows/bump-version.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ jobs:
5050
python-version: [ "3.13" ]
5151
steps:
5252
- name: Harden Runner
53-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
53+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
5454
with:
5555
disable-sudo: true
5656
egress-policy: block
@@ -60,13 +60,13 @@ jobs:
6060
pypi.org:443
6161
6262
- name: Checkout Repository (no persist-credentials)
63-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
63+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
6464
with:
6565
persist-credentials: false
6666
fetch-depth: 0
6767

6868
- name: Set up Python3
69-
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
69+
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
7070
with:
7171
python-version: ${{ matrix.python-version }}
7272

.github/workflows/cache-cleaner.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
actions: write
1717
steps:
1818
- name: Harden Runner
19-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
19+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2020
with:
2121
disable-sudo: true
2222
egress-policy: block
@@ -27,7 +27,7 @@ jobs:
2727
release-assets.githubusercontent.com:443
2828
2929
- name: Checkout Repository
30-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
30+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
3131
with:
3232
persist-credentials: false
3333

.github/workflows/codeql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -53,13 +53,13 @@ jobs:
5353
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
5454
steps:
5555
- name: Harden Runner
56-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
56+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
5757
with:
5858
disable-sudo: true
5959
egress-policy: audit
6060

6161
- name: Checkout Repository
62-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
62+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
6363
with:
6464
persist-credentials: false
6565

.github/workflows/dependency-review.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
20+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2121
with:
2222
disable-sudo: true
2323
egress-policy: block
@@ -28,9 +28,9 @@ jobs:
2828
github.com:443
2929
3030
- name: Checkout Repository
31-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
31+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
3232
with:
3333
persist-credentials: false
3434

3535
- name: Dependency Review
36-
uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0
36+
uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2

.github/workflows/first-pull-request.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
pull-requests: write
1717
steps:
1818
- name: Harden Runner
19-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
19+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2020
with:
2121
disable-sudo: true
2222
egress-policy: block

.github/workflows/label.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323
pull-requests: write
2424
steps:
2525
- name: Harden Runner
26-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
26+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2727
with:
2828
disable-sudo: true
2929
egress-policy: block

.github/workflows/main.yml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
python-version: [ "3.13" ]
2626
steps:
2727
- name: Harden Runner
28-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
28+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2929
with:
3030
disable-sudo: true
3131
egress-policy: block
@@ -34,11 +34,11 @@ jobs:
3434
github.com:443
3535
pypi.org:443
3636
- name: Checkout Repository
37-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
37+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
3838
with:
3939
persist-credentials: false
4040
- name: Set up Python${{ matrix.python-version }}
41-
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
41+
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
4242
with:
4343
python-version: ${{ matrix.python-version }}
4444
cache: pip
@@ -69,16 +69,16 @@ jobs:
6969
python-version: '3.10'
7070
steps:
7171
- name: Harden Runner
72-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
72+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
7373
with:
7474
disable-sudo: false
7575
egress-policy: audit
7676
- name: Checkout Repository
77-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
77+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
7878
with:
7979
persist-credentials: false
8080
- name: Set up Python${{ matrix.python-version }}
81-
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
81+
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
8282
with:
8383
python-version: ${{ matrix.python-version }}
8484
cache: pip
@@ -129,7 +129,7 @@ jobs:
129129
UPSTREAM_BRANCH: ${{ matrix.upstream-branch }}
130130

131131
- name: Report Coverage
132-
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
132+
uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7
133133
with:
134134
flag-name: run-${{ matrix.python-version }}-${{ matrix.os }}-pypi
135135
parallel: true
@@ -149,12 +149,12 @@ jobs:
149149
shell: bash -l {0}
150150
steps:
151151
- name: Harden Runner
152-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
152+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
153153
with:
154154
disable-sudo: true
155155
egress-policy: audit
156156
- name: Checkout Repository
157-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
157+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
158158
with:
159159
persist-credentials: false
160160
- name: Patch Environment File
@@ -200,7 +200,7 @@ jobs:
200200
run: |
201201
python -m pytest --numprocesses=logical --cov=src/ravenpy --cov-report=lcov
202202
- name: Report Coverage
203-
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
203+
uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7
204204
with:
205205
flag-name: run-${{ matrix.python-version }}-${{ matrix.os }}-conda
206206
parallel: true
@@ -213,11 +213,11 @@ jobs:
213213
runs-on: ubuntu-latest
214214
steps:
215215
- name: Harden Runner
216-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
216+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
217217
with:
218218
disable-sudo: true
219219
egress-policy: audit
220220
- name: Coveralls Finished
221-
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
221+
uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7
222222
with:
223223
parallel-finished: true

.github/workflows/publish-pypi.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
python-version: [ "3.13" ]
2222
steps:
2323
- name: Harden Runner
24-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
24+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2525
with:
2626
disable-sudo: true
2727
egress-policy: block
@@ -34,12 +34,12 @@ jobs:
3434
upload.pypi.org:443
3535
3636
- name: Checkout Repository
37-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
37+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
3838
with:
3939
persist-credentials: false
4040

4141
- name: Set up Python${{ matrix.python-version }}
42-
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
42+
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
4343
with:
4444
python-version: ${{ matrix.python-version }}
4545

.github/workflows/scorecard.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
id-token: write
3131
steps:
3232
- name: Harden Runner
33-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
33+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
3434
with:
3535
disable-sudo: true
3636
egress-policy: block
@@ -48,7 +48,7 @@ jobs:
4848
www.bestpractices.dev:443
4949
5050
- name: Checkout Repository
51-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
51+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
5252
with:
5353
persist-credentials: false
5454

@@ -73,7 +73,7 @@ jobs:
7373
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
7474
# format to the repository Actions tab.
7575
- name: Upload Artifact
76-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
76+
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
7777
with:
7878
name: SARIF file
7979
path: results.sarif

.github/workflows/tag-testpypi.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,12 @@ jobs:
1717
contents: write
1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
20+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
2121
with:
2222
egress-policy: audit
2323

2424
- name: Checkout Repository
25-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
25+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
2626
with:
2727
persist-credentials: false
2828

@@ -49,7 +49,7 @@ jobs:
4949
python-version: [ "3.13" ]
5050
steps:
5151
- name: Harden Runner
52-
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
52+
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
5353
with:
5454
disable-sudo: true
5555
egress-policy: block
@@ -62,12 +62,12 @@ jobs:
6262
test.pypi.org:443
6363
6464
- name: Checkout Repository
65-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
65+
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
6666
with:
6767
persist-credentials: false
6868

6969
- name: Set up Python${{ matrix.python-version }}
70-
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
70+
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
7171
with:
7272
python-version: ${{ matrix.python-version }}
7373

0 commit comments

Comments
 (0)