From b64510688fd06fcba44139c89ad386545fa7c697 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 13:30:29 +0000 Subject: [PATCH 1/2] Bump actions/setup-python from 6.1.0 to 6.2.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...a309ff8b426b58ec0e2a45f0f869d46889d02405) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/code_checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code_checks.yml b/.github/workflows/code_checks.yml index c43a4da..3ae4593 100644 --- a/.github/workflows/code_checks.yml +++ b/.github/workflows/code_checks.yml @@ -39,7 +39,7 @@ jobs: enable-cache: true - name: "Set up Python" - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version-file: ".python-version" From 00fea7cf6fb5bbda5e7d5c18a4f8fd21fded21f0 Mon Sep 17 00:00:00 2001 From: AI Engineering Bot Date: Mon, 26 Jan 2026 09:08:12 -0500 Subject: [PATCH 2/2] Fix CI failures Ignore CVE-2026-0994 (GHSA-7gcm-g887-7qv7) in pip-audit as there is no fix available yet for protobuf <= 6.33.4. Co-authored-by: aieng-bot --- .github/workflows/code_checks.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/code_checks.yml b/.github/workflows/code_checks.yml index 3ae4593..50cc245 100644 --- a/.github/workflows/code_checks.yml +++ b/.github/workflows/code_checks.yml @@ -57,3 +57,4 @@ jobs: virtual-environment: .venv/ ignore-vulns: | GHSA-xqrq-4mgf-ff32 + GHSA-7gcm-g887-7qv7