From 085ed276624f5f01029a57fcdec1a78185fa615f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 01:08:04 +0000 Subject: [PATCH] Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [py-cov-action/python-coverage-comment-action](https://github.com/py-cov-action/python-coverage-comment-action) | `6494290850a5098c2836298dad8f11082b4ceaa9` | `14efb884fd6f322dca843a946ce2125a55c12e1d` | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `6` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.2.0` | `0.3.0` | Updates `py-cov-action/python-coverage-comment-action` from 6494290850a5098c2836298dad8f11082b4ceaa9 to 14efb884fd6f322dca843a946ce2125a55c12e1d - [Release notes](https://github.com/py-cov-action/python-coverage-comment-action/releases) - [Commits](https://github.com/py-cov-action/python-coverage-comment-action/compare/6494290850a5098c2836298dad8f11082b4ceaa9...14efb884fd6f322dca843a946ce2125a55c12e1d) Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) Updates `actions/download-artifact` from 4 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v6) Updates `zizmorcore/zizmor-action` from 0.2.0 to 0.3.0 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/e673c3917a1aef3c65c972347ed84ccd013ecda4...e639db99335bc9038abc0e066dfcd72e23d26fb4) --- updated-dependencies: - dependency-name: py-cov-action/python-coverage-comment-action dependency-version: 14efb884fd6f322dca843a946ce2125a55c12e1d dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/coverage.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 22 +++++++++++----------- .github/workflows/zizmor.yml | 4 ++-- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index ef889b2fb..7719e4f5b 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -27,7 +27,7 @@ jobs: # DO NOT run actions/checkout here, for security reasons # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ - name: Post comment - uses: py-cov-action/python-coverage-comment-action@6494290850a5098c2836298dad8f11082b4ceaa9 # v3 + uses: py-cov-action/python-coverage-comment-action@14efb884fd6f322dca843a946ce2125a55c12e1d # v3 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2bb6b84c9..b6d58addb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false - name: Set up Python diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8b3c6301d..ec0c0967d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -37,7 +37,7 @@ jobs: - 3306:3306 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -78,7 +78,7 @@ jobs: COVERAGE_FILE: ".coverage.mysql.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: coverage-mysql-${{ matrix.python-version }} path: .coverage.mysql.${{ matrix.python-version }}* @@ -133,7 +133,7 @@ jobs: --health-retries 5 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -178,7 +178,7 @@ jobs: COVERAGE_FILE: ".coverage.${{ matrix.database }}.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: coverage-${{ matrix.database }}-${{ matrix.python-version }} path: .coverage.${{ matrix.database }}.${{ matrix.python-version }}* @@ -193,7 +193,7 @@ jobs: python-version: ['3.10', '3.11', '3.12', '3.13', '3.14'] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -231,7 +231,7 @@ jobs: COVERAGE_FILE: ".coverage.sqlite.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: coverage-sqlite-${{ matrix.python-version }} path: .coverage.sqlite.${{ matrix.python-version }}* @@ -243,7 +243,7 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -286,12 +286,12 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: # Persist the credentials because coverage_comment needs them too. persist-credentials: true - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v6 id: download with: pattern: coverage-* @@ -299,13 +299,13 @@ jobs: - name: Coverage comment id: coverage_comment - uses: py-cov-action/python-coverage-comment-action@6494290850a5098c2836298dad8f11082b4ceaa9 # v3 + uses: py-cov-action/python-coverage-comment-action@14efb884fd6f322dca843a946ce2125a55c12e1d # v3 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} MERGE_COVERAGE_FILES: true - name: Store Pull Request comment to be posted - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true' with: name: python-coverage-comment-action diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 45c95ba02..7d597a5ee 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -18,9 +18,9 @@ jobs: actions: read # only needed for private repos steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - name: Run zizmor 🌈 - uses: zizmorcore/zizmor-action@e673c3917a1aef3c65c972347ed84ccd013ecda4 # v0.2.0 + uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0