Bump the github-actions group with 3 updates

dependabot[bot] · web-flow · commit 8a905b97007f · 2025-11-01T09:01:32.000Z
Bumps the github-actions group with 3 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/download-artifact](https://github.com/actions/download-artifact) and [globus/workflows](https://github.com/globus/workflows). Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...330a01c) Updates `actions/download-artifact` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@634f93c...018cc2c) Updates `globus/workflows` from 1.2 to 1.3 - [Release notes](https://github.com/globus/workflows/releases) - [Changelog](https://github.com/globus/workflows/blob/main/CHANGELOG.md) - [Commits](globus/workflows@f41714f...d370cf8) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: globus/workflows dependency-version: '1.3' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/publish_to_pypi.yaml b/.github/workflows/publish_to_pypi.yaml
@@ -19,7 +19,7 @@ jobs:
       - name: Build Dists
         run: python -m build .
 
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: packages
           path: dist/*
@@ -32,7 +32,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+      - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: packages
           path: dist
diff --git a/.github/workflows/publish_to_test_pypi.yaml b/.github/workflows/publish_to_test_pypi.yaml
@@ -22,7 +22,7 @@ jobs:
       - name: Build Dists
         run: python -m build .
 
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: packages
           path: dist/*
@@ -35,7 +35,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+      - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: packages
           path: dist
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -63,6 +63,6 @@ jobs:
             cache-key-hash-files:
               - "pyproject.toml"
 
-    uses: "globus/workflows/.github/workflows/tox.yaml@f41714f6a8b102569807b348fce50960f9617df8" # v1.2
+    uses: "globus/workflows/.github/workflows/tox.yaml@d370cf87e31ead9ba566b6fa07f05f63918a9149" # v1.3
     with:
       config: "${{ toJSON(matrix) }}"
