From 31f353c779a64e52d2cb41aadc1dfeb1200f7b47 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Sun, 2 Nov 2025 11:12:00 +0100 Subject: [PATCH 1/2] From 5efdfbeddb62a925fa7b764eced1cd793da3a399 Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Fri, 12 Sep 2025 10:37:19 +0200 Subject: [PATCH 2/2] Keep GitHub Actions up to date with GitHub's Dependabot * [Keeping your software supply chain secure with Dependabot](https://docs.github.com/en/code-security/dependabot) * [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) * [Configuration options for the `dependabot.yml` file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) --- .ci/build-wheels.sh | 2 +- .ci/build_wheels_osx.sh | 2 +- .github/dependabot.yml | 13 +++++++++++++ .github/workflows/pythonapp.yml | 4 ++-- 4 files changed, 17 insertions(+), 4 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.ci/build-wheels.sh b/.ci/build-wheels.sh index e999bc9..094608b 100755 --- a/.ci/build-wheels.sh +++ b/.ci/build-wheels.sh @@ -57,7 +57,7 @@ make install; make distclean; cd ~/ffmpeg_sources; -curl -kLO "https://cfhcable.dl.sourceforge.net/project/lame/lame/$LAME_VERSION/lame-$LAME_VERSION.tar.gz" +curl -kLO "https://downloads.sourceforge.net/project/lame/lame/$LAME_VERSION/lame-$LAME_VERSION.tar.gz" tar xzf "lame-$LAME_VERSION.tar.gz" cd "lame-$LAME_VERSION" ./configure --prefix="$BUILD_DIR" --enable-nasm --enable-shared; diff --git a/.ci/build_wheels_osx.sh b/.ci/build_wheels_osx.sh index 83bd15e..fddf813 100644 --- a/.ci/build_wheels_osx.sh +++ b/.ci/build_wheels_osx.sh @@ -127,7 +127,7 @@ if [ "$ARCH" = "x86_64" ]; then arg=("--enable-nasm") fi cd "$SRC_PATH"; -curl -kLO "https://cfhcable.dl.sourceforge.net/project/lame/lame/$LAME_VERSION/lame-$LAME_VERSION.tar.gz" +curl -kLO "https://downloads.sourceforge.net/project/lame/lame/$LAME_VERSION/lame-$LAME_VERSION.tar.gz" tar xzf "lame-$LAME_VERSION.tar.gz" cd "lame-$LAME_VERSION" git apply "$base_dir/.ci/libmp3lame-symbols.patch" diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..be006de --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +# Keep GitHub Actions up to date with GitHub's Dependabot... +# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot +# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + groups: + github-actions: + patterns: + - "*" # Group all Actions updates into a single larger pull request + schedule: + interval: weekly diff --git a/.github/workflows/pythonapp.yml b/.github/workflows/pythonapp.yml index e9b659b..89b89e7 100644 --- a/.github/workflows/pythonapp.yml +++ b/.github/workflows/pythonapp.yml @@ -170,10 +170,10 @@ jobs: needs: linux_wheels steps: - uses: actions/checkout@v4.2.2 - - name: Set up Python 3.x + - name: Set up Python 3.13 uses: actions/setup-python@v5.4.0 with: - python-version: 3.x + python-version: 3.13 # 3.14 fails! - uses: actions/download-artifact@v4.2.1 with: pattern: py_wheel-*