From e2c45a07959aacad983bd166159f044fd440cc67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Sep 2025 20:58:46 +0000 Subject: [PATCH 1/2] Bump the actions group with 6 updates Bumps the actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `5` | | [actions/setup-python](https://github.com/actions/setup-python) | `4` | `6` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.16` | `3.30.5` | | [mongodb-labs/drivers-github-tools](https://github.com/mongodb-labs/drivers-github-tools) | `2` | `3` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `6.6.1` | `6.7.0` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `a016d81e77496751b5c04eb1e8f00214bd396553` | `c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d` | Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/setup-python` from 4 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v6) Updates `github/codeql-action` from 3.28.16 to 3.30.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...3599b3baa15b485a2e49ef411a7a4bb2452e7f93) Updates `mongodb-labs/drivers-github-tools` from 2 to 3 - [Release notes](https://github.com/mongodb-labs/drivers-github-tools/releases) - [Commits](https://github.com/mongodb-labs/drivers-github-tools/compare/v2...v3) Updates `astral-sh/setup-uv` from 6.6.1 to 6.7.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/557e51de59eb14aaaba2ed9621916900a91d50c6...b75a909f75acd358c2196fb9a5f1299a9a8868a4) Updates `zizmorcore/zizmor-action` from a016d81e77496751b5c04eb1e8f00214bd396553 to c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/a016d81e77496751b5c04eb1e8f00214bd396553...c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 3.30.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: mongodb-labs/drivers-github-tools dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: astral-sh/setup-uv dependency-version: 6.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: zizmorcore/zizmor-action dependency-version: c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d dependency-type: direct:production dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/release-python.yml | 12 ++++++------ .github/workflows/test-python.yml | 8 ++++---- .github/workflows/zizmor.yml | 2 +- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1bbbbb2..95b97a8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,18 +45,18 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: ${{ inputs.ref }} persist-credentials: false - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v6 with: python-version: 3.x # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: languages: ${{ matrix.language }} build-mode: none @@ -72,6 +72,6 @@ jobs: pip install -e . - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index c5c3eb3..247c68a 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -40,17 +40,17 @@ jobs: outputs: version: ${{ steps.pre-publish.outputs.version }} steps: - - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 + - uses: mongodb-labs/drivers-github-tools/secure-checkout@v3 with: app_id: ${{ vars.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - - uses: mongodb-labs/drivers-github-tools/setup@v2 + - uses: mongodb-labs/drivers-github-tools/setup@v3 with: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - - uses: mongodb-labs/drivers-github-tools/python-labs/pre-publish@v2 + - uses: mongodb-labs/drivers-github-tools/python-labs/pre-publish@v3 id: pre-publish with: dry_run: ${{ env.DRY_RUN }} @@ -109,17 +109,17 @@ jobs: attestations: write security-events: write steps: - - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 + - uses: mongodb-labs/drivers-github-tools/secure-checkout@v3 with: app_id: ${{ vars.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - - uses: mongodb-labs/drivers-github-tools/setup@v2 + - uses: mongodb-labs/drivers-github-tools/setup@v3 with: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - - uses: mongodb-labs/drivers-github-tools/python-labs/post-publish@v2 + - uses: mongodb-labs/drivers-github-tools/python-labs/post-publish@v3 with: following_version: ${{ env.FOLLOWING_VERSION }} product_name: ${{ env.PRODUCT_NAME }} diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 67afd30..0ee9f79 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false fetch-depth: 0 - name: Install uv - uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 + uses: astral-sh/setup-uv@b75a909f75acd358c2196fb9a5f1299a9a8868a4 # v5 with: enable-cache: true python-version: ${{ matrix.python-version }} @@ -49,7 +49,7 @@ jobs: persist-credentials: false fetch-depth: 0 - name: Install uv - uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 + uses: astral-sh/setup-uv@b75a909f75acd358c2196fb9a5f1299a9a8868a4 # v5 with: enable-cache: true python-version: ${{ matrix.python-version }} @@ -70,13 +70,13 @@ jobs: persist-credentials: false fetch-depth: 0 - name: Install uv - uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 + uses: astral-sh/setup-uv@b75a909f75acd358c2196fb9a5f1299a9a8868a4 # v5 with: enable-cache: true python-version: ${{ env.MIN_PYTHON }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v3 - name: Install uv - uses: astral-sh/setup-uv@557e51de59eb14aaaba2ed9621916900a91d50c6 # v5 + uses: astral-sh/setup-uv@b75a909f75acd358c2196fb9a5f1299a9a8868a4 # v5 with: enable-cache: true python-version: ${{ env.MIN_PYTHON }} diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 6d8dbe1..2d025e0 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -18,4 +18,4 @@ jobs: with: persist-credentials: false - name: Run zizmor - uses: zizmorcore/zizmor-action@a016d81e77496751b5c04eb1e8f00214bd396553 + uses: zizmorcore/zizmor-action@c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d From 450bd89e7d3d2e7ece9cc2f8d83a4df495974ee4 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Mon, 29 Sep 2025 16:04:25 -0500 Subject: [PATCH 2/2] remove unused config --- .github/workflows/release-python.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index 247c68a..535f0ec 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -49,7 +49,6 @@ jobs: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} - artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - uses: mongodb-labs/drivers-github-tools/python-labs/pre-publish@v3 id: pre-publish with: @@ -118,7 +117,6 @@ jobs: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} - artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - uses: mongodb-labs/drivers-github-tools/python-labs/post-publish@v3 with: following_version: ${{ env.FOLLOWING_VERSION }}